From 53baea7beaf84649ebcd9aa97a779ae5d74b485d Mon Sep 17 00:00:00 2001 From: aws-sdk-go-automation <43143561+aws-sdk-go-automation@users.noreply.github.com> Date: Fri, 8 May 2020 11:23:50 -0700 Subject: [PATCH] Release v1.30.24 (2020-05-08) (#3309) Release v1.30.24 (2020-05-08) === ### Service Client Updates * `service/guardduty`: Updates service documentation * Documentation updates for GuardDuty * `service/resourcegroupstaggingapi`: Updates service documentation * Documentation updates for resourcegroupstaggingapi * `service/sagemaker`: Updates service API and documentation * This release adds a new parameter (EnableInterContainerTrafficEncryption) to CreateProcessingJob API to allow for enabling inter-container traffic encryption on processing jobs. ### SDK Bugs * `service/dynamodb/dynamodbattribute`: Simplified decode logic to decode AttributeValue as it is defined ([#3308](https://github.com/aws/aws-sdk-go/pull/3308)) --- CHANGELOG.md | 14 ++ CHANGELOG_PENDING.md | 1 - aws/endpoints/defaults.go | 7 + aws/version.go | 2 +- models/apis/guardduty/2017-11-28/docs-2.json | 26 ++-- .../2017-01-26/docs-2.json | 12 +- models/apis/sagemaker/2017-07-24/api-2.json | 3 +- models/apis/sagemaker/2017-07-24/docs-2.json | 35 ++--- models/endpoints/endpoints.json | 7 + service/guardduty/api.go | 33 +++-- service/resourcegroupstaggingapi/api.go | 22 ++- service/resourcegroupstaggingapi/doc.go | 6 + service/sagemaker/api.go | 131 +++++++++--------- 13 files changed, 166 insertions(+), 133 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ddd1248fab..c6196dab99 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,17 @@ +Release v1.30.24 (2020-05-08) +=== + +### Service Client Updates +* `service/guardduty`: Updates service documentation + * Documentation updates for GuardDuty +* `service/resourcegroupstaggingapi`: Updates service documentation + * Documentation updates for resourcegroupstaggingapi +* `service/sagemaker`: Updates service API and documentation + * This release adds a new parameter (EnableInterContainerTrafficEncryption) to CreateProcessingJob API to allow for enabling inter-container traffic encryption on processing jobs. + +### SDK Bugs +* `service/dynamodb/dynamodbattribute`: Simplified decode logic to decode AttributeValue as it is defined ([#3308](https://github.com/aws/aws-sdk-go/pull/3308)) + Release v1.30.23 (2020-05-07) === diff --git a/CHANGELOG_PENDING.md b/CHANGELOG_PENDING.md index 0025249564..8a1927a39c 100644 --- a/CHANGELOG_PENDING.md +++ b/CHANGELOG_PENDING.md @@ -3,4 +3,3 @@ ### SDK Enhancements ### SDK Bugs -* `service/dynamodb/dynamodbattribute`: Simplified decode logic to decode AttributeValue as it is defined ([#3308](https://github.com/aws/aws-sdk-go/pull/3308)) diff --git a/aws/endpoints/defaults.go b/aws/endpoints/defaults.go index 509403904d..9604f9438e 100644 --- a/aws/endpoints/defaults.go +++ b/aws/endpoints/defaults.go @@ -855,6 +855,7 @@ var awsPartition = partition{ "cloud9": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -865,8 +866,12 @@ var awsPartition = partition{ "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, + "us-west-1": endpoint{}, "us-west-2": endpoint{}, }, }, @@ -5289,6 +5294,7 @@ var awsPartition = partition{ "storagegateway": service{ Endpoints: endpoints{ + "af-south-1": endpoint{}, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -5298,6 +5304,7 @@ var awsPartition = partition{ "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, + "eu-south-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, diff --git a/aws/version.go b/aws/version.go index e87e17fb12..1e14f4ac2c 100644 --- a/aws/version.go +++ b/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.30.23" +const SDKVersion = "1.30.24" diff --git a/models/apis/guardduty/2017-11-28/docs-2.json b/models/apis/guardduty/2017-11-28/docs-2.json index ad7e3b02ce..c2454f6db7 100644 --- a/models/apis/guardduty/2017-11-28/docs-2.json +++ b/models/apis/guardduty/2017-11-28/docs-2.json @@ -21,10 +21,10 @@ "DeleteThreatIntelSet": "
Deletes the ThreatIntelSet specified by the ThreatIntelSet ID.
", "DescribeOrganizationConfiguration": "Returns information about the account selected as the delegated administrator for GuardDuty.
", "DescribePublishingDestination": "Returns information about the publishing destination specified by the provided destinationId
.
Disables GuardDuty administrator permissions for an AWS account within the Organization.
", + "DisableOrganizationAdminAccount": "Disables an AWS account within the Organization as the GuardDuty delegated administrator.
", "DisassociateFromMasterAccount": "Disassociates the current GuardDuty member account from its master account.
", "DisassociateMembers": "Disassociates GuardDuty member accounts (to the current GuardDuty master account) specified by the account IDs.
", - "EnableOrganizationAdminAccount": "Enables GuardDuty administrator permissions for an AWS account within the organization.
", + "EnableOrganizationAdminAccount": "Enables an AWS account within the organization as the GuardDuty delegated administrator.
", "GetDetector": "Retrieves an Amazon GuardDuty detector specified by the detectorId.
", "GetFilter": "Returns the details of the filter specified by the filter name.
", "GetFindings": "Describes Amazon GuardDuty findings specified by finding IDs.
", @@ -41,7 +41,7 @@ "ListIPSets": "Lists the IPSets of the GuardDuty service specified by the detector ID. If you use this operation from a member account, the IPSets returned are the IPSets from the associated master account.
", "ListInvitations": "Lists all GuardDuty membership invitations that were sent to the current AWS account.
", "ListMembers": "Lists details about associated member accounts for the current GuardDuty master account.
", - "ListOrganizationAdminAccounts": "Lists the accounts configured as AWS Organization delegated administrators.
", + "ListOrganizationAdminAccounts": "Lists the accounts configured as GuardDuty delegated administrators.
", "ListPublishingDestinations": "Returns a list of publishing destinations associated with the specified dectectorId
.
Lists tags for a resource. Tagging is currently supported for detectors, finding filters, IP sets, and threat intel sets, with a limit of 50 tags per resource. When invoked, this operation returns all assigned tags for a given resource.
", "ListThreatIntelSets": "Lists the ThreatIntelSets of the GuardDuty service specified by the detector ID. If you use this operation from a member account, the ThreatIntelSets associated with the master account are returned.
", @@ -617,10 +617,10 @@ "FindingCriteria": { "base": "Contains information about the criteria used for querying findings.
", "refs": { - "CreateFilterRequest$FindingCriteria": "Represents the criteria to be used in the filter for querying findings.
You can only use the following attributes to query findings:
accountId
region
confidence
id
resource.accessKeyDetails.accessKeyId
resource.accessKeyDetails.principalId
resource.accessKeyDetails.userName
resource.accessKeyDetails.userType
resource.instanceDetails.iamInstanceProfile.id
resource.instanceDetails.imageId
resource.instanceDetails.instanceId
resource.instanceDetails.outpostArn
resource.instanceDetails.networkInterfaces.ipv6Addresses
resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
resource.instanceDetails.networkInterfaces.publicDnsName
resource.instanceDetails.networkInterfaces.publicIp
resource.instanceDetails.networkInterfaces.securityGroups.groupId
resource.instanceDetails.networkInterfaces.securityGroups.groupName
resource.instanceDetails.networkInterfaces.subnetId
resource.instanceDetails.networkInterfaces.vpcId
resource.instanceDetails.tags.key
resource.instanceDetails.tags.value
resource.resourceType
service.action.actionType
service.action.awsApiCallAction.api
service.action.awsApiCallAction.callerType
service.action.awsApiCallAction.remoteIpDetails.city.cityName
service.action.awsApiCallAction.remoteIpDetails.country.countryName
service.action.awsApiCallAction.remoteIpDetails.ipAddressV4
service.action.awsApiCallAction.remoteIpDetails.organization.asn
service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg
service.action.awsApiCallAction.serviceName
service.action.dnsRequestAction.domain
service.action.networkConnectionAction.blocked
service.action.networkConnectionAction.connectionDirection
service.action.networkConnectionAction.localPortDetails.port
service.action.networkConnectionAction.protocol
service.action.networkConnectionAction.remoteIpDetails.city.cityName
service.action.networkConnectionAction.remoteIpDetails.country.countryName
service.action.networkConnectionAction.remoteIpDetails.ipAddressV4
service.action.networkConnectionAction.remoteIpDetails.organization.asn
service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg
service.action.networkConnectionAction.remotePortDetails.port
service.additionalInfo.threatListName
service.archived
When this attribute is set to TRUE, only archived findings are listed. When it's set to FALSE, only unarchived findings are listed. When this attribute is not set, all existing findings are listed.
service.resourceRole
severity
type
updatedAt
Type: ISO 8601 string format: YYYY-MM-DDTHH:MM:SS.SSSZ or YYYY-MM-DDTHH:MM:SSZ depending on whether the value contains milliseconds.
Represents the criteria to be used in the filter for querying findings.
