Detective uses machine learning and purpose-built visualizations to help you analyze and investigate security issues across your Amazon Web Services (AWS) workloads. Detective automatically extracts time-based events such as login attempts, API calls, and network traffic from AWS CloudTrail and Amazon Virtual Private Cloud (Amazon VPC) flow logs. It also extracts findings detected by Amazon GuardDuty.
The Detective API primarily supports the creation and management of behavior graphs. A behavior graph contains the extracted data from a set of member accounts, and is created and managed by an administrator account.
Every behavior graph is specific to a Region. You can only use the API to manage graphs that belong to the Region that is associated with the currently selected endpoint.
A Detective administrator account can use the Detective API to do the following:
Enable and disable Detective. Enabling Detective creates a new behavior graph.
View the list of member accounts in a behavior graph.
Add member accounts to a behavior graph.
Remove member accounts from a behavior graph.
A member account can use the Detective API to do the following:
View the list of behavior graphs that they are invited to.
Accept an invitation to contribute to a behavior graph.
Decline an invitation to contribute to a behavior graph.
Remove their account from a behavior graph.
All API actions are logged as CloudTrail events. See Logging Detective API Calls with CloudTrail.
We replaced the term \"master account\" with the term \"administrator account.\" An administrator account is used to centrally manage multiple accounts. In the case of Detective, the administrator account manages the accounts in their behavior graph.
Detective uses machine learning and purpose-built visualizations to help you to analyze and investigate security issues across your Amazon Web Services (Amazon Web Services) workloads. Detective automatically extracts time-based events such as login attempts, API calls, and network traffic from CloudTrail and Amazon Virtual Private Cloud (Amazon VPC) flow logs. It also extracts findings detected by Amazon GuardDuty.
The Detective API primarily supports the creation and management of behavior graphs. A behavior graph contains the extracted data from a set of member accounts, and is created and managed by an administrator account.
To add a member account to the behavior graph, the administrator account sends an invitation to the account. When the account accepts the invitation, it becomes a member account in the behavior graph.
Detective is also integrated with Organizations. The organization management account designates the Detective administrator account for the organization. That account becomes the administrator account for the organization behavior graph. The Detective administrator account can enable any organization account as a member account in the organization behavior graph. The organization accounts do not receive invitations. The Detective administrator account can also invite other accounts to the organization behavior graph.
Every behavior graph is specific to a Region. You can only use the API to manage behavior graphs that belong to the Region that is associated with the currently selected endpoint.
The administrator account for a behavior graph can use the Detective API to do the following:
Enable and disable Detective. Enabling Detective creates a new behavior graph.
View the list of member accounts in a behavior graph.
Add member accounts to a behavior graph.
Remove member accounts from a behavior graph.
Apply tags to a behavior graph.
The organization management account can use the Detective API to select the delegated administrator for Detective.
The Detective administrator account for an organization can use the Detective API to do the following:
Perform all of the functions of an administrator account.
Determine whether to automatically enable new organization accounts as member accounts in the organization behavior graph.
An invited member account can use the Detective API to do the following:
View the list of behavior graphs that they are invited to.
Accept an invitation to contribute to a behavior graph.
Decline an invitation to contribute to a behavior graph.
Remove their account from a behavior graph.
All API actions are logged as CloudTrail events. See Logging Detective API Calls with CloudTrail.
We replaced the term \"master account\" with the term \"administrator account.\" An administrator account is used to centrally manage multiple accounts. In the case of Detective, the administrator account manages the accounts in their behavior graph.
Accepts an invitation for the member account to contribute data to a behavior graph. This operation can only be called by an invited member account.
The request provides the ARN of behavior graph.
The member account status in the graph must be INVITED.
Creates a new behavior graph for the calling account, and sets that account as the administrator account. This operation is called by the account that is enabling Detective.
Before you try to enable Detective, make sure that your account has been enrolled in Amazon GuardDuty for at least 48 hours. If you do not meet this requirement, you cannot enable Detective. If you do meet the GuardDuty prerequisite, then when you make the request to enable Detective, it checks whether your data volume is within the Detective quota. If it exceeds the quota, then you cannot enable Detective.
The operation also enables Detective for the calling account in the currently selected Region. It returns the ARN of the new behavior graph.
CreateGraph triggers a process to create the corresponding data tables for the new behavior graph.
An account can only be the administrator account for one behavior graph within a Region. If the same account calls CreateGraph with the same administrator account, it always returns the same behavior graph ARN. It does not create a new behavior graph.
Sends a request to invite the specified AWS accounts to be member accounts in the behavior graph. This operation can only be called by the administrator account for a behavior graph.
CreateMembers verifies the accounts and then invites the verified accounts. The administrator can optionally specify to not send invitation emails to the member accounts. This would be used when the administrator manages their member accounts centrally.
The request provides the behavior graph ARN and the list of accounts to invite.
The response separates the requested accounts into two lists:
The accounts that CreateMembers was able to start the verification for. This list includes member accounts that are being verified, that have passed verification and are to be invited, and that have failed verification.
The accounts that CreateMembers was unable to process. This list includes accounts that were already invited to be member accounts in the behavior graph.
Disables the specified behavior graph and queues it to be deleted. This operation removes the graph from each member account's list of behavior graphs.
DeleteGraph can only be called by the administrator account for a behavior graph.
Deletes one or more member accounts from the administrator account's behavior graph. This operation can only be called by a Detective administrator account. That account cannot use DeleteMembers to delete their own account from the behavior graph. To disable a behavior graph, the administrator account uses the DeleteGraph API method.
Removes the member account from the specified behavior graph. This operation can only be called by a member account that has the ENABLED status.
CreateMembers is used to send invitations to accounts. For the organization behavior graph, the Detective administrator account uses CreateMembers to enable organization accounts as member accounts.
For invited accounts, CreateMembers sends a request to invite the specified Amazon Web Services accounts to be member accounts in the behavior graph. This operation can only be called by the administrator account for a behavior graph.
CreateMembers verifies the accounts and then invites the verified accounts. The administrator can optionally specify to not send invitation emails to the member accounts. This would be used when the administrator manages their member accounts centrally.
For organization accounts in the organization behavior graph, CreateMembers attempts to enable the accounts. The organization accounts do not receive invitations.
The request provides the behavior graph ARN and the list of accounts to invite or to enable.
The response separates the requested accounts into two lists:
The accounts that CreateMembers was able to process. For invited accounts, includes member accounts that are being verified, that have passed verification and are to be invited, and that have failed verification. For organization accounts in the organization behavior graph, includes accounts that can be enabled and that cannot be enabled.
The accounts that CreateMembers was unable to process. This list includes accounts that were already invited to be member accounts in the behavior graph.
Disables the specified behavior graph and queues it to be deleted. This operation removes the behavior graph from each member account's list of behavior graphs.
DeleteGraph can only be called by the administrator account for a behavior graph.
Removes the specified member accounts from the behavior graph. The removed accounts no longer contribute data to the behavior graph. This operation can only be called by the administrator account for the behavior graph.
For invited accounts, the removed accounts are deleted from the list of accounts in the behavior graph. To restore the account, the administrator account must send another invitation.
For organization accounts in the organization behavior graph, the Detective administrator account can always enable the organization account again. Organization accounts that are not enabled as member accounts are not included in the ListMembers results for the organization behavior graph.
An administrator account cannot use DeleteMembers to remove their own account from the behavior graph. To disable a behavior graph, the administrator account uses the DeleteGraph API method.
Returns information about the configuration for the organization behavior graph. Currently indicates whether to automatically enable new organization accounts as member accounts.
Can only be called by the Detective administrator account for the organization.
", + "DisableOrganizationAdminAccount": "Removes the Detective administrator account for the organization in the current Region. Deletes the behavior graph for that account.
Can only be called by the organization management account. Before you can select a different Detective administrator account, you must remove the Detective administrator account in all Regions.
", + "DisassociateMembership": "Removes the member account from the specified behavior graph. This operation can only be called by an invited member account that has the ENABLED status.
DisassociateMembership cannot be called by an organization account in the organization behavior graph. For the organization behavior graph, the Detective administrator account determines which organization accounts to enable or disable as member accounts.
Designates the Detective administrator account for the organization in the current Region.
If the account does not have Detective enabled, then enables Detective for that account and creates a new behavior graph.
Can only be called by the organization management account.
The Detective administrator account for an organization must be the same in all Regions. If you already designated a Detective administrator account in another Region, then you must designate the same account.
", "GetMembers": "Returns the membership details for specified member accounts for a behavior graph.
", "ListGraphs": "Returns the list of behavior graphs that the calling account is an administrator account of. This operation can only be called by an administrator account.
Because an account can currently only be the administrator of one behavior graph within a Region, the results always contain a single behavior graph.
", - "ListInvitations": "Retrieves the list of open and accepted behavior graph invitations for the member account. This operation can only be called by a member account.
Open invitations are invitations that the member account has not responded to.
The results do not include behavior graphs for which the member account declined the invitation. The results also do not include behavior graphs that the member account resigned from or was removed from.
", - "ListMembers": "Retrieves the list of member accounts for a behavior graph. Does not return member accounts that were removed from the behavior graph.
", + "ListInvitations": "Retrieves the list of open and accepted behavior graph invitations for the member account. This operation can only be called by an invited member account.
Open invitations are invitations that the member account has not responded to.
The results do not include behavior graphs for which the member account declined the invitation. The results also do not include behavior graphs that the member account resigned from or was removed from.
", + "ListMembers": "Retrieves the list of member accounts for a behavior graph.
For invited accounts, the results do not include member accounts that were removed from the behavior graph.
For the organization behavior graph, the results do not include organization accounts that the Detective administrator account has not enabled as member accounts.
", + "ListOrganizationAdminAccounts": "Returns information about the Detective administrator account for an organization. Can only be called by the organization management account.
", "ListTagsForResource": "Returns the tag values that are assigned to a behavior graph.
", - "RejectInvitation": "Rejects an invitation to contribute the account data to a behavior graph. This operation must be called by a member account that has the INVITED status.
Rejects an invitation to contribute the account data to a behavior graph. This operation must be called by an invited member account that has the INVITED status.
RejectInvitation cannot be called by an organization account in the organization behavior graph. In the organization behavior graph, organization accounts do not receive an invitation.
Sends a request to enable data ingest for a member account that has a status of ACCEPTED_BUT_DISABLED.
For valid member accounts, the status is updated as follows.
If Detective enabled the member account, then the new status is ENABLED.
If Detective cannot enable the member account, the status remains ACCEPTED_BUT_DISABLED.
Applies tag values to a behavior graph.
", - "UntagResource": "Removes tags from a behavior graph.
" + "UntagResource": "Removes tags from a behavior graph.
", + "UpdateOrganizationConfiguration": "Updates the configuration for the Organizations integration in the current Region. Can only be called by the Detective administrator account for the organization.
" }, "shapes": { "AcceptInvitationRequest": { @@ -25,7 +30,7 @@ } }, "Account": { - "base": "An AWS account that is the administrator account of or a member of a behavior graph.
", + "base": "An Amazon Web Services account that is the administrator account of or a member of a behavior graph.
", "refs": { "AccountList$member": null } @@ -33,33 +38,49 @@ "AccountId": { "base": null, "refs": { - "Account$AccountId": "The account identifier of the AWS account.
", + "Account$AccountId": "The account identifier of the Amazon Web Services account.
", "AccountIdList$member": null, - "MemberDetail$AccountId": "The AWS account identifier for the member account.
", - "MemberDetail$MasterId": "The AWS account identifier of the administrator account for the behavior graph.
", - "MemberDetail$AdministratorId": "The AWS account identifier of the administrator account for the behavior graph.
", + "Administrator$AccountId": "The Amazon Web Services account identifier of the Detective administrator account for the organization.
", + "EnableOrganizationAdminAccountRequest$AccountId": "The Amazon Web Services account identifier of the account to designate as the Detective administrator account for the organization.
", + "MemberDetail$AccountId": "The Amazon Web Services account identifier for the member account.
", + "MemberDetail$MasterId": "The Amazon Web Services account identifier of the administrator account for the behavior graph.
", + "MemberDetail$AdministratorId": "The Amazon Web Services account identifier of the administrator account for the behavior graph.
", "StartMonitoringMemberRequest$AccountId": "The account ID of the member account to try to enable.
The account must be an invited member account with a status of ACCEPTED_BUT_DISABLED.
The AWS account identifier of the member account that was not processed.
" + "UnprocessedAccount$AccountId": "The Amazon Web Services account identifier of the member account that was not processed.
" } }, "AccountIdList": { "base": null, "refs": { - "DeleteMembersRequest$AccountIds": "The list of AWS account identifiers for the member accounts to delete from the behavior graph. You can delete up to 50 member accounts at a time.
", - "DeleteMembersResponse$AccountIds": "The list of AWS account identifiers for the member accounts that Detective successfully deleted from the behavior graph.
", - "GetMembersRequest$AccountIds": "The list of AWS account identifiers for the member account for which to return member details. You can request details for up to 50 member accounts at a time.
You cannot use GetMembers to retrieve information about member accounts that were removed from the behavior graph.
The list of Amazon Web Services account identifiers for the member accounts to remove from the behavior graph. You can remove up to 50 member accounts at a time.
", + "DeleteMembersResponse$AccountIds": "The list of Amazon Web Services account identifiers for the member accounts that Detective successfully removed from the behavior graph.
", + "GetMembersRequest$AccountIds": "The list of Amazon Web Services account identifiers for the member account for which to return member details. You can request details for up to 50 member accounts at a time.
You cannot use GetMembers to retrieve information about member accounts that were removed from the behavior graph.
The list of AWS accounts to invite to become member accounts in the behavior graph. You can invite up to 50 accounts at a time. For each invited account, the account list contains the account identifier and the AWS account root user email address.
" + "CreateMembersRequest$Accounts": "The list of Amazon Web Services accounts to invite or to enable. You can invite or enable up to 50 accounts at a time. For each invited account, the account list contains the account identifier and the Amazon Web Services account root user email address. For organization accounts in the organization behavior graph, the email address is not required.
" + } + }, + "Administrator": { + "base": "Information about the Detective administrator account for an organization.
", + "refs": { + "AdministratorList$member": null + } + }, + "AdministratorList": { + "base": null, + "refs": { + "ListOrganizationAdminAccountsResponse$Administrators": "The list of delegated administrator accounts.
" } }, "Boolean": { "base": null, "refs": { - "CreateMembersRequest$DisableEmailNotification": "if set to true, then the member accounts do not receive email notifications. By default, this is set to false, and the member accounts receive email notifications.
if set to true, then the invited accounts do not receive email notifications. By default, this is set to false, and the invited accounts receive email notifications.
Organization accounts in the organization behavior graph do not receive email notifications.
", + "DescribeOrganizationConfigurationResponse$AutoEnable": "Indicates whether to automatically enable new organization accounts as member accounts in the organization behavior graph.
", + "UpdateOrganizationConfigurationRequest$AutoEnable": "Indicates whether to automatically enable new organization accounts as member accounts in the organization behavior graph.
" } }, "ByteValue": { @@ -108,6 +129,16 @@ "refs": { } }, + "DescribeOrganizationConfigurationRequest": { + "base": null, + "refs": { + } + }, + "DescribeOrganizationConfigurationResponse": { + "base": null, + "refs": { + } + }, "DisassociateMembershipRequest": { "base": null, "refs": { @@ -116,8 +147,8 @@ "EmailAddress": { "base": null, "refs": { - "Account$EmailAddress": "The AWS account root user email address for the AWS account.
", - "MemberDetail$EmailAddress": "The AWS account root user email address for the member account.
" + "Account$EmailAddress": "The Amazon Web Services account root user email address for the Amazon Web Services account.
", + "MemberDetail$EmailAddress": "The Amazon Web Services account root user email address for the member account.
" } }, "EmailMessage": { @@ -126,6 +157,11 @@ "CreateMembersRequest$Message": "Customized message text to include in the invitation email message to the invited member accounts.
" } }, + "EnableOrganizationAdminAccountRequest": { + "base": null, + "refs": { + } + }, "ErrorMessage": { "base": null, "refs": { @@ -133,6 +169,7 @@ "InternalServerException$Message": null, "ResourceNotFoundException$Message": null, "ServiceQuotaExceededException$Message": null, + "TooManyRequestsException$Message": null, "ValidationException$Message": null } }, @@ -156,20 +193,23 @@ "base": null, "refs": { "AcceptInvitationRequest$GraphArn": "The ARN of the behavior graph that the member account is accepting the invitation for.
The member account status in the behavior graph must be INVITED.
The ARN of the organization behavior graph.
", "CreateGraphResponse$GraphArn": "The ARN of the new behavior graph.
", - "CreateMembersRequest$GraphArn": "The ARN of the behavior graph to invite the member accounts to contribute their data to.
", + "CreateMembersRequest$GraphArn": "The ARN of the behavior graph.
", "DeleteGraphRequest$GraphArn": "The ARN of the behavior graph to disable.
", - "DeleteMembersRequest$GraphArn": "The ARN of the behavior graph to delete members from.
", + "DeleteMembersRequest$GraphArn": "The ARN of the behavior graph to remove members from.
", + "DescribeOrganizationConfigurationRequest$GraphArn": "The ARN of the organization behavior graph.
", "DisassociateMembershipRequest$GraphArn": "The ARN of the behavior graph to remove the member account from.
The member account's member status in the behavior graph must be ENABLED.
The ARN of the behavior graph for which to request the member details.
", "Graph$Arn": "The ARN of the behavior graph.
", "ListMembersRequest$GraphArn": "The ARN of the behavior graph for which to retrieve the list of member accounts.
", "ListTagsForResourceRequest$ResourceArn": "The ARN of the behavior graph for which to retrieve the tag values.
", - "MemberDetail$GraphArn": "The ARN of the behavior graph that the member account was invited to.
", + "MemberDetail$GraphArn": "The ARN of the behavior graph.
", "RejectInvitationRequest$GraphArn": "The ARN of the behavior graph to reject the invitation to.
The member account's current member status in the behavior graph must be INVITED.
The ARN of the behavior graph.
", "TagResourceRequest$ResourceArn": "The ARN of the behavior graph to assign the tags to.
", - "UntagResourceRequest$ResourceArn": "The ARN of the behavior graph to remove the tags from.
" + "UntagResourceRequest$ResourceArn": "The ARN of the behavior graph to remove the tags from.
", + "UpdateOrganizationConfigurationRequest$GraphArn": "The ARN of the organization behavior graph.
" } }, "GraphList": { @@ -183,6 +223,12 @@ "refs": { } }, + "InvitationType": { + "base": null, + "refs": { + "MemberDetail$InvitationType": "The type of behavior graph membership.
For an organization account in the organization behavior graph, the type is ORGANIZATION.
For an account that was invited to a behavior graph, the type is INVITATION.
Details about a member account that was invited to contribute to a behavior graph.
", + "base": "Details about a member account in a behavior graph.
", "refs": { "MemberDetailList$member": null } @@ -232,10 +288,10 @@ "MemberDetailList": { "base": null, "refs": { - "CreateMembersResponse$Members": "The set of member account invitation requests that Detective was able to process. This includes accounts that are being verified, that failed verification, and that passed verification and are being sent an invitation.
", + "CreateMembersResponse$Members": "The set of member account invitation or enablement requests that Detective was able to process. This includes accounts that are being verified, that failed verification, and that passed verification and are being sent an invitation or are being enabled.
", "GetMembersResponse$MemberDetails": "The member account details that Detective is returning in response to the request.
", "ListInvitationsResponse$Invitations": "The list of behavior graphs for which the member account has open or accepted invitations.
", - "ListMembersResponse$MemberDetails": "The list of member accounts in the behavior graph.
The results include member accounts that did not pass verification and member accounts that have not yet accepted the invitation to the behavior graph. The results do not include member accounts that were removed from the behavior graph.
" + "ListMembersResponse$MemberDetails": "The list of member accounts in the behavior graph.
For invited accounts, the results include member accounts that did not pass verification and member accounts that have not yet accepted the invitation to the behavior graph. The results do not include member accounts that were removed from the behavior graph.
For the organization behavior graph, the results do not include organization accounts that the Detective administrator account has not enabled as member accounts.
" } }, "MemberDisabledReason": { @@ -249,13 +305,14 @@ "refs": { "ListGraphsRequest$MaxResults": "The maximum number of graphs to return at a time. The total must be less than the overall limit on the number of results to return, which is currently 200.
", "ListInvitationsRequest$MaxResults": "The maximum number of behavior graph invitations to return in the response. The total must be less than the overall limit on the number of results to return, which is currently 200.
", - "ListMembersRequest$MaxResults": "The maximum number of member accounts to include in the response. The total must be less than the overall limit on the number of results to return, which is currently 200.
" + "ListMembersRequest$MaxResults": "The maximum number of member accounts to include in the response. The total must be less than the overall limit on the number of results to return, which is currently 200.
", + "ListOrganizationAdminAccountsRequest$MaxResults": "The maximum number of results to return.
" } }, "MemberStatus": { "base": null, "refs": { - "MemberDetail$Status": "The current membership status of the member account. The status can have one of the following values:
INVITED - Indicates that the member was sent an invitation but has not yet responded.
VERIFICATION_IN_PROGRESS - Indicates that Detective is verifying that the account identifier and email address provided for the member account match. If they do match, then Detective sends the invitation. If the email address and account identifier don't match, then the member cannot be added to the behavior graph.
VERIFICATION_FAILED - Indicates that the account and email address provided for the member account do not match, and Detective did not send an invitation to the account.
ENABLED - Indicates that the member account accepted the invitation to contribute to the behavior graph.
ACCEPTED_BUT_DISABLED - Indicates that the member account accepted the invitation but is prevented from contributing data to the behavior graph. DisabledReason provides the reason why the member account is not enabled.
Member accounts that declined an invitation or that were removed from the behavior graph are not included.
" + "MemberDetail$Status": "The current membership status of the member account. The status can have one of the following values:
INVITED - For invited accounts only. Indicates that the member was sent an invitation but has not yet responded.
VERIFICATION_IN_PROGRESS - For invited accounts only, indicates that Detective is verifying that the account identifier and email address provided for the member account match. If they do match, then Detective sends the invitation. If the email address and account identifier don't match, then the member cannot be added to the behavior graph.
For organization accounts in the organization behavior graph, indicates that Detective is verifying that the account belongs to the organization.
VERIFICATION_FAILED - For invited accounts only. Indicates that the account and email address provided for the member account do not match, and Detective did not send an invitation to the account.
ENABLED - Indicates that the member account currently contributes data to the behavior graph. For invited accounts, the member account accepted the invitation. For organization accounts in the organization behavior graph, the Detective administrator account enabled the organization account as a member account.
ACCEPTED_BUT_DISABLED - The account accepted the invitation, or was enabled by the Detective administrator account, but is prevented from contributing data to the behavior graph. DisabledReason provides the reason why the member account is not enabled.
Invited accounts that declined an invitation or that were removed from the behavior graph are not included. In the organization behavior graph, organization accounts that the Detective administrator account did not enable are not included.
" } }, "PaginationToken": { @@ -266,7 +323,9 @@ "ListInvitationsRequest$NextToken": "For requests to retrieve the next page of results, the pagination token that was returned with the previous page of results. The initial request does not include a pagination token.
", "ListInvitationsResponse$NextToken": "If there are more behavior graphs remaining in the results, then this is the pagination token to use to request the next page of behavior graphs.
", "ListMembersRequest$NextToken": "For requests to retrieve the next page of member account results, the pagination token that was returned with the previous page of results. The initial request does not include a pagination token.
", - "ListMembersResponse$NextToken": "If there are more member accounts remaining in the results, then this is the pagination token to use to request the next page of member accounts.
" + "ListMembersResponse$NextToken": "If there are more member accounts remaining in the results, then use this pagination token to request the next page of member accounts.
", + "ListOrganizationAdminAccountsRequest$NextToken": "For requests to get the next page of results, the pagination token that was returned with the previous set of results. The initial request does not include a pagination token.
", + "ListOrganizationAdminAccountsResponse$NextToken": "If there are more accounts remaining in the results, then this is the pagination token to use to request the next page of accounts.
" } }, "Percentage": { @@ -286,7 +345,7 @@ } }, "ServiceQuotaExceededException": { - "base": "This request cannot be completed for one of the following reasons.
The request would cause the number of member accounts in the behavior graph to exceed the maximum allowed. A behavior graph cannot have more than 1000 member accounts.
The request would cause the data rate for the behavior graph to exceed the maximum allowed.
Detective is unable to verify the data rate for the member account. This is usually because the member account is not enrolled in Amazon GuardDuty.
This request cannot be completed for one of the following reasons.
The request would cause the number of member accounts in the behavior graph to exceed the maximum allowed. A behavior graph cannot have more than 1200 member accounts.
The request would cause the data rate for the behavior graph to exceed the maximum allowed.
Detective is unable to verify the data rate for the member account. This is usually because the member account is not enrolled in Amazon GuardDuty.
The date and time that the behavior graph was created. The value is in milliseconds since the epoch.
", - "MemberDetail$InvitedTime": "The date and time that Detective sent the invitation to the member account. The value is in milliseconds since the epoch.
", - "MemberDetail$UpdatedTime": "The date and time that the member account was last updated. The value is in milliseconds since the epoch.
", - "MemberDetail$VolumeUsageUpdatedTime": "The data and time when the member account data volume was last updated.
", - "MemberDetail$PercentOfGraphUtilizationUpdatedTime": "The date and time when the graph utilization percentage was last updated.
" + "Administrator$DelegationTime": "The date and time when the Detective administrator account was enabled. The value is an ISO8601 formatted string. For example, 2021-08-18T16:35:56.284Z.
The date and time that the behavior graph was created. The value is an ISO8601 formatted string. For example, 2021-08-18T16:35:56.284Z.
For invited accounts, the date and time that Detective sent the invitation to the account. The value is an ISO8601 formatted string. For example, 2021-08-18T16:35:56.284Z.
The date and time that the member account was last updated. The value is an ISO8601 formatted string. For example, 2021-08-18T16:35:56.284Z.
The data and time when the member account data volume was last updated. The value is an ISO8601 formatted string. For example, 2021-08-18T16:35:56.284Z.
The date and time when the graph utilization percentage was last updated. The value is an ISO8601 formatted string. For example, 2021-08-18T16:35:56.284Z.
The request cannot be completed because too many other requests are occurring at the same time.
", + "refs": { } }, "UnprocessedAccount": { @@ -351,8 +416,8 @@ "UnprocessedAccountList": { "base": null, "refs": { - "CreateMembersResponse$UnprocessedAccounts": "The list of accounts for which Detective was unable to process the invitation request. For each account, the list provides the reason why the request could not be processed. The list includes accounts that are already member accounts in the behavior graph.
", - "DeleteMembersResponse$UnprocessedAccounts": "The list of member accounts that Detective was not able to delete from the behavior graph. For each member account, provides the reason that the deletion could not be processed.
", + "CreateMembersResponse$UnprocessedAccounts": "The list of accounts for which Detective was unable to process the invitation or enablement request. For each account, the list provides the reason why the request could not be processed. The list includes accounts that are already member accounts in the behavior graph.
", + "DeleteMembersResponse$UnprocessedAccounts": "The list of member accounts that Detective was not able to remove from the behavior graph. For each member account, provides the reason that the deletion could not be processed.
", "GetMembersResponse$UnprocessedAccounts": "The requested member accounts for which Detective was unable to return member details.
For each account, provides the reason why the request could not be processed.
" } }, @@ -372,6 +437,11 @@ "refs": { } }, + "UpdateOrganizationConfigurationRequest": { + "base": null, + "refs": { + } + }, "ValidationException": { "base": "The request parameters are invalid.
", "refs": { diff --git a/models/apis/detective/2018-10-26/paginators-1.json b/models/apis/detective/2018-10-26/paginators-1.json index 8ead136f5e..e0b0d35398 100644 --- a/models/apis/detective/2018-10-26/paginators-1.json +++ b/models/apis/detective/2018-10-26/paginators-1.json @@ -14,6 +14,11 @@ "input_token": "NextToken", "output_token": "NextToken", "limit_key": "MaxResults" + }, + "ListOrganizationAdminAccounts": { + "input_token": "NextToken", + "output_token": "NextToken", + "limit_key": "MaxResults" } } } diff --git a/models/apis/greengrassv2/2020-11-30/api-2.json b/models/apis/greengrassv2/2020-11-30/api-2.json index db5b6015df..882abbc8db 100644 --- a/models/apis/greengrassv2/2020-11-30/api-2.json +++ b/models/apis/greengrassv2/2020-11-30/api-2.json @@ -3,7 +3,6 @@ "metadata":{ "apiVersion":"2020-11-30", "endpointPrefix":"greengrass", - "jsonVersion":"1.1", "protocol":"rest-json", "serviceAbbreviation":"AWS GreengrassV2", "serviceFullName":"AWS IoT Greengrass V2", @@ -12,6 +11,20 @@ "uid":"greengrassv2-2020-11-30" }, "operations":{ + "AssociateServiceRoleToAccount":{ + "name":"AssociateServiceRoleToAccount", + "http":{ + "method":"PUT", + "requestUri":"/greengrass/servicerole", + "responseCode":200 + }, + "input":{"shape":"AssociateServiceRoleToAccountRequest"}, + "output":{"shape":"AssociateServiceRoleToAccountResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"InternalServerException"} + ] + }, "BatchAssociateClientDeviceWithCoreDevice":{ "name":"BatchAssociateClientDeviceWithCoreDevice", "http":{ @@ -150,6 +163,19 @@ {"shape":"InternalServerException"} ] }, + "DisassociateServiceRoleFromAccount":{ + "name":"DisassociateServiceRoleFromAccount", + "http":{ + "method":"DELETE", + "requestUri":"/greengrass/servicerole", + "responseCode":200 + }, + "input":{"shape":"DisassociateServiceRoleFromAccountRequest"}, + "output":{"shape":"DisassociateServiceRoleFromAccountResponse"}, + "errors":[ + {"shape":"InternalServerException"} + ] + }, "GetComponent":{ "name":"GetComponent", "http":{ @@ -182,6 +208,20 @@ {"shape":"InternalServerException"} ] }, + "GetConnectivityInfo":{ + "name":"GetConnectivityInfo", + "http":{ + "method":"GET", + "requestUri":"/greengrass/things/{thingName}/connectivityInfo", + "responseCode":200 + }, + "input":{"shape":"GetConnectivityInfoRequest"}, + "output":{"shape":"GetConnectivityInfoResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"InternalServerException"} + ] + }, "GetCoreDevice":{ "name":"GetCoreDevice", "http":{ @@ -214,6 +254,19 @@ {"shape":"ThrottlingException"} ] }, + "GetServiceRoleForAccount":{ + "name":"GetServiceRoleForAccount", + "http":{ + "method":"GET", + "requestUri":"/greengrass/servicerole", + "responseCode":200 + }, + "input":{"shape":"GetServiceRoleForAccountRequest"}, + "output":{"shape":"GetServiceRoleForAccountResponse"}, + "errors":[ + {"shape":"InternalServerException"} + ] + }, "ListClientDevicesAssociatedWithCoreDevice":{ "name":"ListClientDevicesAssociatedWithCoreDevice", "http":{ @@ -382,6 +435,20 @@ {"shape":"ValidationException"}, {"shape":"ResourceNotFoundException"} ] + }, + "UpdateConnectivityInfo":{ + "name":"UpdateConnectivityInfo", + "http":{ + "method":"PUT", + "requestUri":"/greengrass/things/{thingName}/connectivityInfo", + "responseCode":200 + }, + "input":{"shape":"UpdateConnectivityInfoRequest"}, + "output":{"shape":"UpdateConnectivityInfoResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"InternalServerException"} + ] } }, "shapes":{ @@ -421,6 +488,25 @@ "max":100, "min":1 }, + "AssociateServiceRoleToAccountRequest":{ + "type":"structure", + "required":["roleArn"], + "members":{ + "roleArn":{ + "shape":"String", + "locationName":"RoleArn" + } + } + }, + "AssociateServiceRoleToAccountResponse":{ + "type":"structure", + "members":{ + "associatedAt":{ + "shape":"String", + "locationName":"AssociatedAt" + } + } + }, "AssociatedClientDevice":{ "type":"structure", "members":{ @@ -681,6 +767,27 @@ "error":{"httpStatusCode":409}, "exception":true }, + "ConnectivityInfo":{ + "type":"structure", + "members":{ + "id":{ + "shape":"String", + "locationName":"Id" + }, + "hostAddress":{ + "shape":"String", + "locationName":"HostAddress" + }, + "portNumber":{ + "shape":"PortNumberInt", + "locationName":"PortNumber" + }, + "metadata":{ + "shape":"String", + "locationName":"Metadata" + } + } + }, "CoreDevice":{ "type":"structure", "members":{ @@ -936,6 +1043,20 @@ "max":100, "min":1 }, + "DisassociateServiceRoleFromAccountRequest":{ + "type":"structure", + "members":{ + } + }, + "DisassociateServiceRoleFromAccountResponse":{ + "type":"structure", + "members":{ + "disassociatedAt":{ + "shape":"String", + "locationName":"DisassociatedAt" + } + } + }, "EffectiveDeployment":{ "type":"structure", "required":[ @@ -1039,6 +1160,30 @@ "preSignedUrl":{"shape":"NonEmptyString"} } }, + "GetConnectivityInfoRequest":{ + "type":"structure", + "required":["thingName"], + "members":{ + "thingName":{ + "shape":"CoreDeviceThingName", + "location":"uri", + "locationName":"thingName" + } + } + }, + "GetConnectivityInfoResponse":{ + "type":"structure", + "members":{ + "connectivityInfo":{ + "shape":"connectivityInfoList", + "locationName":"ConnectivityInfo" + }, + "message":{ + "shape":"String", + "locationName":"Message" + } + } + }, "GetCoreDeviceRequest":{ "type":"structure", "required":["coreDeviceThingName"], @@ -1091,6 +1236,24 @@ "tags":{"shape":"TagMap"} } }, + "GetServiceRoleForAccountRequest":{ + "type":"structure", + "members":{ + } + }, + "GetServiceRoleForAccountResponse":{ + "type":"structure", + "members":{ + "associatedAt":{ + "shape":"String", + "locationName":"AssociatedAt" + }, + "roleArn":{ + "shape":"String", + "locationName":"RoleArn" + } + } + }, "InstalledComponent":{ "type":"structure", "members":{ @@ -1683,6 +1846,11 @@ "key":{"shape":"NonEmptyString"}, "value":{"shape":"NonEmptyString"} }, + "PortNumberInt":{ + "type":"integer", + "max":65535, + "min":0 + }, "PublisherString":{"type":"string"}, "Reason":{"type":"string"}, "RecipeBlob":{"type":"blob"}, @@ -1871,6 +2039,37 @@ "members":{ } }, + "UpdateConnectivityInfoRequest":{ + "type":"structure", + "required":[ + "thingName", + "connectivityInfo" + ], + "members":{ + "thingName":{ + "shape":"CoreDeviceThingName", + "location":"uri", + "locationName":"thingName" + }, + "connectivityInfo":{ + "shape":"connectivityInfoList", + "locationName":"ConnectivityInfo" + } + } + }, + "UpdateConnectivityInfoResponse":{ + "type":"structure", + "members":{ + "version":{ + "shape":"String", + "locationName":"Version" + }, + "message":{ + "shape":"String", + "locationName":"Message" + } + } + }, "ValidationException":{ "type":"structure", "required":["message"], @@ -1905,6 +2104,10 @@ "FIELD_VALIDATION_FAILED", "OTHER" ] + }, + "connectivityInfoList":{ + "type":"list", + "member":{"shape":"ConnectivityInfo"} } } } diff --git a/models/apis/greengrassv2/2020-11-30/docs-2.json b/models/apis/greengrassv2/2020-11-30/docs-2.json index 8ff61d6153..b82e41c591 100644 --- a/models/apis/greengrassv2/2020-11-30/docs-2.json +++ b/models/apis/greengrassv2/2020-11-30/docs-2.json @@ -2,18 +2,22 @@ "version": "2.0", "service": "IoT Greengrass brings local compute, messaging, data management, sync, and ML inference capabilities to edge devices. This enables devices to collect and analyze data closer to the source of information, react autonomously to local events, and communicate securely with each other on local networks. Local devices can also communicate securely with Amazon Web Services IoT Core and export IoT data to the Amazon Web Services Cloud. IoT Greengrass developers can use Lambda functions and components to create and deploy applications to fleets of edge devices for local operation.