You can only use the following attributes to query findings:
accountId
region
confidence
id
resource.accessKeyDetails.accessKeyId
resource.accessKeyDetails.principalId
resource.accessKeyDetails.userName
resource.accessKeyDetails.userType
resource.instanceDetails.iamInstanceProfile.id
resource.instanceDetails.imageId
resource.instanceDetails.instanceId
resource.instanceDetails.outpostArn
resource.instanceDetails.networkInterfaces.ipv6Addresses
resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
resource.instanceDetails.networkInterfaces.publicDnsName
resource.instanceDetails.networkInterfaces.publicIp
resource.instanceDetails.networkInterfaces.securityGroups.groupId
resource.instanceDetails.networkInterfaces.securityGroups.groupName
resource.instanceDetails.networkInterfaces.subnetId
resource.instanceDetails.networkInterfaces.vpcId
resource.instanceDetails.tags.key
resource.instanceDetails.tags.value
resource.resourceType
service.action.actionType
service.action.awsApiCallAction.api
service.action.awsApiCallAction.callerType
service.action.awsApiCallAction.remoteIpDetails.city.cityName
service.action.awsApiCallAction.remoteIpDetails.country.countryName
service.action.awsApiCallAction.remoteIpDetails.ipAddressV4
service.action.awsApiCallAction.remoteIpDetails.organization.asn
service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg
service.action.awsApiCallAction.serviceName
service.action.dnsRequestAction.domain
service.action.networkConnectionAction.blocked
service.action.networkConnectionAction.connectionDirection
service.action.networkConnectionAction.localPortDetails.port
service.action.networkConnectionAction.protocol
service.action.networkConnectionAction.localIpDetails.ipAddressV4
service.action.networkConnectionAction.remoteIpDetails.city.cityName
service.action.networkConnectionAction.remoteIpDetails.country.countryName
service.action.networkConnectionAction.remoteIpDetails.ipAddressV4
service.action.networkConnectionAction.remoteIpDetails.organization.asn
service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg
service.action.networkConnectionAction.remotePortDetails.port
service.additionalInfo.threatListName
service.archived
When this attribute is set to TRUE, only archived findings are listed. When it's set to FALSE, only unarchived findings are listed. When this attribute is not set, all existing findings are listed.
service.resourceRole
severity
type
updatedAt
Type: ISO 8601 string format: YYYY-MM-DDTHH:MM:SS.SSSZ or YYYY-MM-DDTHH:MM:SSZ depending on whether the value contains milliseconds.
Represents the criteria to be used in the filter for querying findings.
", "GetFindingsStatisticsRequest$FindingCriteria": "Represents the criteria that is used for querying findings.
", - "ListFindingsRequest$FindingCriteria": "Represents the criteria used for querying findings. Valid values include:
JSON field name
accountId
region
confidence
id
resource.accessKeyDetails.accessKeyId
resource.accessKeyDetails.principalId
resource.accessKeyDetails.userName
resource.accessKeyDetails.userType
resource.instanceDetails.iamInstanceProfile.id
resource.instanceDetails.imageId
resource.instanceDetails.instanceId
resource.instanceDetails.networkInterfaces.ipv6Addresses
resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
resource.instanceDetails.networkInterfaces.publicDnsName
resource.instanceDetails.networkInterfaces.publicIp
resource.instanceDetails.networkInterfaces.securityGroups.groupId
resource.instanceDetails.networkInterfaces.securityGroups.groupName
resource.instanceDetails.networkInterfaces.subnetId
resource.instanceDetails.networkInterfaces.vpcId
resource.instanceDetails.tags.key
resource.instanceDetails.tags.value
resource.resourceType
service.action.actionType
service.action.awsApiCallAction.api
service.action.awsApiCallAction.callerType
service.action.awsApiCallAction.remoteIpDetails.city.cityName
service.action.awsApiCallAction.remoteIpDetails.country.countryName
service.action.awsApiCallAction.remoteIpDetails.ipAddressV4
service.action.awsApiCallAction.remoteIpDetails.organization.asn
service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg
service.action.awsApiCallAction.serviceName
service.action.dnsRequestAction.domain
service.action.networkConnectionAction.blocked
service.action.networkConnectionAction.connectionDirection
service.action.networkConnectionAction.localPortDetails.port
service.action.networkConnectionAction.protocol
service.action.networkConnectionAction.remoteIpDetails.city.cityName
service.action.networkConnectionAction.remoteIpDetails.country.countryName
service.action.networkConnectionAction.remoteIpDetails.ipAddressV4
service.action.networkConnectionAction.remoteIpDetails.organization.asn
service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg
service.action.networkConnectionAction.remotePortDetails.port
service.additionalInfo.threatListName
service.archived
When this attribute is set to 'true', only archived findings are listed. When it's set to 'false', only unarchived findings are listed. When this attribute is not set, all existing findings are listed.
service.resourceRole
severity
type
updatedAt
Type: Timestamp in Unix Epoch millisecond format: 1486685375000
Represents the criteria used for querying findings. Valid values include:
JSON field name
accountId
region
confidence
id
resource.accessKeyDetails.accessKeyId
resource.accessKeyDetails.principalId
resource.accessKeyDetails.userName
resource.accessKeyDetails.userType
resource.instanceDetails.iamInstanceProfile.id
resource.instanceDetails.imageId
resource.instanceDetails.instanceId
resource.instanceDetails.outpostArn
resource.instanceDetails.networkInterfaces.ipv6Addresses
resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
resource.instanceDetails.networkInterfaces.publicDnsName
resource.instanceDetails.networkInterfaces.publicIp
resource.instanceDetails.networkInterfaces.securityGroups.groupId
resource.instanceDetails.networkInterfaces.securityGroups.groupName
resource.instanceDetails.networkInterfaces.subnetId
resource.instanceDetails.networkInterfaces.vpcId
resource.instanceDetails.tags.key
resource.instanceDetails.tags.value
resource.resourceType
service.action.actionType
service.action.awsApiCallAction.api
service.action.awsApiCallAction.callerType
service.action.awsApiCallAction.remoteIpDetails.city.cityName
service.action.awsApiCallAction.remoteIpDetails.country.countryName
service.action.awsApiCallAction.remoteIpDetails.ipAddressV4
service.action.awsApiCallAction.remoteIpDetails.organization.asn
service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg
service.action.awsApiCallAction.serviceName
service.action.dnsRequestAction.domain
service.action.networkConnectionAction.blocked
service.action.networkConnectionAction.connectionDirection
service.action.networkConnectionAction.localPortDetails.port
service.action.networkConnectionAction.protocol
service.action.networkConnectionAction.localIpDetails.ipAddressV4
service.action.networkConnectionAction.remoteIpDetails.city.cityName
service.action.networkConnectionAction.remoteIpDetails.country.countryName
service.action.networkConnectionAction.remoteIpDetails.ipAddressV4
service.action.networkConnectionAction.remoteIpDetails.organization.asn
service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg
service.action.networkConnectionAction.remotePortDetails.port
service.additionalInfo.threatListName
service.archived
When this attribute is set to 'true', only archived findings are listed. When it's set to 'false', only unarchived findings are listed. When this attribute is not set, all existing findings are listed.
service.resourceRole
severity
type
updatedAt
Type: Timestamp in Unix Epoch millisecond format: 1486685375000
Represents the criteria to be used in the filter for querying findings.
" } }, @@ -984,12 +984,12 @@ "Location": { "base": null, "refs": { - "CreateIPSetRequest$Location": "The URI of the file that contains the IPSet. For example: https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
", - "CreateThreatIntelSetRequest$Location": "The URI of the file that contains the ThreatIntelSet. For example: https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
", - "GetIPSetResponse$Location": "The URI of the file that contains the IPSet. For example: https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
", - "GetThreatIntelSetResponse$Location": "The URI of the file that contains the ThreatIntelSet. For example: https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
", - "UpdateIPSetRequest$Location": "The updated URI of the file that contains the IPSet. For example: https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
", - "UpdateThreatIntelSetRequest$Location": "The updated URI of the file that contains the ThreateIntelSet. For example: https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
" + "CreateIPSetRequest$Location": "The URI of the file that contains the IPSet. For example: .
", + "CreateThreatIntelSetRequest$Location": "The URI of the file that contains the ThreatIntelSet. For example: .
", + "GetIPSetResponse$Location": "The URI of the file that contains the IPSet. For example: .
", + "GetThreatIntelSetResponse$Location": "The URI of the file that contains the ThreatIntelSet. For example: .
", + "UpdateIPSetRequest$Location": "The updated URI of the file that contains the IPSet. For example: .
", + "UpdateThreatIntelSetRequest$Location": "The updated URI of the file that contains the ThreateIntelSet. For example: .
" } }, "Long": { @@ -1235,10 +1235,10 @@ "Destination$DestinationId": "The unique ID of the publishing destination.
", "DestinationProperties$DestinationArn": "The ARN of the resource to publish to.
", "DestinationProperties$KmsKeyArn": "The ARN of the KMS key to use for encryption.
", - "DisableOrganizationAdminAccountRequest$AdminAccountId": "The AWS Account ID for the Organizations account to be disabled as a GuardDuty delegated administrator.
", + "DisableOrganizationAdminAccountRequest$AdminAccountId": "The AWS Account ID for the organizations account to be disabled as a GuardDuty delegated administrator.
", "DnsRequestAction$Domain": "The domain information for the API request.
", "DomainDetails$Domain": "The domain information for the AWS API call.
", - "EnableOrganizationAdminAccountRequest$AdminAccountId": "The AWS Account ID for the Organizations account to be enabled as a GuardDuty delegated administrator.
", + "EnableOrganizationAdminAccountRequest$AdminAccountId": "The AWS Account ID for the organization account to be enabled as a GuardDuty delegated administrator.
", "Eq$member": null, "Equals$member": null, "Finding$AccountId": "The ID of the account in which the finding was generated.