IoT Greengrass Version 2 provides a new major version of the IoT Greengrass Core software, new APIs, and a new console. Use this API reference to learn how to use the IoT Greengrass V2 API operations to manage components, manage deployments, and core devices.
For more information, see What is IoT Greengrass? in the IoT Greengrass V2 Developer Guide.
", "operations": { - "BatchAssociateClientDeviceWithCoreDevice": "Associate a list of client devices with a core device. Use this API operation to specify which client devices can discover a core device through cloud discovery. With cloud discovery, client devices connect to IoT Greengrass to retrieve associated core devices' connectivity information and certificates. For more information, see Configure cloud discovery in the IoT Greengrass V2 Developer Guide.
Client devices are local IoT devices that connect to and communicate with an IoT Greengrass core device over MQTT. You can connect client devices to a core device to sync MQTT messages and data to Amazon Web Services IoT Core and interact with client devices in Greengrass components. For more information, see Interact with local IoT devices in the IoT Greengrass V2 Developer Guide.
Disassociate a list of client devices from a core device. After you disassociate a client device from a core device, the client device won't be able to use cloud discovery to retrieve the core device's connectivity information and certificates.
", + "AssociateServiceRoleToAccount": "Associates a Greengrass service role with IoT Greengrass for your Amazon Web Services account in this Amazon Web Services Region. IoT Greengrass uses this role to verify the identity of client devices and manage core device connectivity information. The role must include the AWSGreengrassResourceAccessRolePolicy managed policy or a custom policy that defines equivalent permissions for the IoT Greengrass features that you use. For more information, see Greengrass service role in the IoT Greengrass Version 2 Developer Guide.
", + "BatchAssociateClientDeviceWithCoreDevice": "Associates a list of client devices with a core device. Use this API operation to specify which client devices can discover a core device through cloud discovery. With cloud discovery, client devices connect to IoT Greengrass to retrieve associated core devices' connectivity information and certificates. For more information, see Configure cloud discovery in the IoT Greengrass V2 Developer Guide.
Client devices are local IoT devices that connect to and communicate with an IoT Greengrass core device over MQTT. You can connect client devices to a core device to sync MQTT messages and data to Amazon Web Services IoT Core and interact with client devices in Greengrass components. For more information, see Interact with local IoT devices in the IoT Greengrass V2 Developer Guide.
Disassociates a list of client devices from a core device. After you disassociate a client device from a core device, the client device won't be able to use cloud discovery to retrieve the core device's connectivity information and certificates.
", "CancelDeployment": "Cancels a deployment. This operation cancels the deployment for devices that haven't yet received it. If a device already received the deployment, this operation doesn't change anything for that device.
", "CreateComponentVersion": "Creates a component. Components are software that run on Greengrass core devices. After you develop and test a component on your core device, you can use this operation to upload your component to IoT Greengrass. Then, you can deploy the component to other core devices.
You can use this operation to do the following:
Create components from recipes
Create a component from a recipe, which is a file that defines the component's metadata, parameters, dependencies, lifecycle, artifacts, and platform capability. For more information, see IoT Greengrass component recipe reference in the IoT Greengrass V2 Developer Guide.
To create a component from a recipe, specify inlineRecipe when you call this operation.
Create components from Lambda functions
Create a component from an Lambda function that runs on IoT Greengrass. This creates a recipe and artifacts from the Lambda function's deployment package. You can use this operation to migrate Lambda functions from IoT Greengrass V1 to IoT Greengrass V2.
This function only accepts Lambda functions that use the following runtimes:
Python 2.7 – python2.7
Python 3.7 – python3.7
Python 3.8 – python3.8
Java 8 – java8
Node.js 10 – nodejs10.x
Node.js 12 – nodejs12.x
To create a component from a Lambda function, specify lambdaFunction when you call this operation.
IoT Greengrass currently supports Lambda functions on only Linux core devices.
Creates a continuous deployment for a target, which is a Greengrass core device or group of core devices. When you add a new core device to a group of core devices that has a deployment, IoT Greengrass deploys that group's deployment to the new device.
You can define one deployment for each target. When you create a new deployment for a target that has an existing deployment, you replace the previous deployment. IoT Greengrass applies the new deployment to the target devices.
Every deployment has a revision number that indicates how many deployment revisions you define for a target. Use this operation to create a new revision of an existing deployment. This operation returns the revision number of the new deployment when you create it.
For more information, see the Create deployments in the IoT Greengrass V2 Developer Guide.
", "DeleteComponent": "Deletes a version of a component from IoT Greengrass.
This operation deletes the component's recipe and artifacts. As a result, deployments that refer to this component version will fail. If you have deployments that use this component version, you can remove the component from the deployment or update the deployment to use a valid version.
Deletes a Greengrass core device, which is an IoT thing. This operation removes the core device from the list of core devices. This operation doesn't delete the IoT thing. For more information about how to delete the IoT thing, see DeleteThing in the IoT API Reference.
", "DescribeComponent": "Retrieves metadata for a version of a component.
", + "DisassociateServiceRoleFromAccount": "Disassociates the Greengrass service role from IoT Greengrass for your Amazon Web Services account in this Amazon Web Services Region. Without a service role, IoT Greengrass can't verify the identity of client devices or manage core device connectivity information. For more information, see Greengrass service role in the IoT Greengrass Version 2 Developer Guide.
", "GetComponent": "Gets the recipe for a version of a component. Core devices can call this operation to identify the artifacts and requirements to install a component.
", "GetComponentVersionArtifact": "Gets the pre-signed URL to download a public component artifact. Core devices call this operation to identify the URL that they can use to download an artifact to install.
", + "GetConnectivityInfo": "Retrieves connectivity information for a Greengrass core device.
Connectivity information includes endpoints and ports where client devices can connect to an MQTT broker on the core device. When a client device calls the Greengrass discovery API, IoT Greengrass returns connectivity information for all of the core devices where the client device can connect. For more information, see Connect client devices to core devices in the IoT Greengrass Version 2 Developer Guide.
", "GetCoreDevice": "Retrieves metadata for a Greengrass core device.
", "GetDeployment": "Gets a deployment. Deployments define the components that run on Greengrass core devices.
", + "GetServiceRoleForAccount": "Gets the service role associated with IoT Greengrass for your Amazon Web Services account in this Amazon Web Services Region. IoT Greengrass uses this role to verify the identity of client devices and manage core device connectivity information. For more information, see Greengrass service role in the IoT Greengrass Version 2 Developer Guide.
", "ListClientDevicesAssociatedWithCoreDevice": "Retrieves a paginated list of client devices that are associated with a core device.
", "ListComponentVersions": "Retrieves a paginated list of all versions for a component. Greater versions are listed first.
", "ListComponents": "Retrieves a paginated list of component summaries. This list includes components that you have permission to view.
", @@ -24,7 +28,8 @@ "ListTagsForResource": "Retrieves the list of tags for an IoT Greengrass resource.
", "ResolveComponentCandidates": "Retrieves a list of components that meet the component, version, and platform requirements of a deployment. Greengrass core devices call this operation when they receive a deployment to identify the components to install.
This operation identifies components that meet all dependency requirements for a deployment. If the requirements conflict, then this operation returns an error and the deployment fails. For example, this occurs if component A requires version >2.0.0 and component B requires version <2.0.0 of a component dependency.
When you specify the component candidates to resolve, IoT Greengrass compares each component's digest from the core device with the component's digest in the Amazon Web Services Cloud. If the digests don't match, then IoT Greengrass specifies to use the version from the Amazon Web Services Cloud.
To use this operation, you must use the data plane API endpoint and authenticate with an IoT device certificate. For more information, see IoT Greengrass endpoints and quotas.
Adds tags to an IoT Greengrass resource. If a tag already exists for the resource, this operation updates the tag's value.
", - "UntagResource": "Removes a tag from an IoT Greengrass resource.
" + "UntagResource": "Removes a tag from an IoT Greengrass resource.
", + "UpdateConnectivityInfo": "Updates connectivity information for a Greengrass core device.
Connectivity information includes endpoints and ports where client devices can connect to an MQTT broker on the core device. When a client device calls the Greengrass discovery API, IoT Greengrass returns connectivity information for all of the core devices where the client device can connect. For more information, see Connect client devices to core devices in the IoT Greengrass Version 2 Developer Guide.
" }, "shapes": { "AccessDeniedException": { @@ -56,6 +61,16 @@ "BatchAssociateClientDeviceWithCoreDeviceResponse$errorEntries": "The list of any errors for the entries in the request. Each error entry contains the name of the IoT thing that failed to associate.
" } }, + "AssociateServiceRoleToAccountRequest": { + "base": null, + "refs": { + } + }, + "AssociateServiceRoleToAccountResponse": { + "base": null, + "refs": { + } + }, "AssociatedClientDevice": { "base": "Contains information about a client device that is associated to a core device for cloud discovery.
", "refs": { @@ -306,6 +321,12 @@ "refs": { } }, + "ConnectivityInfo": { + "base": "Contains information about an endpoint and port where client devices can connect to an MQTT broker on a Greengrass core device.
", + "refs": { + "connectivityInfoList$member": null + } + }, "CoreDevice": { "base": "Contains information about a Greengrass core device, which is an IoT thing that runs the IoT Greengrass Core software.
", "refs": { @@ -337,10 +358,12 @@ "refs": { "CoreDevice$coreDeviceThingName": "The name of the core device. This is also the name of the IoT thing.
", "DeleteCoreDeviceRequest$coreDeviceThingName": "The name of the core device. This is also the name of the IoT thing.
", + "GetConnectivityInfoRequest$thingName": "The name of the core device. This is also the name of the IoT thing.
", "GetCoreDeviceRequest$coreDeviceThingName": "The name of the core device. This is also the name of the IoT thing.
", "GetCoreDeviceResponse$coreDeviceThingName": "The name of the core device. This is also the name of the IoT thing.
", "ListEffectiveDeploymentsRequest$coreDeviceThingName": "The name of the core device. This is also the name of the IoT thing.
", - "ListInstalledComponentsRequest$coreDeviceThingName": "The name of the core device. This is also the name of the IoT thing.
" + "ListInstalledComponentsRequest$coreDeviceThingName": "The name of the core device. This is also the name of the IoT thing.
", + "UpdateConnectivityInfoRequest$thingName": "The name of the core device. This is also the name of the IoT thing.
" } }, "CoreDevicesList": { @@ -509,7 +532,17 @@ "DisassociateClientDeviceFromCoreDeviceErrorList": { "base": null, "refs": { - "BatchDisassociateClientDeviceFromCoreDeviceResponse$errorEntries": "The list of errors (if any) for the entries in the request. Each error entry contains the name of the IoT thing that failed to disassociate.
" + "BatchDisassociateClientDeviceFromCoreDeviceResponse$errorEntries": "The list of any errors for the entries in the request. Each error entry contains the name of the IoT thing that failed to disassociate.
" + } + }, + "DisassociateServiceRoleFromAccountRequest": { + "base": null, + "refs": { + } + }, + "DisassociateServiceRoleFromAccountResponse": { + "base": null, + "refs": { } }, "EffectiveDeployment": { @@ -572,6 +605,16 @@ "refs": { } }, + "GetConnectivityInfoRequest": { + "base": null, + "refs": { + } + }, + "GetConnectivityInfoResponse": { + "base": null, + "refs": { + } + }, "GetCoreDeviceRequest": { "base": null, "refs": { @@ -592,6 +635,16 @@ "refs": { } }, + "GetServiceRoleForAccountRequest": { + "base": null, + "refs": { + } + }, + "GetServiceRoleForAccountResponse": { + "base": null, + "refs": { + } + }, "InstalledComponent": { "base": "Contains information about a component on a Greengrass core device.
", "refs": { @@ -1046,6 +1099,12 @@ "ComponentPlatform$attributes": "A dictionary of attributes for the platform. The IoT Greengrass Core software defines the os and platform by default. You can specify additional platform attributes for a core device when you deploy the Greengrass nucleus component. For more information, see the Greengrass nucleus component in the IoT Greengrass V2 Developer Guide.
The port where the MQTT broker operates on the core device. This port is typically 8883, which is the default port for the MQTT broker component that runs on core devices.
" + } + }, "PublisherString": { "base": null, "refs": { @@ -1121,9 +1180,18 @@ "base": null, "refs": { "AccessDeniedException$message": null, + "AssociateServiceRoleToAccountRequest$roleArn": "The Amazon Resource Name (ARN) of the service role to associate with IoT Greengrass for your Amazon Web Services account in this Amazon Web Services Region.
", + "AssociateServiceRoleToAccountResponse$associatedAt": "The time when the service role was associated with IoT Greengrass for your Amazon Web Services account in this Amazon Web Services Region.
", "ConflictException$message": null, "ConflictException$resourceId": "The ID of the resource that conflicts with the request.
", "ConflictException$resourceType": "The type of the resource that conflicts with the request.
", + "ConnectivityInfo$id": "An ID for the connectivity information.
", + "ConnectivityInfo$hostAddress": "The IP address or DNS address where client devices can connect to an MQTT broker on the Greengrass core device.
", + "ConnectivityInfo$metadata": "Additional metadata to provide to client devices that connect to this core device.
", + "DisassociateServiceRoleFromAccountResponse$disassociatedAt": "The time when the service role was disassociated from IoT Greengrass for your Amazon Web Services account in this Amazon Web Services Region.
", + "GetConnectivityInfoResponse$message": "A message about the connectivity information request.
", + "GetServiceRoleForAccountResponse$associatedAt": "The time when the service role was associated with IoT Greengrass for your Amazon Web Services account in this Amazon Web Services Region.
", + "GetServiceRoleForAccountResponse$roleArn": "The ARN of the service role that is associated with IoT Greengrass for your Amazon Web Services account in this Amazon Web Services Region.
", "InternalServerException$message": null, "LambdaEnvironmentVariables$value": null, "RequestAlreadyInProgressException$message": null, @@ -1138,6 +1206,8 @@ "ThrottlingException$message": null, "ThrottlingException$quotaCode": "The code for the quota in Service Quotas.
", "ThrottlingException$serviceCode": "The code for the service in Service Quotas.
", + "UpdateConnectivityInfoResponse$version": "The new version of the connectivity information for the core device.
", + "UpdateConnectivityInfoResponse$message": "A message about the connectivity information update request.
", "ValidationException$message": null, "ValidationExceptionField$name": "The name of the exception field.
", "ValidationExceptionField$message": "The message of the exception field.
" @@ -1249,6 +1319,16 @@ "refs": { } }, + "UpdateConnectivityInfoRequest": { + "base": null, + "refs": { + } + }, + "UpdateConnectivityInfoResponse": { + "base": null, + "refs": { + } + }, "ValidationException": { "base": "The request isn't valid. This can occur if your request contains malformed JSON or unsupported characters.
", "refs": { @@ -1271,6 +1351,13 @@ "refs": { "ValidationException$reason": "The reason for the validation exception.
" } + }, + "connectivityInfoList": { + "base": null, + "refs": { + "GetConnectivityInfoResponse$connectivityInfo": "The connectivity information for the core device.
", + "UpdateConnectivityInfoRequest$connectivityInfo": "The connectivity information for the core device.
" + } } } } diff --git a/models/apis/mediaconvert/2017-08-29/api-2.json b/models/apis/mediaconvert/2017-08-29/api-2.json index 8dc335e4bb..7564b228c8 100644 --- a/models/apis/mediaconvert/2017-08-29/api-2.json +++ b/models/apis/mediaconvert/2017-08-29/api-2.json @@ -1516,7 +1516,7 @@ "locationName": "defaultSelection" }, "ExternalAudioFileInput": { - "shape": "__stringPatternS3MM2PPWWEEBBMMMM2VVMMPPEEGGMMPP3AAVVIIMMPP4FFLLVVMMPPTTMMPPGGMM4VVTTRRPPFF4VVMM2TTSSTTSS264HH264MMKKVVMMKKAAMMOOVVMMTTSSMM2TTWWMMVVaAAASSFFVVOOBB3GGPP3GGPPPPMMXXFFDDIIVVXXXXVVIIDDRRAAWWDDVVGGXXFFMM1VV3GG2VVMMFFMM3UU8LLCCHHGGXXFFMMPPEEGG2MMXXFFMMPPEEGG2MMXXFFHHDDWWAAVVYY4MMAAAACCAAIIFFFFMMPP2AACC3EECC3DDTTSSEEAATTMMOOSSHttpsMM2VVMMPPEEGGMMPP3AAVVIIMMPP4FFLLVVMMPPTTMMPPGGMM4VVTTRRPPFF4VVMM2TTSSTTSS264HH264MMKKVVMMKKAAMMOOVVMMTTSSMM2TTWWMMVVaAAASSFFVVOOBB3GGPP3GGPPPPMMXXFFDDIIVVXXXXVVIIDDRRAAWWDDVVGGXXFFMM1VV3GG2VVMMFFMM3UU8LLCCHHGGXXFFMMPPEEGG2MMXXFFMMPPEEGG2MMXXFFHHDDWWAAVVYY4MMAAAACCAAIIFFFFMMPP2AACC3EECC3DDTTSSEEAATTMMOOSS", + "shape": "__stringPatternS3MM2PPWWEEBBMMMM2VVMMPPEEGGMMPP3AAVVIIMMPP4FFLLVVMMPPTTMMPPGGMM4VVTTRRPPFF4VVMM2TTSSTTSS264HH264MMKKVVMMKKAAMMOOVVMMTTSSMM2TTWWMMVVaAAASSFFVVOOBB3GGPP3GGPPPPMMXXFFDDIIVVXXXXVVIIDDRRAAWWDDVVGGXXFFMM1VV3GG2VVMMFFMM3UU8LLCCHHGGXXFFMMPPEEGG2MMXXFFMMPPEEGG2MMXXFFHHDDWWAAVVYY4MMAAAACCAAIIFFFFMMPP2AACC3EECC3DDTTSSEEAATTMMOOSSOOGGGGaAHttpsMM2VVMMPPEEGGMMPP3AAVVIIMMPP4FFLLVVMMPPTTMMPPGGMM4VVTTRRPPFF4VVMM2TTSSTTSS264HH264MMKKVVMMKKAAMMOOVVMMTTSSMM2TTWWMMVVaAAASSFFVVOOBB3GGPP3GGPPPPMMXXFFDDIIVVXXXXVVIIDDRRAAWWDDVVGGXXFFMM1VV3GG2VVMMFFMM3UU8LLCCHHGGXXFFMMPPEEGG2MMXXFFMMPPEEGG2MMXXFFHHDDWWAAVVYY4MMAAAACCAAIIFFFFMMPP2AACC3EECC3DDTTSSEEAATTMMOOSSOOGGGGaA", "locationName": "externalAudioFileInput" }, "HlsRenditionGroupSettings": { @@ -7996,6 +7996,14 @@ "AUTO" ] }, + "NoiseFilterPostTemporalSharpeningStrength": { + "type": "string", + "enum": [ + "LOW", + "MEDIUM", + "HIGH" + ] + }, "NoiseReducer": { "type": "structure", "members": { @@ -8067,6 +8075,10 @@ "shape": "NoiseFilterPostTemporalSharpening", "locationName": "postTemporalSharpening" }, + "PostTemporalSharpeningStrength": { + "shape": "NoiseFilterPostTemporalSharpeningStrength", + "locationName": "postTemporalSharpeningStrength" + }, "Speed": { "shape": "__integerMinNegative1Max3", "locationName": "speed" @@ -11128,9 +11140,9 @@ "type": "string", "pattern": "^((s3://([^\\/]+\\/+)+([^\\/\\.]+|(([^\\/]*)\\.([mM]2[pP]|[mM]2[vV]|[mM][pP][eE][gG]|[mM][pP]3|[aA][vV][iI]|[mM][pP]4|[fF][lL][vV]|[mM][pP][tT]|[mM][pP][gG]|[mM]4[vV]|[tT][rR][pP]|[fF]4[vV]|[mM]2[tT][sS]|[tT][sS]|264|[hH]264|[mM][kK][vV]|[mM][kK][aA]|[mM][oO][vV]|[mM][tT][sS]|[mM]2[tT]|[wW][mM][vVaA]|[aA][sS][fF]|[vV][oO][bB]|3[gG][pP]|3[gG][pP][pP]|[mM][xX][fF]|[dD][iI][vV][xX]|[xX][vV][iI][dD]|[rR][aA][wW]|[dD][vV]|[gG][xX][fF]|[mM]1[vV]|3[gG]2|[vV][mM][fF]|[mM]3[uU]8|[wW][eE][bB][mM]|[lL][cC][hH]|[gG][xX][fF]_[mM][pP][eE][gG]2|[mM][xX][fF]_[mM][pP][eE][gG]2|[mM][xX][fF][hH][dD]|[wW][aA][vV]|[yY]4[mM]|[xX][mM][lL]|[oO][gG][gGaA]|[aA][tT][mM][oO][sS]))))|(https?://([^\\/]+\\/+)+([^\\/\\.]+|(([^\\/]*)\\.([mM]2[vV]|[mM][pP][eE][gG]|[mM][pP]3|[aA][vV][iI]|[mM][pP]4|[fF][lL][vV]|[mM][pP][tT]|[mM][pP][gG]|[mM]4[vV]|[tT][rR][pP]|[fF]4[vV]|[mM]2[tT][sS]|[tT][sS]|264|[hH]264|[mM][kK][vV]|[mM][kK][aA]|[mM][oO][vV]|[mM][tT][sS]|[mM]2[tT]|[wW][mM][vVaA]|[aA][sS][fF]|[vV][oO][bB]|3[gG][pP]|3[gG][pP][pP]|[mM][xX][fF]|[dD][iI][vV][xX]|[xX][vV][iI][dD]|[rR][aA][wW]|[dD][vV]|[gG][xX][fF]|[mM]1[vV]|3[gG]2|[vV][mM][fF]|[mM]3[uU]8|[wW][eE][bB][mM]|[lL][cC][hH]|[gG][xX][fF]_[mM][pP][eE][gG]2|[mM][xX][fF]_[mM][pP][eE][gG]2|[mM][xX][fF][hH][dD]|[wW][aA][vV]|[yY]4[mM]|[xX][mM][lL]|[oO][gG][gGaA]|[aA][tT][mM][oO][sS])))(\\?([^&=]+=[^&]+&)*[^&=]+=[^&]+)?))$" }, - "__stringPatternS3MM2PPWWEEBBMMMM2VVMMPPEEGGMMPP3AAVVIIMMPP4FFLLVVMMPPTTMMPPGGMM4VVTTRRPPFF4VVMM2TTSSTTSS264HH264MMKKVVMMKKAAMMOOVVMMTTSSMM2TTWWMMVVaAAASSFFVVOOBB3GGPP3GGPPPPMMXXFFDDIIVVXXXXVVIIDDRRAAWWDDVVGGXXFFMM1VV3GG2VVMMFFMM3UU8LLCCHHGGXXFFMMPPEEGG2MMXXFFMMPPEEGG2MMXXFFHHDDWWAAVVYY4MMAAAACCAAIIFFFFMMPP2AACC3EECC3DDTTSSEEAATTMMOOSSHttpsMM2VVMMPPEEGGMMPP3AAVVIIMMPP4FFLLVVMMPPTTMMPPGGMM4VVTTRRPPFF4VVMM2TTSSTTSS264HH264MMKKVVMMKKAAMMOOVVMMTTSSMM2TTWWMMVVaAAASSFFVVOOBB3GGPP3GGPPPPMMXXFFDDIIVVXXXXVVIIDDRRAAWWDDVVGGXXFFMM1VV3GG2VVMMFFMM3UU8LLCCHHGGXXFFMMPPEEGG2MMXXFFMMPPEEGG2MMXXFFHHDDWWAAVVYY4MMAAAACCAAIIFFFFMMPP2AACC3EECC3DDTTSSEEAATTMMOOSS": { + "__stringPatternS3MM2PPWWEEBBMMMM2VVMMPPEEGGMMPP3AAVVIIMMPP4FFLLVVMMPPTTMMPPGGMM4VVTTRRPPFF4VVMM2TTSSTTSS264HH264MMKKVVMMKKAAMMOOVVMMTTSSMM2TTWWMMVVaAAASSFFVVOOBB3GGPP3GGPPPPMMXXFFDDIIVVXXXXVVIIDDRRAAWWDDVVGGXXFFMM1VV3GG2VVMMFFMM3UU8LLCCHHGGXXFFMMPPEEGG2MMXXFFMMPPEEGG2MMXXFFHHDDWWAAVVYY4MMAAAACCAAIIFFFFMMPP2AACC3EECC3DDTTSSEEAATTMMOOSSOOGGGGaAHttpsMM2VVMMPPEEGGMMPP3AAVVIIMMPP4FFLLVVMMPPTTMMPPGGMM4VVTTRRPPFF4VVMM2TTSSTTSS264HH264MMKKVVMMKKAAMMOOVVMMTTSSMM2TTWWMMVVaAAASSFFVVOOBB3GGPP3GGPPPPMMXXFFDDIIVVXXXXVVIIDDRRAAWWDDVVGGXXFFMM1VV3GG2VVMMFFMM3UU8LLCCHHGGXXFFMMPPEEGG2MMXXFFMMPPEEGG2MMXXFFHHDDWWAAVVYY4MMAAAACCAAIIFFFFMMPP2AACC3EECC3DDTTSSEEAATTMMOOSSOOGGGGaA": { "type": "string", - "pattern": "^((s3://([^\\/]+\\/+)+([^\\/\\.]+|(([^\\/]*)\\.([mM]2[pP]|[wW][eE][bB][mM]|[mM]2[vV]|[mM][pP][eE][gG]|[mM][pP]3|[aA][vV][iI]|[mM][pP]4|[fF][lL][vV]|[mM][pP][tT]|[mM][pP][gG]|[mM]4[vV]|[tT][rR][pP]|[fF]4[vV]|[mM]2[tT][sS]|[tT][sS]|264|[hH]264|[mM][kK][vV]|[mM][kK][aA]|[mM][oO][vV]|[mM][tT][sS]|[mM]2[tT]|[wW][mM][vVaA]|[aA][sS][fF]|[vV][oO][bB]|3[gG][pP]|3[gG][pP][pP]|[mM][xX][fF]|[dD][iI][vV][xX]|[xX][vV][iI][dD]|[rR][aA][wW]|[dD][vV]|[gG][xX][fF]|[mM]1[vV]|3[gG]2|[vV][mM][fF]|[mM]3[uU]8|[lL][cC][hH]|[gG][xX][fF]_[mM][pP][eE][gG]2|[mM][xX][fF]_[mM][pP][eE][gG]2|[mM][xX][fF][hH][dD]|[wW][aA][vV]|[yY]4[mM]|[aA][aA][cC]|[aA][iI][fF][fF]|[mM][pP]2|[aA][cC]3|[eE][cC]3|[dD][tT][sS][eE]|[aA][tT][mM][oO][sS]))))|(https?://([^\\/]+\\/+)+([^\\/\\.]+|(([^\\/]*)\\.([mM]2[vV]|[mM][pP][eE][gG]|[mM][pP]3|[aA][vV][iI]|[mM][pP]4|[fF][lL][vV]|[mM][pP][tT]|[mM][pP][gG]|[mM]4[vV]|[tT][rR][pP]|[fF]4[vV]|[mM]2[tT][sS]|[tT][sS]|264|[hH]264|[mM][kK][vV]|[mM][kK][aA]|[mM][oO][vV]|[mM][tT][sS]|[mM]2[tT]|[wW][mM][vVaA]|[aA][sS][fF]|[vV][oO][bB]|3[gG][pP]|3[gG][pP][pP]|[mM][xX][fF]|[dD][iI][vV][xX]|[xX][vV][iI][dD]|[rR][aA][wW]|[dD][vV]|[gG][xX][fF]|[mM]1[vV]|3[gG]2|[vV][mM][fF]|[mM]3[uU]8|[lL][cC][hH]|[gG][xX][fF]_[mM][pP][eE][gG]2|[mM][xX][fF]_[mM][pP][eE][gG]2|[mM][xX][fF][hH][dD]|[wW][aA][vV]|[yY]4[mM]|[aA][aA][cC]|[aA][iI][fF][fF]|[mM][pP]2|[aA][cC]3|[eE][cC]3|[dD][tT][sS][eE]|[aA][tT][mM][oO][sS])))(\\?([^&=]+=[^&]+&)*[^&=]+=[^&]+)?))$" + "pattern": "^((s3://([^\\/]+\\/+)+([^\\/\\.]+|(([^\\/]*)\\.([mM]2[pP]|[wW][eE][bB][mM]|[mM]2[vV]|[mM][pP][eE][gG]|[mM][pP]3|[aA][vV][iI]|[mM][pP]4|[fF][lL][vV]|[mM][pP][tT]|[mM][pP][gG]|[mM]4[vV]|[tT][rR][pP]|[fF]4[vV]|[mM]2[tT][sS]|[tT][sS]|264|[hH]264|[mM][kK][vV]|[mM][kK][aA]|[mM][oO][vV]|[mM][tT][sS]|[mM]2[tT]|[wW][mM][vVaA]|[aA][sS][fF]|[vV][oO][bB]|3[gG][pP]|3[gG][pP][pP]|[mM][xX][fF]|[dD][iI][vV][xX]|[xX][vV][iI][dD]|[rR][aA][wW]|[dD][vV]|[gG][xX][fF]|[mM]1[vV]|3[gG]2|[vV][mM][fF]|[mM]3[uU]8|[lL][cC][hH]|[gG][xX][fF]_[mM][pP][eE][gG]2|[mM][xX][fF]_[mM][pP][eE][gG]2|[mM][xX][fF][hH][dD]|[wW][aA][vV]|[yY]4[mM]|[aA][aA][cC]|[aA][iI][fF][fF]|[mM][pP]2|[aA][cC]3|[eE][cC]3|[dD][tT][sS][eE]|[aA][tT][mM][oO][sS]|[oO][gG][gGaA]))))|(https?://([^\\/]+\\/+)+([^\\/\\.]+|(([^\\/]*)\\.([mM]2[vV]|[mM][pP][eE][gG]|[mM][pP]3|[aA][vV][iI]|[mM][pP]4|[fF][lL][vV]|[mM][pP][tT]|[mM][pP][gG]|[mM]4[vV]|[tT][rR][pP]|[fF]4[vV]|[mM]2[tT][sS]|[tT][sS]|264|[hH]264|[mM][kK][vV]|[mM][kK][aA]|[mM][oO][vV]|[mM][tT][sS]|[mM]2[tT]|[wW][mM][vVaA]|[aA][sS][fF]|[vV][oO][bB]|3[gG][pP]|3[gG][pP][pP]|[mM][xX][fF]|[dD][iI][vV][xX]|[xX][vV][iI][dD]|[rR][aA][wW]|[dD][vV]|[gG][xX][fF]|[mM]1[vV]|3[gG]2|[vV][mM][fF]|[mM]3[uU]8|[lL][cC][hH]|[gG][xX][fF]_[mM][pP][eE][gG]2|[mM][xX][fF]_[mM][pP][eE][gG]2|[mM][xX][fF][hH][dD]|[wW][aA][vV]|[yY]4[mM]|[aA][aA][cC]|[aA][iI][fF][fF]|[mM][pP]2|[aA][cC]3|[eE][cC]3|[dD][tT][sS][eE]|[aA][tT][mM][oO][sS]|[oO][gG][gGaA])))(\\?([^&=]+=[^&]+&)*[^&=]+=[^&]+)?))$" }, "__stringPatternSNManifestConfirmConditionNotificationNS": { "type": "string", diff --git a/models/apis/mediaconvert/2017-08-29/docs-2.json b/models/apis/mediaconvert/2017-08-29/docs-2.json index eecca3a400..090fe1c51e 100644 --- a/models/apis/mediaconvert/2017-08-29/docs-2.json +++ b/models/apis/mediaconvert/2017-08-29/docs-2.json @@ -2750,9 +2750,15 @@ } }, "NoiseFilterPostTemporalSharpening": { - "base": "Optional. When you set Noise reducer (noiseReducer) to Temporal (TEMPORAL), you can use this setting to apply sharpening. The default behavior, Auto (AUTO), allows the transcoder to determine whether to apply filtering, depending on input type and quality. When you set Noise reducer to Temporal, your output bandwidth is reduced. When Post temporal sharpening is also enabled, that bandwidth reduction is smaller.", + "base": "When you set Noise reducer (noiseReducer) to Temporal (TEMPORAL), the sharpness of your output is reduced. You can optionally use Post temporal sharpening (PostTemporalSharpening) to apply sharpening to the edges of your output. The default behavior, Auto (AUTO), allows the transcoder to determine whether to apply sharpening, depending on your input type and quality. When you set Post temporal sharpening to Enabled (ENABLED), specify how much sharpening is applied using Post temporal sharpening strength (PostTemporalSharpeningStrength). Set Post temporal sharpening to Disabled (DISABLED) to not apply sharpening.", "refs": { - "NoiseReducerTemporalFilterSettings$PostTemporalSharpening": "Optional. When you set Noise reducer (noiseReducer) to Temporal (TEMPORAL), you can use this setting to apply sharpening. The default behavior, Auto (AUTO), allows the transcoder to determine whether to apply filtering, depending on input type and quality. When you set Noise reducer to Temporal, your output bandwidth is reduced. When Post temporal sharpening is also enabled, that bandwidth reduction is smaller." + "NoiseReducerTemporalFilterSettings$PostTemporalSharpening": "When you set Noise reducer (noiseReducer) to Temporal (TEMPORAL), the sharpness of your output is reduced. You can optionally use Post temporal sharpening (PostTemporalSharpening) to apply sharpening to the edges of your output. The default behavior, Auto (AUTO), allows the transcoder to determine whether to apply sharpening, depending on your input type and quality. When you set Post temporal sharpening to Enabled (ENABLED), specify how much sharpening is applied using Post temporal sharpening strength (PostTemporalSharpeningStrength). Set Post temporal sharpening to Disabled (DISABLED) to not apply sharpening." + } + }, + "NoiseFilterPostTemporalSharpeningStrength": { + "base": "Use Post temporal sharpening strength (PostTemporalSharpeningStrength) to define the amount of sharpening the transcoder applies to your output. Set Post temporal sharpening strength to Low (LOW), or leave blank, to apply a low amount of sharpening. Set Post temporal sharpening strength to Medium (MEDIUM) to apply medium amount of sharpening. Set Post temporal sharpening strength to High (HIGH) to apply a high amount of sharpening.", + "refs": { + "NoiseReducerTemporalFilterSettings$PostTemporalSharpeningStrength": "Use Post temporal sharpening strength (PostTemporalSharpeningStrength) to define the amount of sharpening the transcoder applies to your output. Set Post temporal sharpening strength to Low (LOW), or leave blank, to apply a low amount of sharpening. Set Post temporal sharpening strength to Medium (MEDIUM) to apply medium amount of sharpening. Set Post temporal sharpening strength to High (HIGH) to apply a high amount of sharpening." } }, "NoiseReducer": { @@ -5157,7 +5163,7 @@ "Input$FileInput": "Specify the source file for your transcoding job. You can use multiple inputs in a single job. The service concatenates these inputs, in the order that you specify them in the job, to create the outputs. If your input format is IMF, specify your input by providing the path to your CPL. For example, \"s3://bucket/vf/cpl.xml\". If the CPL is in an incomplete IMP, make sure to use *Supplemental IMPs* (SupplementalImps) to specify any supplemental IMPs that contain assets referenced by the CPL." } }, - "__stringPatternS3MM2PPWWEEBBMMMM2VVMMPPEEGGMMPP3AAVVIIMMPP4FFLLVVMMPPTTMMPPGGMM4VVTTRRPPFF4VVMM2TTSSTTSS264HH264MMKKVVMMKKAAMMOOVVMMTTSSMM2TTWWMMVVaAAASSFFVVOOBB3GGPP3GGPPPPMMXXFFDDIIVVXXXXVVIIDDRRAAWWDDVVGGXXFFMM1VV3GG2VVMMFFMM3UU8LLCCHHGGXXFFMMPPEEGG2MMXXFFMMPPEEGG2MMXXFFHHDDWWAAVVYY4MMAAAACCAAIIFFFFMMPP2AACC3EECC3DDTTSSEEAATTMMOOSSHttpsMM2VVMMPPEEGGMMPP3AAVVIIMMPP4FFLLVVMMPPTTMMPPGGMM4VVTTRRPPFF4VVMM2TTSSTTSS264HH264MMKKVVMMKKAAMMOOVVMMTTSSMM2TTWWMMVVaAAASSFFVVOOBB3GGPP3GGPPPPMMXXFFDDIIVVXXXXVVIIDDRRAAWWDDVVGGXXFFMM1VV3GG2VVMMFFMM3UU8LLCCHHGGXXFFMMPPEEGG2MMXXFFMMPPEEGG2MMXXFFHHDDWWAAVVYY4MMAAAACCAAIIFFFFMMPP2AACC3EECC3DDTTSSEEAATTMMOOSS": { + "__stringPatternS3MM2PPWWEEBBMMMM2VVMMPPEEGGMMPP3AAVVIIMMPP4FFLLVVMMPPTTMMPPGGMM4VVTTRRPPFF4VVMM2TTSSTTSS264HH264MMKKVVMMKKAAMMOOVVMMTTSSMM2TTWWMMVVaAAASSFFVVOOBB3GGPP3GGPPPPMMXXFFDDIIVVXXXXVVIIDDRRAAWWDDVVGGXXFFMM1VV3GG2VVMMFFMM3UU8LLCCHHGGXXFFMMPPEEGG2MMXXFFMMPPEEGG2MMXXFFHHDDWWAAVVYY4MMAAAACCAAIIFFFFMMPP2AACC3EECC3DDTTSSEEAATTMMOOSSOOGGGGaAHttpsMM2VVMMPPEEGGMMPP3AAVVIIMMPP4FFLLVVMMPPTTMMPPGGMM4VVTTRRPPFF4VVMM2TTSSTTSS264HH264MMKKVVMMKKAAMMOOVVMMTTSSMM2TTWWMMVVaAAASSFFVVOOBB3GGPP3GGPPPPMMXXFFDDIIVVXXXXVVIIDDRRAAWWDDVVGGXXFFMM1VV3GG2VVMMFFMM3UU8LLCCHHGGXXFFMMPPEEGG2MMXXFFMMPPEEGG2MMXXFFHHDDWWAAVVYY4MMAAAACCAAIIFFFFMMPP2AACC3EECC3DDTTSSEEAATTMMOOSSOOGGGGaA": { "base": null, "refs": { "AudioSelector$ExternalAudioFileInput": "Specifies audio data from an external file source." diff --git a/models/apis/rds/2014-10-31/docs-2.json b/models/apis/rds/2014-10-31/docs-2.json index e681629b2c..87d8a1d44b 100644 --- a/models/apis/rds/2014-10-31/docs-2.json +++ b/models/apis/rds/2014-10-31/docs-2.json @@ -16,7 +16,7 @@ "CopyDBSnapshot": "Copies the specified DB snapshot. The source DB snapshot must be in the available state.