", diff --git a/models/apis/resourcegroupstaggingapi/2017-01-26/docs-2.json b/models/apis/resourcegroupstaggingapi/2017-01-26/docs-2.json index b56afb8117..f76e0a40e1 100644 --- a/models/apis/resourcegroupstaggingapi/2017-01-26/docs-2.json +++ b/models/apis/resourcegroupstaggingapi/2017-01-26/docs-2.json @@ -1,6 +1,6 @@ { "version": "2.0", - "service": "This guide describes the API operations for the resource groups tagging.
A tag is a label that you assign to an AWS resource. A tag consists of a key and a value, both of which you define. For example, if you have two Amazon EC2 instances, you might assign both a tag key of \"Stack.\" But the value of \"Stack\" might be \"Testing\" for one and \"Production\" for the other.
Tagging can help you organize your resources and enables you to simplify resource management, access management and cost allocation.
You can use the resource groups tagging API operations to complete the following tasks:
Tag and untag supported resources located in the specified Region for the AWS account.
Use tag-based filters to search for resources located in the specified Region for the AWS account.
List all existing tag keys in the specified Region for the AWS account.
List all existing values for the specified key in the specified Region for the AWS account.
To use resource groups tagging API operations, you must add the following permissions to your IAM policy:
tag:GetResources
tag:TagResources
tag:UntagResources
tag:GetTagKeys
tag:GetTagValues
You'll also need permissions to access the resources of individual services so that you can tag and untag those resources.
For more information on IAM policies, see Managing IAM Policies in the IAM User Guide.
You can use the Resource Groups Tagging API to tag resources for the following AWS services.
Alexa for Business (a4b)
API Gateway
Amazon AppStream
AWS AppSync
AWS App Mesh
Amazon Athena
Amazon Aurora
AWS Backup
AWS Certificate Manager
AWS Certificate Manager Private CA
Amazon Cloud Directory
AWS CloudFormation
Amazon CloudFront
AWS CloudHSM
AWS CloudTrail
Amazon CloudWatch (alarms only)
Amazon CloudWatch Events
Amazon CloudWatch Logs
AWS CodeBuild
AWS CodeCommit
AWS CodePipeline
AWS CodeStar
Amazon Cognito Identity
Amazon Cognito User Pools
Amazon Comprehend
AWS Config
AWS Data Exchange
AWS Data Pipeline
AWS Database Migration Service
AWS DataSync
AWS Device Farm
AWS Direct Connect
AWS Directory Service
Amazon DynamoDB
Amazon EBS
Amazon EC2
Amazon ECR
Amazon ECS
Amazon EKS
AWS Elastic Beanstalk
Amazon Elastic File System
Elastic Load Balancing
Amazon ElastiCache
Amazon Elasticsearch Service
AWS Elemental MediaLive
AWS Elemental MediaPackage
AWS Elemental MediaTailor
Amazon EMR
Amazon FSx
Amazon S3 Glacier
AWS Glue
Amazon GuardDuty
Amazon Inspector
AWS IoT Analytics
AWS IoT Core
AWS IoT Device Defender
AWS IoT Device Management
AWS IoT Events
AWS IoT Greengrass
AWS IoT 1-Click
AWS Key Management Service
Amazon Kinesis
Amazon Kinesis Data Analytics
Amazon Kinesis Data Firehose
AWS Lambda
AWS License Manager
Amazon Machine Learning
Amazon MQ
Amazon MSK
Amazon Neptune
AWS OpsWorks
AWS Organizations
Amazon Quantum Ledger Database (QLDB)
Amazon RDS
Amazon Redshift
AWS Resource Access Manager
AWS Resource Groups
AWS RoboMaker
Amazon Route 53
Amazon Route 53 Resolver
Amazon S3 (buckets only)
Amazon SageMaker
AWS Secrets Manager
AWS Security Hub
AWS Service Catalog
Amazon Simple Notification Service (SNS)
Amazon Simple Queue Service (SQS)
Amazon Simple Workflow Service
AWS Step Functions
AWS Storage Gateway
AWS Systems Manager
AWS Transfer for SFTP
Amazon VPC
Amazon WorkSpaces
This guide describes the API operations for the resource groups tagging.
A tag is a label that you assign to an AWS resource. A tag consists of a key and a value, both of which you define. For example, if you have two Amazon EC2 instances, you might assign both a tag key of \"Stack.\" But the value of \"Stack\" might be \"Testing\" for one and \"Production\" for the other.
Tagging can help you organize your resources and enables you to simplify resource management, access management and cost allocation.
You can use the resource groups tagging API operations to complete the following tasks:
Tag and untag supported resources located in the specified Region for the AWS account.
Use tag-based filters to search for resources located in the specified Region for the AWS account.
List all existing tag keys in the specified Region for the AWS account.
List all existing values for the specified key in the specified Region for the AWS account.
To use resource groups tagging API operations, you must add the following permissions to your IAM policy:
tag:GetResources
tag:TagResources
tag:UntagResources
tag:GetTagKeys
tag:GetTagValues
You'll also need permissions to access the resources of individual services so that you can tag and untag those resources.
For more information on IAM policies, see Managing IAM Policies in the IAM User Guide.
You can use the Resource Groups Tagging API to tag resources for the following AWS services.
Alexa for Business (a4b)
API Gateway
Amazon AppStream
AWS AppSync
AWS App Mesh
Amazon Athena
Amazon Aurora
AWS Backup
AWS Certificate Manager
AWS Certificate Manager Private CA
Amazon Cloud Directory
AWS CloudFormation
Amazon CloudFront
AWS CloudHSM
AWS CloudTrail
Amazon CloudWatch (alarms only)
Amazon CloudWatch Events
Amazon CloudWatch Logs
AWS CodeBuild
AWS CodeCommit
AWS CodePipeline
AWS CodeStar
Amazon Cognito Identity
Amazon Cognito User Pools
Amazon Comprehend
AWS Config
AWS Data Exchange
AWS Data Pipeline
AWS Database Migration Service
AWS DataSync
AWS Device Farm
AWS Direct Connect
AWS Directory Service
Amazon DynamoDB
Amazon EBS
Amazon EC2
Amazon ECR
Amazon ECS
Amazon EKS
AWS Elastic Beanstalk
Amazon Elastic File System
Elastic Load Balancing
Amazon ElastiCache
Amazon Elasticsearch Service
AWS Elemental MediaLive
AWS Elemental MediaPackage
AWS Elemental MediaTailor
Amazon EMR
Amazon FSx
Amazon S3 Glacier
AWS Glue
Amazon GuardDuty
Amazon Inspector
AWS IoT Analytics
AWS IoT Core
AWS IoT Device Defender
AWS IoT Device Management
AWS IoT Events
AWS IoT Greengrass
AWS IoT 1-Click
AWS IoT Things Graph
AWS Key Management Service
Amazon Kinesis
Amazon Kinesis Data Analytics
Amazon Kinesis Data Firehose
AWS Lambda
AWS License Manager
Amazon Machine Learning
Amazon MQ
Amazon MSK
Amazon Neptune
AWS OpsWorks
AWS Organizations
Amazon Quantum Ledger Database (QLDB)
Amazon RDS
Amazon Redshift
AWS Resource Access Manager
AWS Resource Groups
AWS RoboMaker
Amazon Route 53
Amazon Route 53 Resolver
Amazon S3 (buckets only)
Amazon SageMaker
AWS Secrets Manager
AWS Security Hub
AWS Service Catalog
Amazon Simple Email Service (SES)
Amazon Simple Notification Service (SNS)
Amazon Simple Queue Service (SQS)
Amazon Simple Workflow Service
AWS Step Functions
AWS Storage Gateway
AWS Systems Manager
AWS Transfer for SFTP
AWS WAF Regional
Amazon VPC
Amazon WorkSpaces
Describes the status of the StartReportCreation
operation.
You can call this operation only from the organization's master account and from the us-east-1 Region.
", "GetComplianceSummary": "Returns a table that shows counts of resources that are noncompliant with their tag policies.
For more information on tag policies, see Tag Policies in the AWS Organizations User Guide.
You can call this operation only from the organization's master account and from the us-east-1 Region.
", @@ -222,8 +222,8 @@ "ResourceARNList": { "base": null, "refs": { - "TagResourcesInput$ResourceARNList": "A list of ARNs. An ARN (Amazon Resource Name) uniquely identifies a resource. You can specify a minimum of 1 and a maximum of 20 ARNs (resources) to tag. An ARN can be set to a maximum of 1600 characters. For more information, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.
", - "UntagResourcesInput$ResourceARNList": "A list of ARNs. An ARN (Amazon Resource Name) uniquely identifies a resource. You can specify a minimum of 1 and a maximum of 20 ARNs (resources) to untag. An ARN can be set to a maximum of 1600 characters. For more information, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.
" + "TagResourcesInput$ResourceARNList": "A list of ARNs. An ARN (Amazon Resource Name) uniquely identifies a resource. For more information, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.
", + "UntagResourcesInput$ResourceARNList": "A list of ARNs. An ARN (Amazon Resource Name) uniquely identifies a resource. For more information, see Amazon Resource Names (ARNs) and AWS Service Namespaces in the AWS General Reference.
" } }, "ResourceTagMapping": { @@ -298,7 +298,7 @@ } }, "Tag": { - "base": "The metadata that you apply to AWS resources to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. For more information, see Tagging AWS Resources in the AWS General Reference.
", + "base": "The metadata that you apply to AWS resources to help you categorize and organize them. Each tag consists of a key and a value, both of which you define. For more information, see Tagging AWS Resources in the AWS General Reference.
", "refs": { "TagList$member": null } @@ -372,7 +372,7 @@ "TagValue": { "base": null, "refs": { - "Tag$Value": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).
", + "Tag$Value": "One part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key). The value can be empty or null.
", "TagMap$value": null, "TagValueList$member": null, "TagValuesOutputList$member": null @@ -381,7 +381,7 @@ "TagValueList": { "base": null, "refs": { - "TagFilter$Values": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).