You can copy a snapshot from one Amazon Web Services Region to another. In that case, the Amazon Web Services Region where you call the CopyDBSnapshot action is the destination Amazon Web Services Region for the DB snapshot copy.
This command doesn't apply to RDS Custom.
For more information about copying snapshots, see Copying a DB Snapshot in the Amazon RDS User Guide.
", "CopyOptionGroup": "Copies the specified option group.
", "CreateCustomAvailabilityZone": "Creates a custom Availability Zone (AZ).
A custom AZ is an on-premises AZ that is integrated with a VMware vSphere cluster.
For more information about RDS on VMware, see the RDS on VMware User Guide.
", - "CreateCustomDBEngineVersion": "Creates a custom DB engine version (CEV). A CEV is a binary volume snapshot of a database engine and specific AMI. The only supported engine is Oracle Database 19c Enterprise Edition with the January 2021 or later RU/RUR.
Amazon RDS, which is a fully managed service, supplies the Amazon Machine Image (AMI) and database software. The Amazon RDS database software is preinstalled, so you need only select a DB engine and version, and create your database. With Amazon RDS Custom, you upload your database installation files in Amazon S3.
When you create a custom engine version, you specify the files in a JSON document called a CEV manifest. This document describes installation .zip files stored in Amazon S3. RDS Custom creates your CEV from the installation files that you provided. This service model is called Bring Your Own Media (BYOM).
Creation takes approximately two hours. If creation fails, RDS Custom issues RDS-EVENT-0196 with the message Creation failed for custom engine version, and includes details about the failure. For example, the event prints missing files.
After you create the CEV, it is available for use. You can create multiple CEVs, and create multiple RDS Custom instances from any CEV. You can also change the status of a CEV to make it available or inactive.
The MediaImport service that imports files from Amazon S3 to create CEVs isn't integrated with Amazon Web Services CloudTrail. If you turn on data logging for Amazon RDS in CloudTrail, calls to the CreateCustomDbEngineVersion event aren't logged. However, you might see calls from the API gateway that accesses your Amazon S3 bucket. These calls originate from the MediaImport service for the CreateCustomDbEngineVersion event.
For more information, see Creating a CEV in the Amazon RDS User Guide.
", + "CreateCustomDBEngineVersion": "Creates a custom DB engine version (CEV). A CEV is a binary volume snapshot of a database engine and specific AMI. The only supported engine is Oracle Database 19c Enterprise Edition with the January 2021 or later RU/RUR.
Amazon RDS, which is a fully managed service, supplies the Amazon Machine Image (AMI) and database software. The Amazon RDS database software is preinstalled, so you need only select a DB engine and version, and create your database. With Amazon RDS Custom for Oracle, you upload your database installation files in Amazon S3.
When you create a custom engine version, you specify the files in a JSON document called a CEV manifest. This document describes installation .zip files stored in Amazon S3. RDS Custom creates your CEV from the installation files that you provided. This service model is called Bring Your Own Media (BYOM).
Creation takes approximately two hours. If creation fails, RDS Custom issues RDS-EVENT-0196 with the message Creation failed for custom engine version, and includes details about the failure. For example, the event prints missing files.
After you create the CEV, it is available for use. You can create multiple CEVs, and create multiple RDS Custom instances from any CEV. You can also change the status of a CEV to make it available or inactive.
The MediaImport service that imports files from Amazon S3 to create CEVs isn't integrated with Amazon Web Services CloudTrail. If you turn on data logging for Amazon RDS in CloudTrail, calls to the CreateCustomDbEngineVersion event aren't logged. However, you might see calls from the API gateway that accesses your Amazon S3 bucket. These calls originate from the MediaImport service for the CreateCustomDbEngineVersion event.
For more information, see Creating a CEV in the Amazon RDS User Guide.
", "CreateDBCluster": "Creates a new Amazon Aurora DB cluster or Multi-AZ DB cluster.
You can use the ReplicationSourceIdentifier parameter to create an Amazon Aurora DB cluster as a read replica of another DB cluster or Amazon RDS MySQL or PostgreSQL DB instance. For cross-Region replication where the DB cluster identified by ReplicationSourceIdentifier is encrypted, also specify the PreSignedUrl parameter.
For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.
The Multi-AZ DB clusters feature is in preview and is subject to change.
Creates a new custom endpoint and associates it with an Amazon Aurora DB cluster.
This action only applies to Aurora DB clusters.
Creates a new DB cluster parameter group.
Parameters in a DB cluster parameter group apply to all of the instances in a DB cluster.
A DB cluster parameter group is initially created with the default parameters for the database engine used by instances in the DB cluster. To provide custom values for any of the parameters, you must modify the group after creating it using ModifyDBClusterParameterGroup. Once you've created a DB cluster parameter group, you need to associate it with your DB cluster using ModifyDBCluster.
When you associate a new DB cluster parameter group with a running Aurora DB cluster, reboot the DB instances in the DB cluster without failover for the new DB cluster parameter group and associated settings to take effect.
When you associate a new DB cluster parameter group with a running Multi-AZ DB cluster, reboot the DB cluster without failover for the new DB cluster parameter group and associated settings to take effect.
After you create a DB cluster parameter group, you should wait at least 5 minutes before creating your first DB cluster that uses that DB cluster parameter group as the default parameter group. This allows Amazon RDS to fully complete the create action before the DB cluster parameter group is used as the default for a new DB cluster. This is especially important for parameters that are critical when creating the default database for a DB cluster, such as the character set for the default database defined by the character_set_database parameter. You can use the Parameter Groups option of the Amazon RDS console or the DescribeDBClusterParameters action to verify that your DB cluster parameter group has been created or modified.
For more information on Amazon Aurora, see What is Amazon Aurora? in the Amazon Aurora User Guide.
For more information on Multi-AZ DB clusters, see Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.
The Multi-AZ DB clusters feature is in preview and is subject to change.
Specifies whether the Aurora cluster is the primary cluster (that is, has read-write capability) for the Aurora global database with which it is associated.
", "ModifyDBClusterMessage$ApplyImmediately": "A value that indicates whether the modifications in this request and any pending modifications are asynchronously applied as soon as possible, regardless of the PreferredMaintenanceWindow setting for the DB cluster. If this parameter is disabled, changes to the DB cluster are applied during the next maintenance window.
The ApplyImmediately parameter only affects the EnableIAMDatabaseAuthentication, MasterUserPassword, and NewDBClusterIdentifier values. If the ApplyImmediately parameter is disabled, then changes to the EnableIAMDatabaseAuthentication, MasterUserPassword, and NewDBClusterIdentifier values are applied during the next maintenance window. All other changes are applied immediately, regardless of the value of the ApplyImmediately parameter.
By default, this parameter is disabled.
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", "ModifyDBClusterMessage$AllowMajorVersionUpgrade": "A value that indicates whether major version upgrades are allowed.
Constraints: You must allow major version upgrades when specifying a value for the EngineVersion parameter that is a different major version than the DB cluster's current version.
Valid for: Aurora DB clusters only
", - "ModifyDBInstanceMessage$ApplyImmediately": "A value that indicates whether the modifications in this request and any pending modifications are asynchronously applied as soon as possible, regardless of the PreferredMaintenanceWindow setting for the DB instance. By default, this parameter is disabled.
If this parameter is disabled, changes to the DB instance are applied during the next maintenance window. Some parameter changes can cause an outage and are applied on the next call to RebootDBInstance, or the next failure reboot. Review the table of parameters in Modifying a DB Instance in the Amazon RDS User Guide. to see the impact of enabling or disabling ApplyImmediately for each modified parameter and to determine when the changes are applied.
A value that indicates whether the modifications in this request and any pending modifications are asynchronously applied as soon as possible, regardless of the PreferredMaintenanceWindow setting for the DB instance. By default, this parameter is disabled.
If this parameter is disabled, changes to the DB instance are applied during the next maintenance window. Some parameter changes can cause an outage and are applied on the next call to RebootDBInstance, or the next failure reboot. Review the table of parameters in Modifying a DB Instance in the Amazon RDS User Guide to see the impact of enabling or disabling ApplyImmediately for each modified parameter and to determine when the changes are applied.
A value that indicates whether major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible.
This setting doesn't apply to RDS Custom.
Constraints: Major version upgrades must be allowed when specifying a value for the EngineVersion parameter that is a different major version than the DB instance's current version.
", "ModifyOptionGroupMessage$ApplyImmediately": "A value that indicates whether to apply the change immediately or during the next maintenance window for each instance associated with the option group.
", "Option$Persistent": "Indicate if this option is persistent.
", @@ -435,7 +435,7 @@ "CreateDBInstanceMessage$MultiAZ": "A value that indicates whether the DB instance is a Multi-AZ deployment. You can't set the AvailabilityZone parameter if the DB instance is a Multi-AZ deployment.
This setting doesn't apply to RDS Custom.
", "CreateDBInstanceMessage$AutoMinorVersionUpgrade": "A value that indicates whether minor engine upgrades are applied automatically to the DB instance during the maintenance window. By default, minor engine upgrades are applied automatically.
If you create an RDS Custom DB instance, you must set AutoMinorVersionUpgrade to false.
A value that indicates whether the DB instance is publicly accessible.
When the DB instance is publicly accessible, its Domain Name System (DNS) endpoint resolves to the private IP address from within the DB instance's virtual private cloud (VPC). It resolves to the public IP address from outside of the DB instance's VPC. Access to the DB instance is ultimately controlled by the security group it uses. That public access is not permitted if the security group assigned to the DB instance doesn't permit it.
When the DB instance isn't publicly accessible, it is an internal DB instance with a DNS name that resolves to a private IP address.
Default: The default behavior varies depending on whether DBSubnetGroupName is specified.
If DBSubnetGroupName isn't specified, and PubliclyAccessible isn't specified, the following applies:
If the default VPC in the target Region doesn’t have an internet gateway attached to it, the DB instance is private.
If the default VPC in the target Region has an internet gateway attached to it, the DB instance is public.
If DBSubnetGroupName is specified, and PubliclyAccessible isn't specified, the following applies:
If the subnets are part of a VPC that doesn’t have an internet gateway attached to it, the DB instance is private.
If the subnets are part of a VPC that has an internet gateway attached to it, the DB instance is public.
A value that indicates whether the DB instance is encrypted. By default, it isn't encrypted.
For RDS Custom Oracle instances, either set this parameter to true or leave it unset. If you set this parameter to false, RDS reports an error.
Amazon Aurora
Not applicable. The encryption for DB instances is managed by the DB cluster.
", + "CreateDBInstanceMessage$StorageEncrypted": "A value that indicates whether the DB instance is encrypted. By default, it isn't encrypted.
For RDS Custom instances, either set this parameter to true or leave it unset. If you set this parameter to false, RDS reports an error.
Amazon Aurora
Not applicable. The encryption for DB instances is managed by the DB cluster.
", "CreateDBInstanceMessage$CopyTagsToSnapshot": "A value that indicates whether to copy tags from the DB instance to snapshots of the DB instance. By default, tags are not copied.
Amazon Aurora
Not applicable. Copying tags to snapshots is managed by the DB cluster. Setting this value for an Aurora DB instance has no effect on the DB cluster setting.
", "CreateDBInstanceMessage$EnableIAMDatabaseAuthentication": "A value that indicates whether to enable mapping of Amazon Web Services Identity and Access Management (IAM) accounts to database accounts. By default, mapping isn't enabled.
This setting doesn't apply to RDS Custom or Amazon Aurora. In Aurora, mapping Amazon Web Services IAM accounts to database accounts is managed by the DB cluster.
For more information, see IAM Database Authentication for MySQL and PostgreSQL in the Amazon RDS User Guide.
", "CreateDBInstanceMessage$EnablePerformanceInsights": "A value that indicates whether to enable Performance Insights for the DB instance. For more information, see Using Amazon Performance Insights in the Amazon Relational Database Service User Guide.
This setting doesn't apply to RDS Custom.
", @@ -484,7 +484,7 @@ "ModifyDBInstanceMessage$MultiAZ": "A value that indicates whether the DB instance is a Multi-AZ deployment. Changing this parameter doesn't result in an outage. The change is applied during the next maintenance window unless the ApplyImmediately parameter is enabled for this request.
This setting doesn't apply to RDS Custom.
", "ModifyDBInstanceMessage$AutoMinorVersionUpgrade": "A value that indicates whether minor version upgrades are applied automatically to the DB instance during the maintenance window. An outage occurs when all the following conditions are met:
The automatic upgrade is enabled for the maintenance window.
A newer minor version is available.
RDS has enabled automatic patching for the engine version.
If any of the preceding conditions isn't met, RDS applies the change as soon as possible and doesn't cause an outage.
For an RDS Custom DB instance, set AutoMinorVersionUpgrade to false. Otherwise, the operation returns an error.
A value that indicates whether to copy all tags from the DB instance to snapshots of the DB instance. By default, tags are not copied.
Amazon Aurora
Not applicable. Copying tags to snapshots is managed by the DB cluster. Setting this value for an Aurora DB instance has no effect on the DB cluster setting. For more information, see ModifyDBCluster.
A value that indicates whether the DB instance is publicly accessible.
When the DB cluster is publicly accessible, its Domain Name System (DNS) endpoint resolves to the private IP address from within the DB cluster's virtual private cloud (VPC). It resolves to the public IP address from outside of the DB cluster's VPC. Access to the DB cluster is ultimately controlled by the security group it uses. That public access isn't permitted if the security group assigned to the DB cluster doesn't permit it.
When the DB instance isn't publicly accessible, it is an internal DB instance with a DNS name that resolves to a private IP address.
PubliclyAccessible only applies to DB instances in a VPC. The DB instance must be part of a public subnet and PubliclyAccessible must be enabled for it to be publicly accessible.
Changes to the PubliclyAccessible parameter are applied immediately regardless of the value of the ApplyImmediately parameter.
This setting doesn't apply to RDS Custom.
", + "ModifyDBInstanceMessage$PubliclyAccessible": "A value that indicates whether the DB instance is publicly accessible.
When the DB cluster is publicly accessible, its Domain Name System (DNS) endpoint resolves to the private IP address from within the DB cluster's virtual private cloud (VPC). It resolves to the public IP address from outside of the DB cluster's VPC. Access to the DB cluster is ultimately controlled by the security group it uses. That public access isn't permitted if the security group assigned to the DB cluster doesn't permit it.
When the DB instance isn't publicly accessible, it is an internal DB instance with a DNS name that resolves to a private IP address.
PubliclyAccessible only applies to DB instances in a VPC. The DB instance must be part of a public subnet and PubliclyAccessible must be enabled for it to be publicly accessible.
Changes to the PubliclyAccessible parameter are applied immediately regardless of the value of the ApplyImmediately parameter.
A value that indicates whether to enable mapping of Amazon Web Services Identity and Access Management (IAM) accounts to database accounts. By default, mapping isn't enabled.
This setting doesn't apply to Amazon Aurora. Mapping Amazon Web Services IAM accounts to database accounts is managed by the DB cluster.
For more information about IAM database authentication, see IAM Database Authentication for MySQL and PostgreSQL in the Amazon RDS User Guide.
This setting doesn't apply to RDS Custom.
", "ModifyDBInstanceMessage$EnablePerformanceInsights": "A value that indicates whether to enable Performance Insights for the DB instance.
For more information, see Using Amazon Performance Insights in the Amazon Relational Database Service User Guide.
This setting doesn't apply to RDS Custom.
", "ModifyDBInstanceMessage$UseDefaultProcessorFeatures": "A value that indicates whether the DB instance class of the DB instance uses its default processor features.
This setting doesn't apply to RDS Custom.
", @@ -891,9 +891,9 @@ "CustomEngineVersion": { "base": null, "refs": { - "CreateCustomDBEngineVersionMessage$EngineVersion": "The name of your CEV. The name format is 19.customized_string . For example, a valid name is 19.my_cev1. This setting is required for RDS Custom, but optional for Amazon RDS. The combination of Engine and EngineVersion is unique per customer per Region.
The name of your CEV. The name format is 19.customized_string . For example, a valid name is 19.my_cev1. This setting is required for RDS Custom for Oracle, but optional for Amazon RDS. The combination of Engine and EngineVersion is unique per customer per Region.
The custom engine version (CEV) for your DB instance. This option is required for RDS Custom, but optional for Amazon RDS. The combination of Engine and EngineVersion is unique per customer per Amazon Web Services Region.
The custom engine version (CEV) that you want to modify. This option is required for RDS Custom, but optional for Amazon RDS. The combination of Engine and EngineVersion is unique per customer per Amazon Web Services Region.
The custom engine version (CEV) that you want to modify. This option is required for RDS Custom for Oracle, but optional for Amazon RDS. The combination of Engine and EngineVersion is unique per customer per Amazon Web Services Region.
The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster.
For information about valid Iops values, see Amazon RDS Provisioned IOPS storage to improve performance in the Amazon RDS User Guide.
This setting is required to create a Multi-AZ DB cluster.
Constraints: Must be a multiple between .5 and 50 of the storage amount for the DB cluster.
Valid for: Multi-AZ DB clusters only
", "CreateDBClusterMessage$MonitoringInterval": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off collecting Enhanced Monitoring metrics, specify 0. The default is 0.
If MonitoringRoleArn is specified, also set MonitoringInterval to a value other than 0.
Valid Values: 0, 1, 5, 10, 15, 30, 60
Valid for: Multi-AZ DB clusters only
", "CreateDBClusterMessage$PerformanceInsightsRetentionPeriod": "The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731 (2 years).
Valid for: Multi-AZ DB clusters only
", - "CreateDBInstanceMessage$AllocatedStorage": "The amount of storage in gibibytes (GiB) to allocate for the DB instance.
Type: Integer
Amazon Aurora
Not applicable. Aurora cluster volumes automatically grow as the amount of data in your database increases, though you are only charged for the space that you use in an Aurora cluster volume.
Amazon RDS Custom
Constraints to the amount of storage for each storage type are the following:
General Purpose (SSD) storage (gp2): Must be an integer from 40 to 65536.
Provisioned IOPS storage (io1): Must be an integer from 40 to 65536.
MySQL
Constraints to the amount of storage for each storage type are the following:
General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.
Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.
Magnetic storage (standard): Must be an integer from 5 to 3072.
MariaDB
Constraints to the amount of storage for each storage type are the following:
General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.
Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.
Magnetic storage (standard): Must be an integer from 5 to 3072.
PostgreSQL
Constraints to the amount of storage for each storage type are the following:
General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.
Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.
Magnetic storage (standard): Must be an integer from 5 to 3072.
Oracle
Constraints to the amount of storage for each storage type are the following:
General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.
Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.
Magnetic storage (standard): Must be an integer from 10 to 3072.
SQL Server
Constraints to the amount of storage for each storage type are the following:
General Purpose (SSD) storage (gp2):
Enterprise and Standard editions: Must be an integer from 200 to 16384.
Web and Express editions: Must be an integer from 20 to 16384.
Provisioned IOPS storage (io1):
Enterprise and Standard editions: Must be an integer from 200 to 16384.
Web and Express editions: Must be an integer from 100 to 16384.
Magnetic storage (standard):
Enterprise and Standard editions: Must be an integer from 200 to 1024.
Web and Express editions: Must be an integer from 20 to 1024.
The number of days for which automated backups are retained. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.
Amazon Aurora
Not applicable. The retention period for automated backups is managed by the DB cluster.
Default: 1
Constraints:
Must be a value from 0 to 35
Can't be set to 0 if the DB instance is a source to read replicas
Can't be set to 0 or 35 for an RDS Custom DB instance
The amount of storage in gibibytes (GiB) to allocate for the DB instance.
Type: Integer
Amazon Aurora
Not applicable. Aurora cluster volumes automatically grow as the amount of data in your database increases, though you are only charged for the space that you use in an Aurora cluster volume.
Amazon RDS Custom
Constraints to the amount of storage for each storage type are the following:
General Purpose (SSD) storage (gp2): Must be an integer from 40 to 65536 for RDS Custom for Oracle, 16384 for RDS Custom for SQL Server.
Provisioned IOPS storage (io1): Must be an integer from 40 to 65536 for RDS Custom for Oracle, 16384 for RDS Custom for SQL Server.
MySQL
Constraints to the amount of storage for each storage type are the following:
General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.
Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.
Magnetic storage (standard): Must be an integer from 5 to 3072.
MariaDB
Constraints to the amount of storage for each storage type are the following:
General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.
Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.
Magnetic storage (standard): Must be an integer from 5 to 3072.
PostgreSQL
Constraints to the amount of storage for each storage type are the following:
General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.
Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.
Magnetic storage (standard): Must be an integer from 5 to 3072.
Oracle
Constraints to the amount of storage for each storage type are the following:
General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.
Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.
Magnetic storage (standard): Must be an integer from 10 to 3072.
SQL Server
Constraints to the amount of storage for each storage type are the following:
General Purpose (SSD) storage (gp2):
Enterprise and Standard editions: Must be an integer from 20 to 16384.
Web and Express editions: Must be an integer from 20 to 16384.
Provisioned IOPS storage (io1):
Enterprise and Standard editions: Must be an integer from 100 to 16384.
Web and Express editions: Must be an integer from 100 to 16384.
Magnetic storage (standard):
Enterprise and Standard editions: Must be an integer from 20 to 1024.
Web and Express editions: Must be an integer from 20 to 1024.
The number of days for which automated backups are retained. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.
Amazon Aurora
Not applicable. The retention period for automated backups is managed by the DB cluster.
Default: 1
Constraints:
Must be a value from 0 to 35
Can't be set to 0 if the DB instance is a source to read replicas
Can't be set to 0 or 35 for an RDS Custom for Oracle DB instance
The port number on which the database accepts connections.
MySQL
Default: 3306
Valid values: 1150-65535
Type: Integer
MariaDB
Default: 3306
Valid values: 1150-65535
Type: Integer
PostgreSQL
Default: 5432
Valid values: 1150-65535
Type: Integer
Oracle
Default: 1521
Valid values: 1150-65535
SQL Server
Default: 1433
Valid values: 1150-65535 except 1234, 1434, 3260, 3343, 3389, 47001, and 49152-49156.
Amazon Aurora
Default: 3306
Valid values: 1150-65535
Type: Integer
", "CreateDBInstanceMessage$Iops": "The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for the DB instance. For information about valid Iops values, see Amazon RDS Provisioned IOPS storage to improve performance in the Amazon RDS User Guide.
Constraints: For MariaDB, MySQL, Oracle, and PostgreSQL DB instances, must be a multiple between .5 and 50 of the storage amount for the DB instance. For SQL Server DB instances, must be a multiple between 1 and 50 of the storage amount for the DB instance.
", "CreateDBInstanceMessage$MonitoringInterval": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collection of Enhanced Monitoring metrics, specify 0. The default is 0.
If MonitoringRoleArn is specified, then you must set MonitoringInterval to a value other than 0.
This setting doesn't apply to RDS Custom.
Valid Values: 0, 1, 5, 10, 15, 30, 60
The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off collecting Enhanced Monitoring metrics, specify 0. The default is 0.
If MonitoringRoleArn is specified, also set MonitoringInterval to a value other than 0.
Valid Values: 0, 1, 5, 10, 15, 30, 60
Valid for: Multi-AZ DB clusters only
", "ModifyDBClusterMessage$PerformanceInsightsRetentionPeriod": "The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731 (2 years).
Valid for: Multi-AZ DB clusters only
", "ModifyDBInstanceMessage$AllocatedStorage": "The new amount of storage in gibibytes (GiB) to allocate for the DB instance.
For MariaDB, MySQL, Oracle, and PostgreSQL, the value supplied must be at least 10% greater than the current value. Values that are not at least 10% greater than the existing value are rounded up so that they are 10% greater than the current value.
For the valid values for allocated storage for each engine, see CreateDBInstance.
The number of days to retain automated backups. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.
Enabling and disabling backups can result in a brief I/O suspension that lasts from a few seconds to a few minutes, depending on the size and class of your DB instance.
These changes are applied during the next maintenance window unless the ApplyImmediately parameter is enabled for this request. If you change the parameter from one non-zero value to another non-zero value, the change is asynchronously applied as soon as possible.
Amazon Aurora
Not applicable. The retention period for automated backups is managed by the DB cluster. For more information, see ModifyDBCluster.
Default: Uses existing setting
Constraints:
It must be a value from 0 to 35. It can't be set to 0 if the DB instance is a source to read replicas. It can't be set to 0 or 35 for an RDS Custom DB instance.
It can be specified for a MySQL read replica only if the source is running MySQL 5.6 or later.
It can be specified for a PostgreSQL read replica only if the source is running PostgreSQL 9.3.5.
The number of days to retain automated backups. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.
Enabling and disabling backups can result in a brief I/O suspension that lasts from a few seconds to a few minutes, depending on the size and class of your DB instance.
These changes are applied during the next maintenance window unless the ApplyImmediately parameter is enabled for this request. If you change the parameter from one non-zero value to another non-zero value, the change is asynchronously applied as soon as possible.
Amazon Aurora
Not applicable. The retention period for automated backups is managed by the DB cluster. For more information, see ModifyDBCluster.
Default: Uses existing setting
Constraints:
It must be a value from 0 to 35. It can't be set to 0 if the DB instance is a source to read replicas. It can't be set to 0 or 35 for an RDS Custom for Oracle DB instance.
It can be specified for a MySQL read replica only if the source is running MySQL 5.6 or later.
It can be specified for a PostgreSQL read replica only if the source is running PostgreSQL 9.3.5.
The new Provisioned IOPS (I/O operations per second) value for the RDS instance.
Changing this setting doesn't result in an outage and the change is applied during the next maintenance window unless the ApplyImmediately parameter is enabled for this request. If you are migrating from Provisioned IOPS to standard storage, set this value to 0. The DB instance will require a reboot for the change in storage type to take effect.
If you choose to migrate your DB instance from using standard storage to using Provisioned IOPS, or from using Provisioned IOPS to using standard storage, the process can take time. The duration of the migration depends on several factors such as database load, storage size, storage type (standard or Provisioned IOPS), amount of IOPS provisioned (if any), and the number of prior scale storage operations. Typical migration times are under 24 hours, but the process can take up to several days in some cases. During the migration, the DB instance is available for use, but might experience performance degradation. While the migration takes place, nightly backups for the instance are suspended. No other Amazon RDS operations can take place for the instance, including modifying the instance, rebooting the instance, deleting the instance, creating a read replica for the instance, and creating a DB snapshot of the instance.
Constraints: For MariaDB, MySQL, Oracle, and PostgreSQL, the value supplied must be at least 10% greater than the current value. Values that are not at least 10% greater than the existing value are rounded up so that they are 10% greater than the current value.
Default: Uses existing setting
", "ModifyDBInstanceMessage$MonitoringInterval": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0, which is the default.
If MonitoringRoleArn is specified, set MonitoringInterval to a value other than 0.
This setting doesn't apply to RDS Custom.
Valid Values: 0, 1, 5, 10, 15, 30, 60
The port number on which the database accepts connections.
The value of the DBPortNumber parameter must not match any of the port values specified for options in the option group for the DB instance.
If you change the DBPortNumber value, your database restarts regardless of the value of the ApplyImmediately parameter.
This setting doesn't apply to RDS Custom.
MySQL
Default: 3306
Valid values: 1150-65535
MariaDB
Default: 3306
Valid values: 1150-65535
PostgreSQL
Default: 5432
Valid values: 1150-65535
Type: Integer
Oracle
Default: 1521
Valid values: 1150-65535
SQL Server
Default: 1433
Valid values: 1150-65535 except 1234, 1434, 3260, 3343, 3389, 47001, and 49152-49156.
Amazon Aurora
Default: 3306
Valid values: 1150-65535
A list of Parameter values.
Contains a list of engine default parameters.
", "ModifyDBClusterParameterGroupMessage$Parameters": "A list of parameters in the DB cluster parameter group to modify.
Valid Values (for the application method): immediate | pending-reboot
You can use the immediate value with dynamic parameters only. You can use the pending-reboot value for both dynamic and static parameters.
When the application method is immediate, changes to dynamic parameters are applied immediately to the DB clusters associated with the parameter group. When the application method is pending-reboot, changes to dynamic and static parameters are applied after a reboot without failover to the DB clusters associated with the parameter group.
An array of parameter names, values, and the application methods for the parameter update. At least one parameter name, value, and application method method must be supplied; later arguments are optional. A maximum of 20 parameters can be modified in a single request.
Valid Values (for the application method): immediate | pending-reboot
You can use the immediate value with dynamic parameters only. You can use the pending-reboot value for both dynamic and static parameters.
When the application method is immediate, changes to dynamic parameters are applied immediately to the DB instances associated with the parameter group. When the application method is pending-reboot, changes to dynamic and static parameters are applied after a reboot without failover to the DB instances associated with the parameter group.
An array of parameter names, values, and the application methods for the parameter update. At least one parameter name, value, and application method must be supplied; later arguments are optional. A maximum of 20 parameters can be modified in a single request.
Valid Values (for the application method): immediate | pending-reboot
You can use the immediate value with dynamic parameters only. You can use the pending-reboot value for both dynamic and static parameters.
When the application method is immediate, changes to dynamic parameters are applied immediately to the DB instances associated with the parameter group.
When the application method is pending-reboot, changes to dynamic and static parameters are applied after a reboot without failover to the DB instances associated with the parameter group.
You can't use pending-reboot with dynamic parameters on RDS for SQL Server DB instances. Use immediate.
For more information on modifying DB parameters, see Working with DB parameter groups in the Amazon RDS User Guide.
", "ResetDBClusterParameterGroupMessage$Parameters": "A list of parameter names in the DB cluster parameter group to reset to the default values. You can't use this parameter if the ResetAllParameters parameter is enabled.
To reset the entire DB parameter group, specify the DBParameterGroup name and ResetAllParameters parameters. To reset specific parameters, provide a list of the following: ParameterName and ApplyMethod. A maximum of 20 parameters can be modified in a single request.
MySQL
Valid Values (for Apply method): immediate | pending-reboot
You can use the immediate value with dynamic parameters only. You can use the pending-reboot value for both dynamic and static parameters, and changes are applied when DB instance reboots.
MariaDB
Valid Values (for Apply method): immediate | pending-reboot
You can use the immediate value with dynamic parameters only. You can use the pending-reboot value for both dynamic and static parameters, and changes are applied when DB instance reboots.
Oracle
Valid Values (for Apply method): pending-reboot
The DB cluster identifier. This parameter is stored as a lowercase string.
Constraints:
Must contain from 1 to 63 letters, numbers, or hyphens.
First character must be a letter.
Can't end with a hyphen or contain two consecutive hyphens.
Example: my-cluster1
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", "CreateDBClusterMessage$DBClusterParameterGroupName": "The name of the DB cluster parameter group to associate with this DB cluster. If you do not specify a value, then the default DB cluster parameter group for the specified DB engine and version is used.
Constraints:
If supplied, must match the name of an existing DB cluster parameter group.
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", "CreateDBClusterMessage$DBSubnetGroupName": "A DB subnet group to associate with this DB cluster.
This setting is required to create a Multi-AZ DB cluster.
Constraints: Must match the name of an existing DBSubnetGroup. Must not be default.
Example: mySubnetgroup
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", - "CreateDBClusterMessage$Engine": "The name of the database engine to be used for this DB cluster.
Valid Values:
aurora (for MySQL 5.6-compatible Aurora)
aurora-mysql (for MySQL 5.7-compatible Aurora)
aurora-postgresql
mysql
postgres
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", - "CreateDBClusterMessage$EngineVersion": "The version number of the database engine to use.
To list all of the available engine versions for MySQL 5.6-compatible Aurora, use the following command:
aws rds describe-db-engine-versions --engine aurora --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for MySQL 5.7-compatible Aurora, use the following command:
aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for Aurora PostgreSQL, use the following command:
aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for RDS for MySQL, use the following command:
aws rds describe-db-engine-versions --engine mysql --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for RDS for PostgreSQL, use the following command:
aws rds describe-db-engine-versions --engine postgres --query \"DBEngineVersions[].EngineVersion\"
Aurora MySQL
For information, see MySQL on Amazon RDS Versions in the Amazon Aurora User Guide.