" + "TagFilter$Values": "One part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key). The value can be empty or null.
" } }, "TagValuesOutputList": { diff --git a/models/apis/sagemaker/2017-07-24/api-2.json b/models/apis/sagemaker/2017-07-24/api-2.json index a074e3c33f..dec8a38b94 100644 --- a/models/apis/sagemaker/2017-07-24/api-2.json +++ b/models/apis/sagemaker/2017-07-24/api-2.json @@ -6681,6 +6681,7 @@ "NetworkConfig":{ "type":"structure", "members":{ + "EnableInterContainerTrafficEncryption":{"shape":"Boolean"}, "EnableNetworkIsolation":{"shape":"Boolean"}, "VpcConfig":{"shape":"VpcConfig"} } @@ -7470,7 +7471,6 @@ "RenderUiTemplateRequest":{ "type":"structure", "required":[ - "UiTemplate", "Task", "RoleArn" ], @@ -8830,7 +8830,6 @@ }, "UiConfig":{ "type":"structure", - "required":["UiTemplateS3Uri"], "members":{ "UiTemplateS3Uri":{"shape":"S3Uri"} } diff --git a/models/apis/sagemaker/2017-07-24/docs-2.json b/models/apis/sagemaker/2017-07-24/docs-2.json index 3eb698adfb..c8ee72ac5c 100644 --- a/models/apis/sagemaker/2017-07-24/docs-2.json +++ b/models/apis/sagemaker/2017-07-24/docs-2.json @@ -5,11 +5,11 @@ "AddTags": "Adds or overwrites one or more tags for the specified Amazon SageMaker resource. You can add tags to notebook instances, training jobs, hyperparameter tuning jobs, batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and endpoints.
Each tag consists of a key and an optional value. Tag keys must be unique per resource. For more information about tags, see For more information, see AWS Tagging Strategies.
Tags that you add to a hyperparameter tuning job by calling this API are also added to any training jobs that the hyperparameter tuning job launches after you call this API, but not to training jobs that the hyperparameter tuning job launched before you called this API. To make sure that the tags associated with a hyperparameter tuning job are also added to all training jobs that the hyperparameter tuning job launches, add the tags when you first create the tuning job by specifying them in the Tags
parameter of CreateHyperParameterTuningJob
Associates a trial component with a trial. A trial component can be associated with multiple trials. To disassociate a trial component from a trial, call the DisassociateTrialComponent API.
", "CreateAlgorithm": "Create a machine learning algorithm that you can use in Amazon SageMaker and list in the AWS Marketplace.
", - "CreateApp": "Creates a running App for the specified UserProfile. Supported Apps are JupyterServer and KernelGateway. This operation is automatically invoked by Amazon SageMaker Amazon SageMaker Studio (Studio) upon access to the associated Studio Domain, and when new kernel configurations are selected by the user. A user may have multiple Apps active simultaneously. Apps will automatically terminate and be deleted when stopped from within Studio, or when the DeleteApp API is manually called. UserProfiles are limited to 5 concurrently running Apps at a time.
", + "CreateApp": "Creates a running App for the specified UserProfile. Supported Apps are JupyterServer
, KernelGateway
, and TensorBoard
. This operation is automatically invoked by Amazon SageMaker Studio upon access to the associated Studio Domain, and when new kernel configurations are selected by the user. A user may have multiple Apps active simultaneously. Apps will automatically terminate and be deleted when stopped from within Studio, or when the DeleteApp API is manually called. UserProfiles are limited to 5 concurrently running Apps at a time.
Creates an AutoPilot job.
After you run an AutoPilot job, you can find the best performing model by calling , and then deploy that model by following the steps described in Step 6.1: Deploy the Model to Amazon SageMaker Hosting Services.
For information about how to use AutoPilot, see Use AutoPilot to Automate Model Development.
", "CreateCodeRepository": "Creates a Git repository as a resource in your Amazon SageMaker account. You can associate the repository with notebook instances so that you can use Git source control for the notebooks you create. The Git repository is a resource in your Amazon SageMaker account, so it can be associated with more than one notebook instance, and it persists independently from the lifecycle of any notebook instances it is associated with.
The repository can be hosted either in AWS CodeCommit or in any other Git repository.
", "CreateCompilationJob": "Starts a model compilation job. After the model has been compiled, Amazon SageMaker saves the resulting model artifacts to an Amazon Simple Storage Service (Amazon S3) bucket that you specify.
If you choose to host your model using Amazon SageMaker hosting services, you can use the resulting model artifacts as part of the model. You can also use the artifacts with AWS IoT Greengrass. In that case, deploy them as an ML resource.
In the request body, you provide the following:
A name for the compilation job
Information about the input model artifacts
The output location for the compiled model and the device (target) that the model runs on
The Amazon Resource Name (ARN) of the IAM role that Amazon SageMaker assumes to perform the model compilation job
You can also provide a Tag
to track the model compilation job's resource use and costs. The response body contains the CompilationJobArn
for the compiled job.
To stop a model compilation job, use StopCompilationJob. To get information about a particular model compilation job, use DescribeCompilationJob. To get information about multiple model compilation jobs, use ListCompilationJobs.
", - "CreateDomain": "Creates a Domain for Amazon SageMaker Amazon SageMaker Studio (Studio), which can be accessed by end-users in a web browser. A Domain has an associated directory, list of authorized users, and a variety of security, application, policies, and Amazon Virtual Private Cloud configurations. An AWS account is limited to one Domain, per region. Users within a domain can share notebook files and other artifacts with each other. When a Domain is created, an Amazon Elastic File System (EFS) is also created for use by all of the users within the Domain. Each user receives a private home directory within the EFS for notebooks, Git repositories, and data files.
", + "CreateDomain": "Creates a Domain for Amazon SageMaker Studio, which can be accessed by end-users in a web browser. A Domain has an associated directory, list of authorized users, and a variety of security, application, policies, and Amazon Virtual Private Cloud configurations. An AWS account is limited to one Domain, per region. Users within a domain can share notebook files and other artifacts with each other. When a Domain is created, an Amazon Elastic File System (EFS) is also created for use by all of the users within the Domain. Each user receives a private home directory within the EFS for notebooks, Git repositories, and data files.
", "CreateEndpoint": "Creates an endpoint using the endpoint configuration specified in the request. Amazon SageMaker uses the endpoint to provision resources and deploy models. You create the endpoint configuration with the CreateEndpointConfig API.
Use this API to deploy models using Amazon SageMaker hosting services.
For an example that calls this method when deploying a model to Amazon SageMaker hosting services, see Deploy the Model to Amazon SageMaker Hosting Services (AWS SDK for Python (Boto 3)).
You must not delete an EndpointConfig
that is in use by an endpoint that is live or while the UpdateEndpoint
or CreateEndpoint
operations are being performed on the endpoint. To update an endpoint, you must create a new EndpointConfig
.
The endpoint name must be unique within an AWS Region in your AWS account.
When it receives the request, Amazon SageMaker creates the endpoint, launches the resources (ML compute instances), and deploys the model(s) on them.
When Amazon SageMaker receives the request, it sets the endpoint status to Creating
. After it creates the endpoint, it sets the status to InService
. Amazon SageMaker can then process incoming requests for inferences. To check the status of an endpoint, use the DescribeEndpoint API.
If any of the models hosted at this endpoint get model data from an Amazon S3 location, Amazon SageMaker uses AWS Security Token Service to download model artifacts from the S3 path you provided. AWS STS is activated in your IAM user account by default. If you previously deactivated AWS STS for a region, you need to reactivate AWS STS for that region. For more information, see Activating and Deactivating AWS STS in an AWS Region in the AWS Identity and Access Management User Guide.
", "CreateEndpointConfig": "Creates an endpoint configuration that Amazon SageMaker hosting services uses to deploy models. In the configuration, you identify one or more models, created using the CreateModel
API, to deploy and the resources that you want Amazon SageMaker to provision. Then you call the CreateEndpoint API.
Use this API if you want to use Amazon SageMaker hosting services to deploy models into production.
In the request, you define a ProductionVariant
, for each model that you want to deploy. Each ProductionVariant
parameter also describes the resources that you want Amazon SageMaker to provision. This includes the number and type of ML compute instances to deploy.
If you are hosting multiple models, you also assign a VariantWeight
to specify how much traffic you want to allocate to each model. For example, suppose that you want to host two models, A and B, and you assign traffic weight 2 for model A and 1 for model B. Amazon SageMaker distributes two-thirds of the traffic to Model A, and one-third to model B.
For an example that calls this method when deploying a model to Amazon SageMaker hosting services, see Deploy the Model to Amazon SageMaker Hosting Services (AWS SDK for Python (Boto 3)).
", "CreateExperiment": "Creates an Amazon SageMaker experiment. An experiment is a collection of trials that are observed, compared and evaluated as a group. A trial is a set of steps, called trial components, that produce a machine learning model.
The goal of an experiment is to determine the components that produce the best model. Multiple trials are performed, each one isolating and measuring the impact of a change to one or more inputs, while keeping the remaining inputs constant.
When you use Amazon SageMaker Studio or the Amazon SageMaker Python SDK, all experiments, trials, and trial components are automatically tracked, logged, and indexed. When you use the AWS SDK for Python (Boto), you must use the logging APIs provided by the SDK.
You can add tags to experiments, trials, trial components and then use the Search API to search for the tags.
To add a description to an experiment, specify the optional Description
parameter. To add a description later, or to change the description, call the UpdateExperiment API.
To get a list of all your experiments, call the ListExperiments API. To view an experiment's properties, call the DescribeExperiment API. To get a list of all the trials associated with an experiment, call the ListTrials API. To create a trial call the CreateTrial API.