Aurora PostgreSQL
For information, see Amazon Aurora PostgreSQL releases and engine versions in the Amazon Aurora User Guide.
MySQL
For information, see MySQL on Amazon RDS Versions in the Amazon RDS User Guide.
PostgreSQL
For information, see Amazon RDS for PostgreSQL versions and extensions in the Amazon RDS User Guide.
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", + "CreateDBClusterMessage$Engine": "The name of the database engine to be used for this DB cluster.
Valid Values:
aurora (for MySQL 5.6-compatible Aurora)
aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora)
aurora-postgresql
mysql
postgres
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", + "CreateDBClusterMessage$EngineVersion": "The version number of the database engine to use.
To list all of the available engine versions for MySQL 5.6-compatible Aurora, use the following command:
aws rds describe-db-engine-versions --engine aurora --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora, use the following command:
aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for Aurora PostgreSQL, use the following command:
aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for RDS for MySQL, use the following command:
aws rds describe-db-engine-versions --engine mysql --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for RDS for PostgreSQL, use the following command:
aws rds describe-db-engine-versions --engine postgres --query \"DBEngineVersions[].EngineVersion\"
Aurora MySQL
For information, see MySQL on Amazon RDS Versions in the Amazon Aurora User Guide.
Aurora PostgreSQL
For information, see Amazon Aurora PostgreSQL releases and engine versions in the Amazon Aurora User Guide.
MySQL
For information, see MySQL on Amazon RDS Versions in the Amazon RDS User Guide.
PostgreSQL
For information, see Amazon RDS for PostgreSQL versions and extensions in the Amazon RDS User Guide.
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", "CreateDBClusterMessage$MasterUsername": "The name of the master user for the DB cluster.
Constraints:
Must be 1 to 16 letters or numbers.
First character must be a letter.
Can't be a reserved word for the chosen database engine.
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", "CreateDBClusterMessage$MasterUserPassword": "The password for the master database user. This password can contain any printable ASCII character except \"/\", \"\"\", or \"@\".
Constraints: Must contain from 8 to 41 characters.
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", "CreateDBClusterMessage$OptionGroupName": "A value that indicates that the DB cluster should be associated with the specified option group.
DB clusters are associated with a default option group that can't be modified.
", @@ -3846,26 +3846,26 @@ "CreateDBClusterMessage$Domain": "The Active Directory directory ID to create the DB cluster in.
For Amazon Aurora DB clusters, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB cluster.
For more information, see Kerberos authentication in the Amazon Aurora User Guide.
Valid for: Aurora DB clusters only
", "CreateDBClusterMessage$DomainIAMRoleName": "Specify the name of the IAM role to be used when making API calls to the Directory Service.
Valid for: Aurora DB clusters only
", "CreateDBClusterMessage$DBClusterInstanceClass": "The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example db.m6g.xlarge. Not all DB instance classes are available in all Amazon Web Services Regions, or for all database engines.
For the full list of DB instance classes and availability for your engine, see DB instance class in the Amazon RDS User Guide.
This setting is required to create a Multi-AZ DB cluster.
Valid for: Multi-AZ DB clusters only
", - "CreateDBClusterMessage$StorageType": "Specifies the storage type to be associated with the DB cluster.
This setting is required to create a Multi-AZ DB cluster.
Valid values: standard | gp2 | io1
If you specify io1, also include a value for the Iops parameter.
Default: io1 if the Iops parameter is specified, otherwise gp2
Valid for: Multi-AZ DB clusters only
", + "CreateDBClusterMessage$StorageType": "Specifies the storage type to be associated with the DB cluster.
This setting is required to create a Multi-AZ DB cluster.
Valid values: io1
When specified, a value for the Iops parameter is required.
Default: io1
Valid for: Multi-AZ DB clusters only
", "CreateDBClusterMessage$MonitoringRoleArn": "The Amazon Resource Name (ARN) for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs. An example is arn:aws:iam:123456789012:role/emaccess. For information on creating a monitoring role, see Setting up and enabling Enhanced Monitoring in the Amazon RDS User Guide.
If MonitoringInterval is set to a value other than 0, supply a MonitoringRoleArn value.
Valid for: Multi-AZ DB clusters only
", "CreateDBClusterMessage$PerformanceInsightsKMSKeyId": "The Amazon Web Services KMS key identifier for encryption of Performance Insights data.
The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.
If you don't specify a value for PerformanceInsightsKMSKeyId, then Amazon RDS uses your default KMS key. There is a default KMS key for your Amazon Web Services account. Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region.
Valid for: Multi-AZ DB clusters only
", "CreateDBClusterParameterGroupMessage$DBClusterParameterGroupName": "The name of the DB cluster parameter group.
Constraints:
Must not match the name of an existing DB cluster parameter group.
This value is stored as a lowercase string.
The DB cluster parameter group family name. A DB cluster parameter group can be associated with one and only one DB cluster parameter group family, and can be applied only to a DB cluster running a database engine and engine version compatible with that DB cluster parameter group family.
Aurora MySQL
Example: aurora5.6, aurora-mysql5.7
Aurora PostgreSQL
Example: aurora-postgresql9.6
RDS for MySQL
Example: mysql8.0
RDS for PostgreSQL
Example: postgres12
To list all of the available parameter group families for a DB engine, use the following command:
aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine <engine>
For example, to list all of the available parameter group families for the Aurora PostgreSQL DB engine, use the following command:
aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine aurora-postgresql
The output contains duplicates.
The following are the valid DB engine values:
aurora (for MySQL 5.6-compatible Aurora)
aurora-mysql (for MySQL 5.7-compatible Aurora)
aurora-postgresql
mysql
postgres
The DB cluster parameter group family name. A DB cluster parameter group can be associated with one and only one DB cluster parameter group family, and can be applied only to a DB cluster running a database engine and engine version compatible with that DB cluster parameter group family.
Aurora MySQL
Example: aurora5.6, aurora-mysql5.7, aurora-mysql8.0
Aurora PostgreSQL
Example: aurora-postgresql9.6
RDS for MySQL
Example: mysql8.0
RDS for PostgreSQL
Example: postgres12
To list all of the available parameter group families for a DB engine, use the following command:
aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine <engine>
For example, to list all of the available parameter group families for the Aurora PostgreSQL DB engine, use the following command:
aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine aurora-postgresql
The output contains duplicates.
The following are the valid DB engine values:
aurora (for MySQL 5.6-compatible Aurora)
aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora)
aurora-postgresql
mysql
postgres
The description for the DB cluster parameter group.
", "CreateDBClusterSnapshotMessage$DBClusterSnapshotIdentifier": "The identifier of the DB cluster snapshot. This parameter is stored as a lowercase string.
Constraints:
Must contain from 1 to 63 letters, numbers, or hyphens.
First character must be a letter.
Can't end with a hyphen or contain two consecutive hyphens.
Example: my-cluster1-snapshot1
The identifier of the DB cluster to create a snapshot for. This parameter isn't case-sensitive.
Constraints:
Must match the identifier of an existing DBCluster.
Example: my-cluster1
The meaning of this parameter differs according to the database engine you use.
MySQL
The name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance.
Constraints:
Must contain 1 to 64 letters or numbers.
Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).
Can't be a word reserved by the specified database engine
MariaDB
The name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance.
Constraints:
Must contain 1 to 64 letters or numbers.
Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).
Can't be a word reserved by the specified database engine
PostgreSQL
The name of the database to create when the DB instance is created. If this parameter isn't specified, a database named postgres is created in the DB instance.
Constraints:
Must contain 1 to 63 letters, numbers, or underscores.
Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).
Can't be a word reserved by the specified database engine
Oracle
The Oracle System ID (SID) of the created DB instance. If you specify null, the default value ORCL is used. You can't specify the string NULL, or any other reserved word, for DBName.
Default: ORCL
Constraints:
Can't be longer than 8 characters
Amazon RDS Custom
The Oracle System ID (SID) of the created RDS Custom DB instance. If you don't specify a value, the default value is ORCL.
Default: ORCL
Constraints:
It must contain 1 to 8 alphanumeric characters.
It must contain a letter.
It can't be a word reserved by the database engine.
SQL Server
Not applicable. Must be null.
Amazon Aurora MySQL
The name of the database to create when the primary DB instance of the Aurora MySQL DB cluster is created. If this parameter isn't specified for an Aurora MySQL DB cluster, no database is created in the DB cluster.
Constraints:
It must contain 1 to 64 alphanumeric characters.
It can't be a word reserved by the database engine.
Amazon Aurora PostgreSQL
The name of the database to create when the primary DB instance of the Aurora PostgreSQL DB cluster is created. If this parameter isn't specified for an Aurora PostgreSQL DB cluster, a database named postgres is created in the DB cluster.
Constraints:
It must contain 1 to 63 alphanumeric characters.
It must begin with a letter or an underscore. Subsequent characters can be letters, underscores, or digits (0 to 9).
It can't be a word reserved by the database engine.
The meaning of this parameter differs according to the database engine you use.
MySQL
The name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance.
Constraints:
Must contain 1 to 64 letters or numbers.
Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).
Can't be a word reserved by the specified database engine
MariaDB
The name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance.
Constraints:
Must contain 1 to 64 letters or numbers.
Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).
Can't be a word reserved by the specified database engine
PostgreSQL
The name of the database to create when the DB instance is created. If this parameter isn't specified, a database named postgres is created in the DB instance.
Constraints:
Must contain 1 to 63 letters, numbers, or underscores.
Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).
Can't be a word reserved by the specified database engine
Oracle
The Oracle System ID (SID) of the created DB instance. If you specify null, the default value ORCL is used. You can't specify the string NULL, or any other reserved word, for DBName.
Default: ORCL
Constraints:
Can't be longer than 8 characters
Amazon RDS Custom for Oracle
The Oracle System ID (SID) of the created RDS Custom DB instance. If you don't specify a value, the default value is ORCL.
Default: ORCL
Constraints:
It must contain 1 to 8 alphanumeric characters.
It must contain a letter.
It can't be a word reserved by the database engine.
Amazon RDS Custom for SQL Server
Not applicable. Must be null.
SQL Server
Not applicable. Must be null.
Amazon Aurora MySQL
The name of the database to create when the primary DB instance of the Aurora MySQL DB cluster is created. If this parameter isn't specified for an Aurora MySQL DB cluster, no database is created in the DB cluster.
Constraints:
It must contain 1 to 64 alphanumeric characters.
It can't be a word reserved by the database engine.
Amazon Aurora PostgreSQL
The name of the database to create when the primary DB instance of the Aurora PostgreSQL DB cluster is created. If this parameter isn't specified for an Aurora PostgreSQL DB cluster, a database named postgres is created in the DB cluster.
Constraints:
It must contain 1 to 63 alphanumeric characters.
It must begin with a letter or an underscore. Subsequent characters can be letters, underscores, or digits (0 to 9).
It can't be a word reserved by the database engine.
The DB instance identifier. This parameter is stored as a lowercase string.
Constraints:
Must contain from 1 to 63 letters, numbers, or hyphens.
First character must be a letter.
Can't end with a hyphen or contain two consecutive hyphens.
Example: mydbinstance
The compute and memory capacity of the DB instance, for example db.m4.large. Not all DB instance classes are available in all Amazon Web Services Regions, or for all database engines. For the full list of DB instance classes, and availability for your engine, see DB Instance Class in the Amazon RDS User Guide.
", - "CreateDBInstanceMessage$Engine": "The name of the database engine to be used for this instance.
Not every database engine is available for every Amazon Web Services Region.
Valid Values:
aurora (for MySQL 5.6-compatible Aurora)
aurora-mysql (for MySQL 5.7-compatible Aurora)
aurora-postgresql
custom-oracle-ee (for RDS Custom instances)
mariadb
mysql
oracle-ee
oracle-ee-cdb
oracle-se2
oracle-se2-cdb
postgres
sqlserver-ee
sqlserver-se
sqlserver-ex
sqlserver-web
The name of the database engine to be used for this instance.
Not every database engine is available for every Amazon Web Services Region.
Valid Values:
aurora (for MySQL 5.6-compatible Aurora)
aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora)
aurora-postgresql
custom-oracle-ee (for RDS Custom for Oracle instances)
custom-sqlserver-ee (for RDS Custom for SQL Server instances)
custom-sqlserver-se (for RDS Custom for SQL Server instances)
custom-sqlserver-web (for RDS Custom for SQL Server instances)
mariadb
mysql
oracle-ee
oracle-ee-cdb
oracle-se2
oracle-se2-cdb
postgres
sqlserver-ee
sqlserver-se
sqlserver-ex
sqlserver-web
The name for the master user.
Amazon Aurora
Not applicable. The name for the master user is managed by the DB cluster.
Amazon RDS
Constraints:
Required.
Must be 1 to 16 letters, numbers, or underscores.
First character must be a letter.
Can't be a reserved word for the chosen database engine.
The password for the master user. The password can include any printable ASCII character except \"/\", \"\"\", or \"@\".
Amazon Aurora
Not applicable. The password for the master user is managed by the DB cluster.
MariaDB
Constraints: Must contain from 8 to 41 characters.
Microsoft SQL Server
Constraints: Must contain from 8 to 128 characters.
MySQL
Constraints: Must contain from 8 to 41 characters.
Oracle
Constraints: Must contain from 8 to 30 characters.
PostgreSQL
Constraints: Must contain from 8 to 128 characters.
", - "CreateDBInstanceMessage$AvailabilityZone": "The Availability Zone (AZ) where the database will be created. For information on Amazon Web Services Regions and Availability Zones, see Regions and Availability Zones.
Default: A random, system-chosen Availability Zone in the endpoint's Amazon Web Services Region.
Example: us-east-1d
Constraint: The AvailabilityZone parameter can't be specified if the DB instance is a Multi-AZ deployment. The specified Availability Zone must be in the same Amazon Web Services Region as the current endpoint.
If you're creating a DB instance in an RDS on VMware environment, specify the identifier of the custom Availability Zone to create the DB instance in.
For more information about RDS on VMware, see the RDS on VMware User Guide.
The Availability Zone (AZ) where the database will be created. For information on Amazon Web Services Regions and Availability Zones, see Regions and Availability Zones.
Amazon Aurora
Not applicable. Availability Zones are managed by the DB cluster.
Default: A random, system-chosen Availability Zone in the endpoint's Amazon Web Services Region.
Example: us-east-1d
Constraint: The AvailabilityZone parameter can't be specified if the DB instance is a Multi-AZ deployment. The specified Availability Zone must be in the same Amazon Web Services Region as the current endpoint.
If you're creating a DB instance in an RDS on VMware environment, specify the identifier of the custom Availability Zone to create the DB instance in.
For more information about RDS on VMware, see the RDS on VMware User Guide.
A DB subnet group to associate with this DB instance.
If there is no DB subnet group, then it is a non-VPC DB instance.
", "CreateDBInstanceMessage$PreferredMaintenanceWindow": "The time range each week during which system maintenance can occur, in Universal Coordinated Time (UTC). For more information, see Amazon RDS Maintenance Window.
Format: ddd:hh24:mi-ddd:hh24:mi
The default is a 30-minute window selected at random from an 8-hour block of time for each Amazon Web Services Region, occurring on a random day of the week.
Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.
Constraints: Minimum 30-minute window.
", "CreateDBInstanceMessage$DBParameterGroupName": "The name of the DB parameter group to associate with this DB instance. If you do not specify a value, then the default DB parameter group for the specified DB engine and version is used.
This setting doesn't apply to RDS Custom.
Constraints:
Must be 1 to 255 letters, numbers, or hyphens.
First character must be a letter
Can't end with a hyphen or contain two consecutive hyphens
The daily time range during which automated backups are created if automated backups are enabled, using the BackupRetentionPeriod parameter. The default is a 30-minute window selected at random from an 8-hour block of time for each Amazon Web Services Region. For more information, see Backup window in the Amazon RDS User Guide.
Amazon Aurora
Not applicable. The daily time range for creating automated backups is managed by the DB cluster.
Constraints:
Must be in the format hh24:mi-hh24:mi.
Must be in Universal Coordinated Time (UTC).
Must not conflict with the preferred maintenance window.
Must be at least 30 minutes.
The version number of the database engine to use.
For a list of valid engine versions, use the DescribeDBEngineVersions action.
The following are the database engines and links to information about the major and minor versions that are available with Amazon RDS. Not every database engine is available for every Amazon Web Services Region.
Amazon Aurora
Not applicable. The version number of the database engine to be used by the DB instance is managed by the DB cluster.
Amazon RDS Custom
A custom engine version (CEV) that you have previously created. This setting is required for RDS Custom. The CEV name has the following format: 19.customized_string . An example identifier is 19.my_cev1. For more information, see Creating an RDS Custom DB instance in the Amazon RDS User Guide..
MariaDB
For information, see MariaDB on Amazon RDS Versions in the Amazon RDS User Guide.
Microsoft SQL Server
For information, see Microsoft SQL Server Versions on Amazon RDS in the Amazon RDS User Guide.
MySQL
For information, see MySQL on Amazon RDS Versions in the Amazon RDS User Guide.
Oracle
For information, see Oracle Database Engine Release Notes in the Amazon RDS User Guide.
PostgreSQL
For information, see Amazon RDS for PostgreSQL versions and extensions in the Amazon RDS User Guide.
", + "CreateDBInstanceMessage$EngineVersion": "The version number of the database engine to use.
For a list of valid engine versions, use the DescribeDBEngineVersions action.
The following are the database engines and links to information about the major and minor versions that are available with Amazon RDS. Not every database engine is available for every Amazon Web Services Region.
Amazon Aurora
Not applicable. The version number of the database engine to be used by the DB instance is managed by the DB cluster.
Amazon RDS Custom for Oracle
A custom engine version (CEV) that you have previously created. This setting is required for RDS Custom for Oracle. The CEV name has the following format: 19.customized_string . An example identifier is 19.my_cev1. For more information, see Creating an RDS Custom for Oracle DB instance in the Amazon RDS User Guide..
Amazon RDS Custom for SQL Server
See RDS Custom for SQL Server general requirements in the Amazon RDS User Guide.