", @@ -22,19 +22,19 @@ "CreateMonitoringSchedule": "Creates a schedule that regularly starts Amazon SageMaker Processing Jobs to monitor the data captured for an Amazon SageMaker Endoint.
", "CreateNotebookInstance": "Creates an Amazon SageMaker notebook instance. A notebook instance is a machine learning (ML) compute instance running on a Jupyter notebook.
In a CreateNotebookInstance
request, specify the type of ML compute instance that you want to run. Amazon SageMaker launches the instance, installs common libraries that you can use to explore datasets for model training, and attaches an ML storage volume to the notebook instance.
Amazon SageMaker also provides a set of example notebooks. Each notebook demonstrates how to use Amazon SageMaker with a specific algorithm or with a machine learning framework.
After receiving the request, Amazon SageMaker does the following:
Creates a network interface in the Amazon SageMaker VPC.
(Option) If you specified SubnetId
, Amazon SageMaker creates a network interface in your own VPC, which is inferred from the subnet ID that you provide in the input. When creating this network interface, Amazon SageMaker attaches the security group that you specified in the request to the network interface that it creates in your VPC.
Launches an EC2 instance of the type specified in the request in the Amazon SageMaker VPC. If you specified SubnetId
of your VPC, Amazon SageMaker specifies both network interfaces when launching this instance. This enables inbound traffic from your own VPC to the notebook instance, assuming that the security groups allow it.
After creating the notebook instance, Amazon SageMaker returns its Amazon Resource Name (ARN). You can't change the name of a notebook instance after you create it.
After Amazon SageMaker creates the notebook instance, you can connect to the Jupyter server and work in Jupyter notebooks. For example, you can write code to explore a dataset that you can use for model training, train a model, host models by creating Amazon SageMaker endpoints, and validate hosted models.
For more information, see How It Works.
", "CreateNotebookInstanceLifecycleConfig": "Creates a lifecycle configuration that you can associate with a notebook instance. A lifecycle configuration is a collection of shell scripts that run when you create or start a notebook instance.
Each lifecycle configuration script has a limit of 16384 characters.
The value of the $PATH
environment variable that is available to both scripts is /sbin:bin:/usr/sbin:/usr/bin
.
View CloudWatch Logs for notebook instance lifecycle configurations in log group /aws/sagemaker/NotebookInstances
in log stream [notebook-instance-name]/[LifecycleConfigHook]
.
Lifecycle configuration scripts cannot run for longer than 5 minutes. If a script runs for longer than 5 minutes, it fails and the notebook instance is not created or started.
For information about notebook instance lifestyle configurations, see Step 2.1: (Optional) Customize a Notebook Instance.
", - "CreatePresignedDomainUrl": "Creates a URL for a specified UserProfile in a Domain. When accessed in a web browser, the user will be automatically signed in to Amazon SageMaker Amazon SageMaker Studio (Studio), and granted access to all of the Apps and files associated with that Amazon Elastic File System (EFS). This operation can only be called when AuthMode equals IAM.
", + "CreatePresignedDomainUrl": "Creates a URL for a specified UserProfile in a Domain. When accessed in a web browser, the user will be automatically signed in to Amazon SageMaker Studio, and granted access to all of the Apps and files associated with that Amazon Elastic File System (EFS). This operation can only be called when AuthMode equals IAM.
", "CreatePresignedNotebookInstanceUrl": "Returns a URL that you can use to connect to the Jupyter server from a notebook instance. In the Amazon SageMaker console, when you choose Open
next to a notebook instance, Amazon SageMaker opens a new tab showing the Jupyter server home page from the notebook instance. The console uses this API to get the URL and show the page.
IAM authorization policies for this API are also enforced for every HTTP request and WebSocket frame that attempts to connect to the notebook instance.For example, you can restrict access to this API and to the URL that it returns to a list of IP addresses that you specify. Use the NotIpAddress
condition operator and the aws:SourceIP
condition context key to specify the list of IP addresses that you want to have access to the notebook instance. For more information, see Limit Access to a Notebook Instance by IP Address.
The URL that you get from a call to CreatePresignedNotebookInstanceUrl is valid only for 5 minutes. If you try to use the URL after the 5-minute limit expires, you are directed to the AWS console sign-in page.
Creates a processing job.
", "CreateTrainingJob": "Starts a model training job. After training completes, Amazon SageMaker saves the resulting model artifacts to an Amazon S3 location that you specify.
If you choose to host your model using Amazon SageMaker hosting services, you can use the resulting model artifacts as part of the model. You can also use the artifacts in a machine learning service other than Amazon SageMaker, provided that you know how to use them for inferences.
In the request body, you provide the following:
AlgorithmSpecification
- Identifies the training algorithm to use.
HyperParameters
- Specify these algorithm-specific parameters to enable the estimation of model parameters during training. Hyperparameters can be tuned to optimize this learning process. For a list of hyperparameters for each training algorithm provided by Amazon SageMaker, see Algorithms.
InputDataConfig
- Describes the training dataset and the Amazon S3, EFS, or FSx location where it is stored.
OutputDataConfig
- Identifies the Amazon S3 bucket where you want Amazon SageMaker to save the results of model training.
ResourceConfig
- Identifies the resources, ML compute instances, and ML storage volumes to deploy for model training. In distributed training, you specify more than one instance.
EnableManagedSpotTraining
- Optimize the cost of training machine learning models by up to 80% by using Amazon EC2 Spot instances. For more information, see Managed Spot Training.
RoleARN
- The Amazon Resource Number (ARN) that Amazon SageMaker assumes to perform tasks on your behalf during model training. You must grant this role the necessary permissions so that Amazon SageMaker can successfully complete model training.
StoppingCondition
- To help cap training costs, use MaxRuntimeInSeconds
to set a time limit for training. Use MaxWaitTimeInSeconds
to specify how long you are willing to wait for a managed spot training job to complete.
For more information about Amazon SageMaker, see How It Works.
", "CreateTransformJob": "Starts a transform job. A transform job uses a trained model to get inferences on a dataset and saves these results to an Amazon S3 location that you specify.
To perform batch transformations, you create a transform job and use the data that you have readily available.
In the request body, you provide the following:
TransformJobName
- Identifies the transform job. The name must be unique within an AWS Region in an AWS account.
ModelName
- Identifies the model to use. ModelName
must be the name of an existing Amazon SageMaker model in the same AWS Region and AWS account. For information on creating a model, see CreateModel.
TransformInput
- Describes the dataset to be transformed and the Amazon S3 location where it is stored.
TransformOutput
- Identifies the Amazon S3 location where you want Amazon SageMaker to save the results from the transform job.
TransformResources
- Identifies the ML compute instances for the transform job.
For more information about how batch transformation works, see Batch Transform.
", "CreateTrial": "Creates an Amazon SageMaker trial. A trial is a set of steps called trial components that produce a machine learning model. A trial is part of a single Amazon SageMaker experiment.
When you use Amazon SageMaker Studio or the Amazon SageMaker Python SDK, all experiments, trials, and trial components are automatically tracked, logged, and indexed. When you use the AWS SDK for Python (Boto), you must use the logging APIs provided by the SDK.
You can add tags to a trial and then use the Search API to search for the tags.
To get a list of all your trials, call the ListTrials API. To view a trial's properties, call the DescribeTrial API. To create a trial component, call the CreateTrialComponent API.
", "CreateTrialComponent": "Creates a trial component, which is a stage of a machine learning trial. A trial is composed of one or more trial components. A trial component can be used in multiple trials.
Trial components include pre-processing jobs, training jobs, and batch transform jobs.
When you use Amazon SageMaker Studio or the Amazon SageMaker Python SDK, all experiments, trials, and trial components are automatically tracked, logged, and indexed. When you use the AWS SDK for Python (Boto), you must use the logging APIs provided by the SDK.
You can add tags to a trial component and then use the Search API to search for the tags.
CreateTrialComponent
can only be invoked from within an Amazon SageMaker managed environment. This includes Amazon SageMaker training jobs, processing jobs, transform jobs, and Amazon SageMaker notebooks. A call to CreateTrialComponent
from outside one of these environments results in an error.
Creates a new user profile. A user profile represents a single user within a Domain, and is the main way to reference a \"person\" for the purposes of sharing, reporting and other user-oriented features. This entity is created during on-boarding. If an administrator invites a person by email or imports them from SSO, a new UserProfile is automatically created. This entity is the primary holder of settings for an individual user and has a reference to the user's private Amazon Elastic File System (EFS) home directory.
", + "CreateUserProfile": "Creates a user profile. A user profile represents a single user within a Domain, and is the main way to reference a \"person\" for the purposes of sharing, reporting and other user-oriented features. This entity is created during on-boarding to Amazon SageMaker Studio. If an administrator invites a person by email or imports them from SSO, a UserProfile is automatically created.
This entity is the primary holder of settings for an individual user and, through the domain, has a reference to the user's private Amazon Elastic File System (EFS) home directory.
", "CreateWorkteam": "Creates a new work team for labeling your data. A work team is defined by one or more Amazon Cognito user pools. You must first create the user pools before you can create a work team.
You cannot create more than 25 work teams in an account and region.
", "DeleteAlgorithm": "Removes the specified algorithm from your account.
", "DeleteApp": "Used to stop and delete an app.
", "DeleteCodeRepository": "Deletes the specified Git repository from your account.
", - "DeleteDomain": "Used to delete a domain. If you on-boarded with IAM mode, you will need to delete your domain to on-board again using SSO. Use with caution. All of the members of the domain will lose access to their EFS volume, including data, notebooks, and other artifacts.
", + "DeleteDomain": "Used to delete a domain. Use with caution. If RetentionPolicy
is set to Delete
, all of the members of the domain will lose access to their EFS volume, including data, notebooks, and other artifacts.
Deletes an endpoint. Amazon SageMaker frees up all of the resources that were deployed when the endpoint was created.
Amazon SageMaker retires any custom KMS key grants associated with the endpoint, meaning you don't need to use the RevokeGrant API call.
", "DeleteEndpointConfig": "Deletes an endpoint configuration. The DeleteEndpointConfig
API deletes only the specified configuration. It does not delete endpoints created using the configuration.
Deletes an Amazon SageMaker experiment. All trials associated with the experiment must be deleted first. Use the ListTrials API to get a list of the trials associated with the experiment.
", @@ -614,6 +614,7 @@ "HyperParameterTrainingJobDefinition$EnableNetworkIsolation": "Isolates the training container. No inbound or outbound network calls can be made, except for calls between peers within a training cluster for distributed training. If network isolation is used for training jobs that are configured to use a VPC, Amazon SageMaker downloads and uploads customer data and model artifacts through the specified VPC, but the training container does not have network access.
", "HyperParameterTrainingJobDefinition$EnableInterContainerTrafficEncryption": "To encrypt all communications between ML compute instances in distributed training, choose True
. Encryption provides greater security for distributed training, but training might take longer. How long it takes depends on the amount of communication between compute instances, especially if you use a deep learning algorithm in distributed training.
A Boolean indicating whether managed spot training is enabled (True
) or not (False
).
Whether to encrypt all communications between distributed processing jobs. Choose True
to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.
Whether to allow inbound and outbound network calls to and from the containers used for the processing job.
", "TrainingJob$EnableNetworkIsolation": "If the TrainingJob
was created with network isolation, the value is set to true
. If network isolation is enabled, nodes can't communicate beyond the VPC they run in.
To encrypt all communications between ML compute instances in distributed training, choose True
. Encryption provides greater security for distributed training, but training might take longer. How long it takes depends on the amount of communication between compute instances, especially if you use a deep learning algorithm in distributed training.
The homa Amazon Elastic File System (EFS) Uid.
" + "DescribeUserProfileResponse$HomeEfsFileSystemUid": "The home Amazon Elastic File System (EFS) Uid.
" } }, "EnableCapture": { @@ -2939,7 +2940,7 @@ "refs": { "AutoMLOutputDataConfig$KmsKeyId": "The AWS KMS encryption key ID.
", "AutoMLSecurityConfig$VolumeKmsKeyId": "The key used to encrypt stored data.
", - "CreateDomainRequest$HomeEfsFileSystemKmsKeyId": "The AWS Key Management Service encryption key ID.
", + "CreateDomainRequest$HomeEfsFileSystemKmsKeyId": "The AWS Key Management Service (KMS) encryption key ID. Encryption with a customer master key (CMK) is not supported.
", "CreateEndpointConfigInput$KmsKeyId": "The Amazon Resource Name (ARN) of a AWS Key Management Service key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance that hosts the endpoint.
The KmsKeyId can be any of the following formats:
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
Alias name: alias/ExampleAlias
Alias name ARN: arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias
The KMS key policy must grant permission to the IAM role that you specify in your CreateEndpoint
, UpdateEndpoint
requests. For more information, refer to the AWS Key Management Service section Using Key Policies in AWS KMS
Certain Nitro-based instances include local storage, dependent on the instance type. Local storage volumes are encrypted using a hardware module on the instance. You can't request a KmsKeyId
when using an instance type with local storage. If any of the models that you specify in the ProductionVariants
parameter use nitro-based instances with local storage, do not specify a value for the KmsKeyId
parameter. If you specify a value for KmsKeyId
when using any nitro-based instances with local storage, the call to CreateEndpointConfig
fails.
For a list of instance types that support local instance storage, see Instance Store Volumes.
For more information about local instance storage encryption, see SSD Instance Store Volumes.
The Amazon Resource Name (ARN) of a AWS Key Management Service key that Amazon SageMaker uses to encrypt data on the storage volume attached to your notebook instance. The KMS key you provide must be enabled. For information, see Enabling and Disabling Keys in the AWS Key Management Service Developer Guide.
", "DataCaptureConfig$KmsKeyId": "", @@ -4849,13 +4850,13 @@ } }, "ResourceSpec": { - "base": "The instance type and the Amazon Resource Name (ARN) of the image created on the instance. The ARN is stored as metadata in Amazon SageMaker Studio notebooks.
", + "base": "The instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance. The ARN is stored as metadata in Amazon SageMaker Studio notebooks.
", "refs": { - "CreateAppRequest$ResourceSpec": "The instance type and quantity.
", - "DescribeAppResponse$ResourceSpec": "The instance type and quantity.
", - "JupyterServerAppSettings$DefaultResourceSpec": "The instance type and quantity.
", - "KernelGatewayAppSettings$DefaultResourceSpec": "The instance type and quantity.
", - "TensorBoardAppSettings$DefaultResourceSpec": "The instance type and quantity.
" + "CreateAppRequest$ResourceSpec": "The instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance.
", + "DescribeAppResponse$ResourceSpec": "The instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance.
", + "JupyterServerAppSettings$DefaultResourceSpec": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance.
", + "KernelGatewayAppSettings$DefaultResourceSpec": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance.
", + "TensorBoardAppSettings$DefaultResourceSpec": "The default instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance.
" } }, "ResourceType": { @@ -4878,15 +4879,15 @@ } }, "RetentionPolicy": { - "base": "The retention policy.
", + "base": "The retention policy for data stored on an Amazon Elastic File System (EFS) volume.
", "refs": { - "DeleteDomainRequest$RetentionPolicy": "The retention policy for this domain, which specifies which resources will be retained after the Domain is deleted. By default, all resources are retained (not automatically deleted).
" + "DeleteDomainRequest$RetentionPolicy": "The retention policy for this domain, which specifies whether resources will be retained after the Domain is deleted. By default, all resources are retained (not automatically deleted).
" } }, "RetentionType": { "base": null, "refs": { - "RetentionPolicy$HomeEfsFileSystem": "The home Amazon Elastic File System (EFS).
" + "RetentionPolicy$HomeEfsFileSystem": "The default is Retain
, which specifies to keep the data stored on the EFS volume.
Specify Delete
to delete the data stored on the EFS volume.
The Amazon Resource Name (ARN) of the image created on the instance.
" + "ResourceSpec$SageMakerImageArn": "The Amazon Resource Name (ARN) of the SageMaker image created on the instance.
" } }, "SamplingPercentage": { diff --git a/models/endpoints/endpoints.json b/models/endpoints/endpoints.json index a459f5c701..c7ca3cdb7b 100644 --- a/models/endpoints/endpoints.json +++ b/models/endpoints/endpoints.json @@ -740,6 +740,7 @@ }, "cloud9" : { "endpoints" : { + "ap-east-1" : { }, "ap-northeast-1" : { }, "ap-northeast-2" : { }, "ap-south-1" : { }, @@ -750,8 +751,12 @@ "eu-north-1" : { }, "eu-west-1" : { }, "eu-west-2" : { }, + "eu-west-3" : { }, + "me-south-1" : { }, + "sa-east-1" : { }, "us-east-1" : { }, "us-east-2" : { }, + "us-west-1" : { }, "us-west-2" : { } } }, @@ -5079,6 +5084,7 @@ }, "storagegateway" : { "endpoints" : { + "af-south-1" : { }, "ap-east-1" : { }, "ap-northeast-1" : { }, "ap-northeast-2" : { }, @@ -5088,6 +5094,7 @@ "ca-central-1" : { }, "eu-central-1" : { }, "eu-north-1" : { }, + "eu-south-1" : { }, "eu-west-1" : { }, "eu-west-2" : { }, "eu-west-3" : { }, diff --git a/service/guardduty/api.go b/service/guardduty/api.go index b1e8e563ac..5eb039eeb0 100644 --- a/service/guardduty/api.go +++ b/service/guardduty/api.go @@ -1646,8 +1646,8 @@ func (c *GuardDuty) DisableOrganizationAdminAccountRequest(input *DisableOrganiz // DisableOrganizationAdminAccount API operation for Amazon GuardDuty. // -// Disables GuardDuty administrator permissions for an AWS account within the -// Organization. +// Disables an AWS account within the Organization as the GuardDuty delegated +// administrator. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1896,8 +1896,8 @@ func (c *GuardDuty) EnableOrganizationAdminAccountRequest(input *EnableOrganizat // EnableOrganizationAdminAccount API operation for Amazon GuardDuty. // -// Enables GuardDuty administrator permissions for an AWS account within the -// organization. +// Enables an AWS account within the organization as the GuardDuty delegated +// administrator. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3655,7 +3655,7 @@ func (c *GuardDuty) ListOrganizationAdminAccountsRequest(input *ListOrganization // ListOrganizationAdminAccounts API operation for Amazon GuardDuty. // -// Lists the accounts configured as AWS Organization delegated administrators. +// Lists the accounts configured as GuardDuty delegated administrators. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5977,6 +5977,8 @@ type CreateFilterInput struct { // // * service.action.networkConnectionAction.protocol // + // * service.action.networkConnectionAction.localIpDetails.ipAddressV4 + // // * service.action.networkConnectionAction.remoteIpDetails.city.cityName // // * service.action.networkConnectionAction.remoteIpDetails.country.countryName @@ -6160,7 +6162,7 @@ type CreateIPSetInput struct { // Format is a required field Format *string `locationName:"format" min:"1" type:"string" required:"true" enum:"IpSetFormat"` - // The URI of the file that contains the IPSet. For example: https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key. + // The URI of the file that contains the IPSet. For example: . // // Location is a required field Location *string `locationName:"location" min:"1" type:"string" required:"true"` @@ -6585,7 +6587,7 @@ type CreateThreatIntelSetInput struct { // Format is a required field Format *string `locationName:"format" min:"1" type:"string" required:"true" enum:"ThreatIntelSetFormat"` - // The URI of the file that contains the ThreatIntelSet. For example: https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key. + // The URI of the file that contains the ThreatIntelSet. For example: . // // Location is a required field Location *string `locationName:"location" min:"1" type:"string" required:"true"` @@ -7579,7 +7581,7 @@ func (s *DestinationProperties) SetKmsKeyArn(v string) *DestinationProperties { type DisableOrganizationAdminAccountInput struct { _ struct{} `type:"structure"` - // The AWS Account ID for the Organizations account to be disabled as a GuardDuty + // The AWS Account ID for the organizations account to be disabled as a GuardDuty // delegated administrator. // // AdminAccountId is a required field @@ -7821,7 +7823,7 @@ func (s *DomainDetails) SetDomain(v string) *DomainDetails { type EnableOrganizationAdminAccountInput struct { _ struct{} `type:"structure"` - // The AWS Account ID for the Organizations account to be enabled as a GuardDuty + // The AWS Account ID for the organization account to be enabled as a GuardDuty // delegated administrator. // // AdminAccountId is a required field @@ -8642,7 +8644,7 @@ type GetIPSetOutput struct { // Format is a required field Format *string `locationName:"format" min:"1" type:"string" required:"true" enum:"IpSetFormat"` - // The URI of the file that contains the IPSet. For example: https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key. + // The URI of the file that contains the IPSet. For example: . // // Location is a required field Location *string `locationName:"location" min:"1" type:"string" required:"true"` @@ -8966,7 +8968,7 @@ type GetThreatIntelSetOutput struct { // Format is a required field Format *string `locationName:"format" min:"1" type:"string" required:"true" enum:"ThreatIntelSetFormat"` - // The URI of the file that contains the ThreatIntelSet. For example: https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key. + // The URI of the file that contains the ThreatIntelSet. For example: . // // Location is a required field Location *string `locationName:"location" min:"1" type:"string" required:"true"` @@ -9630,6 +9632,8 @@ type ListFindingsInput struct { // // * resource.instanceDetails.instanceId // + // * resource.instanceDetails.outpostArn + // // * resource.instanceDetails.networkInterfaces.ipv6Addresses // // * resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress @@ -9680,6 +9684,8 @@ type ListFindingsInput struct { // // * service.action.networkConnectionAction.protocol // + // * service.action.networkConnectionAction.localIpDetails.ipAddressV4 + // // * service.action.networkConnectionAction.remoteIpDetails.city.cityName // // * service.action.networkConnectionAction.remoteIpDetails.country.countryName @@ -12147,7 +12153,7 @@ type UpdateIPSetInput struct { // IpSetId is a required field IpSetId *string `location:"uri" locationName:"ipSetId" type:"string" required:"true"` - // The updated URI of the file that contains the IPSet. For example: https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key. + // The updated URI of the file that contains the IPSet. For example: . Location *string `locationName:"location" min:"1" type:"string"` // The unique ID that specifies the IPSet that you want to update. @@ -12400,8 +12406,7 @@ type UpdateThreatIntelSetInput struct { // DetectorId is a required field DetectorId *string `location:"uri" locationName:"detectorId" min:"1" type:"string" required:"true"` - // The updated URI of the file that contains the ThreateIntelSet. For example: - // https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key. + // The updated URI of the file that contains the ThreateIntelSet. For example: . Location *string `locationName:"location" min:"1" type:"string"` // The unique ID that specifies the ThreatIntelSet that you want to update. diff --git a/service/resourcegroupstaggingapi/api.go b/service/resourcegroupstaggingapi/api.go index 9fa40e1b91..273a861b40 100644 --- a/service/resourcegroupstaggingapi/api.go +++ b/service/resourcegroupstaggingapi/api.go @@ -2341,8 +2341,8 @@ func (s *Summary) SetTargetIdType(v string) *Summary { } // The metadata that you apply to AWS resources to help you categorize and organize -// them. Each tag consists of a key and an optional value, both of which you -// define. For more information, see Tagging AWS Resources (http://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) +// them. Each tag consists of a key and a value, both of which you define. For +// more information, see Tagging AWS Resources (http://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) // in the AWS General Reference. type Tag struct { _ struct{} `type:"structure"` @@ -2353,8 +2353,8 @@ type Tag struct { // Key is a required field Key *string `min:"1" type:"string" required:"true"` - // The optional part of a key-value pair that make up a tag. A value acts as - // a descriptor within a tag category (key). + // One part of a key-value pair that make up a tag. A value acts as a descriptor + // within a tag category (key). The value can be empty or null. // // Value is a required field Value *string `type:"string" required:"true"` @@ -2391,8 +2391,8 @@ type TagFilter struct { // that acts like a category for more specific tag values. Key *string `min:"1" type:"string"` - // The optional part of a key-value pair that make up a tag. A value acts as - // a descriptor within a tag category (key). + // One part of a key-value pair that make up a tag. A value acts as a descriptor + // within a tag category (key). The value can be empty or null. Values []*string `type:"list"` } @@ -2435,9 +2435,8 @@ type TagResourcesInput struct { _ struct{} `type:"structure"` // A list of ARNs. An ARN (Amazon Resource Name) uniquely identifies a resource. - // You can specify a minimum of 1 and a maximum of 20 ARNs (resources) to tag. - // An ARN can be set to a maximum of 1600 characters. For more information, - // see Amazon Resource Names (ARNs) and AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information, see Amazon Resource Names (ARNs) and AWS Service Namespaces + // (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // ResourceARNList is a required field @@ -2580,9 +2579,8 @@ type UntagResourcesInput struct { _ struct{} `type:"structure"` // A list of ARNs. An ARN (Amazon Resource Name) uniquely identifies a resource. - // You can specify a minimum of 1 and a maximum of 20 ARNs (resources) to untag. - // An ARN can be set to a maximum of 1600 characters. For more information, - // see Amazon Resource Names (ARNs) and AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // For more information, see Amazon Resource Names (ARNs) and AWS Service Namespaces + // (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // ResourceARNList is a required field diff --git a/service/resourcegroupstaggingapi/doc.go b/service/resourcegroupstaggingapi/doc.go index dea988e3e2..b444e46c52 100644 --- a/service/resourcegroupstaggingapi/doc.go +++ b/service/resourcegroupstaggingapi/doc.go @@ -169,6 +169,8 @@ // // * AWS IoT 1-Click // +// * AWS IoT Things Graph +// // * AWS Key Management Service // // * Amazon Kinesis @@ -219,6 +221,8 @@ // // * AWS Service Catalog // +// * Amazon Simple Email Service (SES) +// // * Amazon Simple Notification Service (SNS) // // * Amazon Simple Queue Service (SQS) @@ -233,6 +237,8 @@ // // * AWS Transfer for SFTP // +// * AWS WAF Regional +// // * Amazon VPC // // * Amazon WorkSpaces diff --git a/service/sagemaker/api.go b/service/sagemaker/api.go index 0a749943fc..9a7070b9b5 100644 --- a/service/sagemaker/api.go +++ b/service/sagemaker/api.go @@ -306,10 +306,10 @@ func (c *SageMaker) CreateAppRequest(input *CreateAppInput) (req *request.Reques // CreateApp API operation for Amazon SageMaker Service. // -// Creates a running App for the specified UserProfile. Supported Apps are JupyterServer -// and KernelGateway. This operation is automatically invoked by Amazon SageMaker -// Amazon SageMaker Studio (Studio) upon access to the associated Studio Domain, -// and when new kernel configurations are selected by the user. A user may have +// Creates a running App for the specified UserProfile. Supported Apps are JupyterServer, +// KernelGateway, and TensorBoard. This operation is automatically invoked by +// Amazon SageMaker Studio upon access to the associated Studio Domain, and +// when new kernel configurations are selected by the user. A user may have // multiple Apps active simultaneously. Apps will automatically terminate and // be deleted when stopped from within Studio, or when the DeleteApp API is // manually called. UserProfiles are limited to 5 concurrently running Apps @@ -678,15 +678,15 @@ func (c *SageMaker) CreateDomainRequest(input *CreateDomainInput) (req *request. // CreateDomain API operation for Amazon SageMaker Service. // -// Creates a Domain for Amazon SageMaker Amazon SageMaker Studio (Studio), which -// can be accessed by end-users in a web browser. A Domain has an associated -// directory, list of authorized users, and a variety of security, application, -// policies, and Amazon Virtual Private Cloud configurations. An AWS account -// is limited to one Domain, per region. Users within a domain can share notebook -// files and other artifacts with each other. When a Domain is created, an Amazon -// Elastic File System (EFS) is also created for use by all of the users within -// the Domain. Each user receives a private home directory within the EFS for -// notebooks, Git repositories, and data files. +// Creates a Domain for Amazon SageMaker Studio, which can be accessed by end-users +// in a web browser. A Domain has an associated directory, list of authorized +// users, and a variety of security, application, policies, and Amazon Virtual +// Private Cloud configurations. An AWS account is limited to one Domain, per +// region. Users within a domain can share notebook files and other artifacts +// with each other. When a Domain is created, an Amazon Elastic File System +// (EFS) is also created for use by all of the users within the Domain. Each +// user receives a private home directory within the EFS for notebooks, Git +// repositories, and data files. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1941,9 +1941,9 @@ func (c *SageMaker) CreatePresignedDomainUrlRequest(input *CreatePresignedDomain // // Creates a URL for a specified UserProfile in a Domain. When accessed in a // web browser, the user will be automatically signed in to Amazon SageMaker -// Amazon SageMaker Studio (Studio), and granted access to all of the Apps and -// files associated with that Amazon Elastic File System (EFS). This operation -// can only be called when AuthMode equals IAM. +// Studio, and granted access to all of the Apps and files associated with that +// Amazon Elastic File System (EFS). This operation can only be called when +// AuthMode equals IAM. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2631,13 +2631,15 @@ func (c *SageMaker) CreateUserProfileRequest(input *CreateUserProfileInput) (req // CreateUserProfile API operation for Amazon SageMaker Service. // -// Creates a new user profile. A user profile represents a single user within -// a Domain, and is the main way to reference a "person" for the purposes of -// sharing, reporting and other user-oriented features. This entity is created -// during on-boarding. If an administrator invites a person by email or imports -// them from SSO, a new UserProfile is automatically created. This entity is -// the primary holder of settings for an individual user and has a reference -// to the user's private Amazon Elastic File System (EFS) home directory. +// Creates a user profile. A user profile represents a single user within a +// Domain, and is the main way to reference a "person" for the purposes of sharing, +// reporting and other user-oriented features. This entity is created during +// on-boarding to Amazon SageMaker Studio. If an administrator invites a person +// by email or imports them from SSO, a UserProfile is automatically created. +// +// This entity is the primary holder of settings for an individual user and, +// through the domain, has a reference to the user's private Amazon Elastic +// File System (EFS) home directory. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3041,9 +3043,8 @@ func (c *SageMaker) DeleteDomainRequest(input *DeleteDomainInput) (req *request. // DeleteDomain API operation for Amazon SageMaker Service. // -// Used to delete a domain. If you on-boarded with IAM mode, you will need to -// delete your domain to on-board again using SSO. Use with caution. All of -// the members of the domain will lose access to their EFS volume, including +// Used to delete a domain. Use with caution. If RetentionPolicy is set to Delete, +// all of the members of the domain will lose access to their EFS volume, including // data, notebooks, and other artifacts. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -15820,7 +15821,8 @@ type CreateAppInput struct { // DomainId is a required field DomainId *string `type:"string" required:"true"` - // The instance type and quantity. + // The instance type and the Amazon Resource Name (ARN) of the SageMaker image + // created on the instance. ResourceSpec *ResourceSpec `type:"structure"` // Each tag consists of a key and an optional value. Tag keys must be unique @@ -16404,7 +16406,8 @@ type CreateDomainInput struct { // DomainName is a required field DomainName *string `type:"string" required:"true"` - // The AWS Key Management Service encryption key ID. + // The AWS Key Management Service (KMS) encryption key ID. Encryption with a + // customer master key (CMK) is not supported. HomeEfsFileSystemKmsKeyId *string `type:"string"` // Security setting to limit to a set of subnets. @@ -20788,7 +20791,7 @@ type DeleteDomainInput struct { // DomainId is a required field DomainId *string `type:"string" required:"true"` - // The retention policy for this domain, which specifies which resources will + // The retention policy for this domain, which specifies whether resources will // be retained after the Domain is deleted. By default, all resources are retained // (not automatically deleted). RetentionPolicy *RetentionPolicy `type:"structure"` @@ -21987,7 +21990,8 @@ type DescribeAppOutput struct { // The timestamp of the last user's activity. LastUserActivityTimestamp *time.Time `type:"timestamp"` - // The instance type and quantity. + // The instance type and the Amazon Resource Name (ARN) of the SageMaker image + // created on the instance. ResourceSpec *ResourceSpec `type:"structure"` // The status. @@ -26300,7 +26304,7 @@ type DescribeUserProfileOutput struct { // The failure reason. FailureReason *string `type:"string"` - // The homa Amazon Elastic File System (EFS) Uid. + // The home Amazon Elastic File System (EFS) Uid. HomeEfsFileSystemUid *string `type:"string"` // The last modified time. @@ -28817,11 +28821,6 @@ func (s *HumanTaskConfig) Validate() error { invalidParams.AddNested("AnnotationConsolidationConfig", err.(request.ErrInvalidParams)) } } - if s.UiConfig != nil { - if err := s.UiConfig.Validate(); err != nil { - invalidParams.AddNested("UiConfig", err.(request.ErrInvalidParams)) - } - } if invalidParams.Len() > 0 { return invalidParams @@ -30392,7 +30391,8 @@ func (s *IntegerParameterRangeSpecification) SetMinValue(v string) *IntegerParam type JupyterServerAppSettings struct { _ struct{} `type:"structure"` - // The instance type and quantity. + // The default instance type and the Amazon Resource Name (ARN) of the SageMaker + // image created on the instance. DefaultResourceSpec *ResourceSpec `type:"structure"` } @@ -30416,7 +30416,8 @@ func (s *JupyterServerAppSettings) SetDefaultResourceSpec(v *ResourceSpec) *Jupy type KernelGatewayAppSettings struct { _ struct{} `type:"structure"` - // The instance type and quantity. + // The default instance type and the Amazon Resource Name (ARN) of the SageMaker + // image created on the instance. DefaultResourceSpec *ResourceSpec `type:"structure"` } @@ -37134,6 +37135,11 @@ func (s *NestedFilters) SetNestedPropertyName(v string) *NestedFilters { type NetworkConfig struct { _ struct{} `type:"structure"` + // Whether to encrypt all communications between distributed processing jobs. + // Choose True to encrypt communications. Encryption provides greater security + // for distributed processing jobs, but the processing might take longer. + EnableInterContainerTrafficEncryption *bool `type:"boolean"` + // Whether to allow inbound and outbound network calls to and from the containers // used for the processing job. EnableNetworkIsolation *bool `type:"boolean"` @@ -37171,6 +37177,12 @@ func (s *NetworkConfig) Validate() error { return nil } +// SetEnableInterContainerTrafficEncryption sets the EnableInterContainerTrafficEncryption field's value. +func (s *NetworkConfig) SetEnableInterContainerTrafficEncryption(v bool) *NetworkConfig { + s.EnableInterContainerTrafficEncryption = &v + return s +} + // SetEnableNetworkIsolation sets the EnableNetworkIsolation field's value. func (s *NetworkConfig) SetEnableNetworkIsolation(v bool) *NetworkConfig { s.EnableNetworkIsolation = &v @@ -39216,9 +39228,7 @@ type RenderUiTemplateInput struct { Task *RenderableTask `type:"structure" required:"true"` // A Template object containing the worker UI template to render. - // - // UiTemplate is a required field - UiTemplate *UiTemplate `type:"structure" required:"true"` + UiTemplate *UiTemplate `type:"structure"` } // String returns the string representation @@ -39243,9 +39253,6 @@ func (s *RenderUiTemplateInput) Validate() error { if s.Task == nil { invalidParams.Add(request.NewErrParamRequired("Task")) } - if s.UiTemplate == nil { - invalidParams.Add(request.NewErrParamRequired("UiTemplate")) - } if s.Task != nil { if err := s.Task.Validate(); err != nil { invalidParams.AddNested("Task", err.(request.ErrInvalidParams)) @@ -39795,16 +39802,16 @@ func (s *ResourceNotFound) RequestID() string { return s.RespMetadata.RequestID } -// The instance type and the Amazon Resource Name (ARN) of the image created -// on the instance. The ARN is stored as metadata in Amazon SageMaker Studio -// notebooks. +// The instance type and the Amazon Resource Name (ARN) of the SageMaker image +// created on the instance. The ARN is stored as metadata in Amazon SageMaker +// Studio notebooks. type ResourceSpec struct { _ struct{} `type:"structure"` // The instance type. InstanceType *string `type:"string" enum:"AppInstanceType"` - // The Amazon Resource Name (ARN) of the image created on the instance. + // The Amazon Resource Name (ARN) of the SageMaker image created on the instance. SageMakerImageArn *string `type:"string"` } @@ -39830,11 +39837,15 @@ func (s *ResourceSpec) SetSageMakerImageArn(v string) *ResourceSpec { return s } -// The retention policy. +// The retention policy for data stored on an Amazon Elastic File System (EFS) +// volume. type RetentionPolicy struct { _ struct{} `type:"structure"` - // The home Amazon Elastic File System (EFS). + // The default is Retain, which specifies to keep the data stored on the EFS + // volume. + // + // Specify Delete to delete the data stored on the EFS volume. HomeEfsFileSystem *string `type:"string" enum:"RetentionType"` } @@ -41574,7 +41585,8 @@ func (s *Tag) SetValue(v string) *Tag { type TensorBoardAppSettings struct { _ struct{} `type:"structure"` - // The instance type and quantity. + // The default instance type and the Amazon Resource Name (ARN) of the SageMaker + // image created on the instance. DefaultResourceSpec *ResourceSpec `type:"structure"` } @@ -44128,9 +44140,7 @@ type UiConfig struct { // The Amazon S3 bucket location of the UI template. For more information about // the contents of a UI template, see Creating Your Custom Labeling Task Template // (https://docs.aws.amazon.com/sagemaker/latest/dg/sms-custom-templates-step2.html). - // - // UiTemplateS3Uri is a required field - UiTemplateS3Uri *string `type:"string" required:"true"` + UiTemplateS3Uri *string `type:"string"` } // String returns the string representation @@ -44143,19 +44153,6 @@ func (s UiConfig) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *UiConfig) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "UiConfig"} - if s.UiTemplateS3Uri == nil { - invalidParams.Add(request.NewErrParamRequired("UiTemplateS3Uri")) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - // SetUiTemplateS3Uri sets the UiTemplateS3Uri field's value. func (s *UiConfig) SetUiTemplateS3Uri(v string) *UiConfig { s.UiTemplateS3Uri = &v