MariaDB
For information, see MariaDB on Amazon RDS Versions in the Amazon RDS User Guide.
Microsoft SQL Server
For information, see Microsoft SQL Server Versions on Amazon RDS in the Amazon RDS User Guide.
MySQL
For information, see MySQL on Amazon RDS Versions in the Amazon RDS User Guide.
Oracle
For information, see Oracle Database Engine Release Notes in the Amazon RDS User Guide.
PostgreSQL
For information, see Amazon RDS for PostgreSQL versions and extensions in the Amazon RDS User Guide.
", "CreateDBInstanceMessage$LicenseModel": "License model information for this DB instance.
Valid values: license-included | bring-your-own-license | general-public-license
This setting doesn't apply to RDS Custom.
", "CreateDBInstanceMessage$OptionGroupName": "A value that indicates that the DB instance should be associated with the specified option group.
Permanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed from an option group. Also, that option group can't be removed from a DB instance after it is associated with a DB instance.
This setting doesn't apply to RDS Custom.
", "CreateDBInstanceMessage$CharacterSetName": "For supported engines, this value indicates that the DB instance should be associated with the specified CharacterSet.
This setting doesn't apply to RDS Custom. However, if you need to change the character set, you can change it on the database itself.
Amazon Aurora
Not applicable. The character set is managed by the DB cluster. For more information, see CreateDBCluster.
Specifies the storage type to be associated with the DB instance.
Valid values: standard | gp2 | io1
If you specify io1, you must also include a value for the Iops parameter.
Default: io1 if the Iops parameter is specified, otherwise gp2
The ARN from the key store with which to associate the instance for TDE encryption.
This setting doesn't apply to RDS Custom.
", "CreateDBInstanceMessage$TdeCredentialPassword": "The password for the given ARN from the key store in order to access the device.
This setting doesn't apply to RDS Custom.
", - "CreateDBInstanceMessage$KmsKeyId": "The Amazon Web Services KMS key identifier for an encrypted DB instance.
The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN.
Amazon Aurora
Not applicable. The Amazon Web Services KMS key identifier is managed by the DB cluster. For more information, see CreateDBCluster.
If StorageEncrypted is enabled, and you do not specify a value for the KmsKeyId parameter, then Amazon RDS uses your default KMS key. There is a default KMS key for your Amazon Web Services account. Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region.
Amazon RDS Custom
A KMS key is required for RDS Custom Oracle instances. For most RDS engines, if you leave this parameter empty while enabling StorageEncrypted, the engine uses the default KMS key. However, RDS Custom for Oracle doesn't use the default key when this parameter is empty. You must explicitly specify a key.
The Amazon Web Services KMS key identifier for an encrypted DB instance.
The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key. To use a KMS key in a different Amazon Web Services account, specify the key ARN or alias ARN.
Amazon Aurora
Not applicable. The Amazon Web Services KMS key identifier is managed by the DB cluster. For more information, see CreateDBCluster.
If StorageEncrypted is enabled, and you do not specify a value for the KmsKeyId parameter, then Amazon RDS uses your default KMS key. There is a default KMS key for your Amazon Web Services account. Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region.
Amazon RDS Custom
A KMS key is required for RDS Custom instances. For most RDS engines, if you leave this parameter empty while enabling StorageEncrypted, the engine uses the default KMS key. However, RDS Custom doesn't use the default key when this parameter is empty. You must explicitly specify a key.
The Active Directory directory ID to create the DB instance in. Currently, only MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.
For more information, see Kerberos Authentication in the Amazon RDS User Guide.
This setting doesn't apply to RDS Custom.
", "CreateDBInstanceMessage$MonitoringRoleArn": "The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. For example, arn:aws:iam:123456789012:role/emaccess. For information on creating a monitoring role, see Setting Up and Enabling Enhanced Monitoring in the Amazon RDS User Guide.
If MonitoringInterval is set to a value other than 0, then you must supply a MonitoringRoleArn value.
This setting doesn't apply to RDS Custom.
", "CreateDBInstanceMessage$DomainIAMRoleName": "Specify the name of the IAM role to be used when making API calls to the Directory Service.
This setting doesn't apply to RDS Custom.
", @@ -3898,7 +3898,7 @@ "CreateDBInstanceReadReplicaMessage$DomainIAMRoleName": "Specify the name of the IAM role to be used when making API calls to the Directory Service.
This setting doesn't apply to RDS Custom.
", "CreateDBInstanceReadReplicaMessage$CustomIamInstanceProfile": "The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance. The instance profile must meet the following requirements:
The profile must exist in your account.
The profile must have an IAM role that Amazon EC2 has permissions to assume.
The instance profile name and the associated IAM role name must start with the prefix AWSRDSCustom.
For the list of permissions required for the IAM role, see Configure IAM and your VPC in the Amazon Relational Database Service User Guide.
This setting is required for RDS Custom.
", "CreateDBParameterGroupMessage$DBParameterGroupName": "The name of the DB parameter group.
Constraints:
Must be 1 to 255 letters, numbers, or hyphens.
First character must be a letter
Can't end with a hyphen or contain two consecutive hyphens
This value is stored as a lowercase string.
The DB parameter group family name. A DB parameter group can be associated with one and only one DB parameter group family, and can be applied only to a DB instance running a database engine and engine version compatible with that DB parameter group family.
To list all of the available parameter group families for a DB engine, use the following command:
aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine <engine>
For example, to list all of the available parameter group families for the MySQL DB engine, use the following command:
aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine mysql
The output contains duplicates.
The following are the valid DB engine values:
aurora (for MySQL 5.6-compatible Aurora)
aurora-mysql (for MySQL 5.7-compatible Aurora)
aurora-postgresql
mariadb
mysql
oracle-ee
oracle-ee-cdb
oracle-se2
oracle-se2-cdb
postgres
sqlserver-ee
sqlserver-se
sqlserver-ex
sqlserver-web
The DB parameter group family name. A DB parameter group can be associated with one and only one DB parameter group family, and can be applied only to a DB instance running a database engine and engine version compatible with that DB parameter group family.
To list all of the available parameter group families for a DB engine, use the following command:
aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine <engine>
For example, to list all of the available parameter group families for the MySQL DB engine, use the following command:
aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine mysql
The output contains duplicates.
The following are the valid DB engine values:
aurora (for MySQL 5.6-compatible Aurora)
aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora)
aurora-postgresql
mariadb
mysql
oracle-ee
oracle-ee-cdb
oracle-se2
oracle-se2-cdb
postgres
sqlserver-ee
sqlserver-se
sqlserver-ex
sqlserver-web
The description for the DB parameter group.
", "CreateDBProxyRequest$DBProxyName": "The identifier for the proxy. This name must be unique for all proxies owned by your Amazon Web Services account in the specified Amazon Web Services Region. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.
", "CreateDBProxyRequest$RoleArn": "The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in Amazon Web Services Secrets Manager.
", @@ -3948,7 +3948,7 @@ "DBCluster$ActivityStreamKmsKeyId": "The Amazon Web Services KMS key identifier used for encrypting messages in the database activity stream.
The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.
", "DBCluster$ActivityStreamKinesisStreamName": "The name of the Amazon Kinesis data stream used for the database activity stream.
", "DBCluster$DBClusterInstanceClass": "The name of the compute and memory capacity class of the DB instance.
This setting is only for non-Aurora Multi-AZ DB clusters.
", - "DBCluster$StorageType": "The storage type associated with DB instance.
This setting is only for non-Aurora Multi-AZ DB clusters.
", + "DBCluster$StorageType": "The storage type associated with the DB cluster.
This setting is only for non-Aurora Multi-AZ DB clusters.
", "DBCluster$MonitoringRoleArn": "The ARN for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs.
This setting is only for non-Aurora Multi-AZ DB clusters.
", "DBCluster$PerformanceInsightsKMSKeyId": "The Amazon Web Services KMS key identifier for encryption of Performance Insights data.
The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.
This setting is only for non-Aurora Multi-AZ DB clusters.
", "DBClusterBacktrack$DBClusterIdentifier": "Contains a user-supplied DB cluster identifier. This identifier is the unique key that identifies a DB cluster.
", @@ -3985,7 +3985,7 @@ "DBClusterSnapshot$DBClusterIdentifier": "Specifies the DB cluster identifier of the DB cluster that this DB cluster snapshot was created from.
", "DBClusterSnapshot$Engine": "Specifies the name of the database engine for this DB cluster snapshot.
", "DBClusterSnapshot$EngineMode": "Provides the engine mode of the database engine for this DB cluster snapshot.
", - "DBClusterSnapshot$Status": "Specifies the status of this DB cluster snapshot.
", + "DBClusterSnapshot$Status": "Specifies the status of this DB cluster snapshot. Valid statuses are the following:
available
copying
creating
Provides the VPC ID associated with the DB cluster snapshot.
", "DBClusterSnapshot$MasterUsername": "Provides the master username for this DB cluster snapshot.
", "DBClusterSnapshot$EngineVersion": "Provides the version of the database engine for this DB cluster snapshot.
", @@ -4176,7 +4176,7 @@ "DescribeDBClusterSnapshotsMessage$Marker": "An optional pagination token provided by a previous DescribeDBClusterSnapshots request. If this parameter is specified, the response includes only records beyond the marker, up to the value specified by MaxRecords.
The user-supplied DB cluster identifier. If this parameter is specified, information from only the specific DB cluster is returned. This parameter isn't case-sensitive.
Constraints:
If supplied, must match an existing DBClusterIdentifier.
An optional pagination token provided by a previous DescribeDBClusters request. If this parameter is specified, the response includes only records beyond the marker, up to the value specified by MaxRecords.
The database engine to return.
Valid Values:
aurora (for MySQL 5.6-compatible Aurora)
aurora-mysql (for MySQL 5.7-compatible Aurora)
aurora-postgresql
mariadb
mysql
oracle-ee
oracle-ee-cdb
oracle-se2
oracle-se2-cdb
postgres
sqlserver-ee
sqlserver-se
sqlserver-ex
sqlserver-web
The database engine to return.
Valid Values:
aurora (for MySQL 5.6-compatible Aurora)
aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora)
aurora-postgresql
mariadb
mysql
oracle-ee
oracle-ee-cdb
oracle-se2
oracle-se2-cdb
postgres
sqlserver-ee
sqlserver-se
sqlserver-ex
sqlserver-web
The database engine version to return.
Example: 5.1.49
The name of a specific DB parameter group family to return details for.
Constraints:
If supplied, must match an existing DBParameterGroupFamily.
An optional pagination token provided by a previous request. If this parameter is specified, the response includes only records beyond the marker, up to the value specified by MaxRecords.
An optional pagination token provided by a previous DescribeOptionGroups request. If this parameter is specified, the response includes only records beyond the marker, up to the value specified by MaxRecords.
Filters the list of option groups to only include groups associated with a specific database engine.
Valid Values:
mariadb
mysql
oracle-ee
oracle-ee-cdb
oracle-se2
oracle-se2-cdb
postgres
sqlserver-ee
sqlserver-se
sqlserver-ex
sqlserver-web
Filters the list of option groups to only include groups associated with a specific database engine version. If specified, then EngineName must also be specified.
", - "DescribeOrderableDBInstanceOptionsMessage$Engine": "The name of the engine to retrieve DB instance options for.
Valid Values:
aurora (for MySQL 5.6-compatible Aurora)
aurora-mysql (for MySQL 5.7-compatible Aurora)
aurora-postgresql
mariadb
mysql
oracle-ee
oracle-ee-cdb
oracle-se2
oracle-se2-cdb
postgres
sqlserver-ee
sqlserver-se
sqlserver-ex
sqlserver-web
The name of the engine to retrieve DB instance options for.
Valid Values:
aurora (for MySQL 5.6-compatible Aurora)
aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora)
aurora-postgresql
mariadb
mysql
oracle-ee
oracle-ee-cdb
oracle-se2
oracle-se2-cdb
postgres
sqlserver-ee
sqlserver-se
sqlserver-ex
sqlserver-web
The engine version filter value. Specify this parameter to show only the available offerings matching the specified engine version.
", "DescribeOrderableDBInstanceOptionsMessage$DBInstanceClass": "The DB instance class filter value. Specify this parameter to show only the available offerings matching the specified DB instance class.
", "DescribeOrderableDBInstanceOptionsMessage$LicenseModel": "The license model filter value. Specify this parameter to show only the available offerings matching the specified license model.
RDS Custom supports only the BYOL licensing model.
", @@ -4358,25 +4358,25 @@ "ModifyDBClusterMessage$OptionGroupName": "A value that indicates that the DB cluster should be associated with the specified option group.
DB clusters are associated with a default option group that can't be modified.
", "ModifyDBClusterMessage$PreferredBackupWindow": "The daily time range during which automated backups are created if automated backups are enabled, using the BackupRetentionPeriod parameter.
The default is a 30-minute window selected at random from an 8-hour block of time for each Amazon Web Services Region. To view the time blocks available, see Backup window in the Amazon Aurora User Guide.
Constraints:
Must be in the format hh24:mi-hh24:mi.
Must be in Universal Coordinated Time (UTC).
Must not conflict with the preferred maintenance window.
Must be at least 30 minutes.
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", "ModifyDBClusterMessage$PreferredMaintenanceWindow": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).
Format: ddd:hh24:mi-ddd:hh24:mi
The default is a 30-minute window selected at random from an 8-hour block of time for each Amazon Web Services Region, occurring on a random day of the week. To see the time blocks available, see Adjusting the Preferred DB Cluster Maintenance Window in the Amazon Aurora User Guide.
Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.
Constraints: Minimum 30-minute window.
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", - "ModifyDBClusterMessage$EngineVersion": "The version number of the database engine to which you want to upgrade. Changing this parameter results in an outage. The change is applied during the next maintenance window unless ApplyImmediately is enabled.
To list all of the available engine versions for MySQL 5.6-compatible Aurora, use the following command:
aws rds describe-db-engine-versions --engine aurora --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for MySQL 5.7-compatible Aurora, use the following command:
aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for Aurora PostgreSQL, use the following command:
aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for RDS for MySQL, use the following command:
aws rds describe-db-engine-versions --engine mysql --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for RDS for PostgreSQL, use the following command:
aws rds describe-db-engine-versions --engine postgres --query \"DBEngineVersions[].EngineVersion\"
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", + "ModifyDBClusterMessage$EngineVersion": "The version number of the database engine to which you want to upgrade. Changing this parameter results in an outage. The change is applied during the next maintenance window unless ApplyImmediately is enabled.
To list all of the available engine versions for MySQL 5.6-compatible Aurora, use the following command:
aws rds describe-db-engine-versions --engine aurora --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora, use the following command:
aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for Aurora PostgreSQL, use the following command:
aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for RDS for MySQL, use the following command:
aws rds describe-db-engine-versions --engine mysql --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for RDS for PostgreSQL, use the following command:
aws rds describe-db-engine-versions --engine postgres --query \"DBEngineVersions[].EngineVersion\"
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", "ModifyDBClusterMessage$DBInstanceParameterGroupName": "The name of the DB parameter group to apply to all instances of the DB cluster.
When you apply a parameter group using the DBInstanceParameterGroupName parameter, the DB cluster isn't rebooted automatically. Also, parameter changes aren't applied during the next maintenance window but instead are applied immediately.
Default: The existing name setting
Constraints:
The DB parameter group must be in the same DB parameter group family as this DB cluster.
The DBInstanceParameterGroupName parameter is only valid in combination with the AllowMajorVersionUpgrade parameter.
Valid for: Aurora DB clusters only
", "ModifyDBClusterMessage$Domain": "The Active Directory directory ID to move the DB cluster to. Specify none to remove the cluster from its current domain. The domain must be created prior to this operation.
For more information, see Kerberos Authentication in the Amazon Aurora User Guide.
Valid for: Aurora DB clusters only
", "ModifyDBClusterMessage$DomainIAMRoleName": "Specify the name of the IAM role to be used when making API calls to the Directory Service.
Valid for: Aurora DB clusters only
", "ModifyDBClusterMessage$DBClusterInstanceClass": "The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example db.m6g.xlarge. Not all DB instance classes are available in all Amazon Web Services Regions, or for all database engines.
For the full list of DB instance classes and availability for your engine, see DB Instance Class in the Amazon RDS User Guide.
Valid for: Multi-AZ DB clusters only
", - "ModifyDBClusterMessage$StorageType": "Specifies the storage type to be associated with the DB cluster.
Valid values: standard | gp2 | io1
If you specify io1, you must also include a value for the Iops parameter.
Default: io1 if the Iops parameter is specified, otherwise gp2
Valid for: Multi-AZ DB clusters only
", + "ModifyDBClusterMessage$StorageType": "Specifies the storage type to be associated with the DB cluster.
Valid values: io1
When specified, a value for the Iops parameter is required.
Default: io1
Valid for: Multi-AZ DB clusters only
", "ModifyDBClusterMessage$MonitoringRoleArn": "The Amazon Resource Name (ARN) for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs. An example is arn:aws:iam:123456789012:role/emaccess. For information on creating a monitoring role, see To create an IAM role for Amazon RDS Enhanced Monitoring in the Amazon RDS User Guide.
If MonitoringInterval is set to a value other than 0, supply a MonitoringRoleArn value.
Valid for: Multi-AZ DB clusters only
", "ModifyDBClusterMessage$PerformanceInsightsKMSKeyId": "The Amazon Web Services KMS key identifier for encryption of Performance Insights data.
The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.
If you don't specify a value for PerformanceInsightsKMSKeyId, then Amazon RDS uses your default KMS key. There is a default KMS key for your Amazon Web Services account. Your Amazon Web Services account has a different default KMS key for each Amazon Web Services Region.
Valid for: Multi-AZ DB clusters only
", "ModifyDBClusterParameterGroupMessage$DBClusterParameterGroupName": "The name of the DB cluster parameter group to modify.
", "ModifyDBClusterSnapshotAttributeMessage$DBClusterSnapshotIdentifier": "The identifier for the DB cluster snapshot to modify the attributes for.
", "ModifyDBClusterSnapshotAttributeMessage$AttributeName": "The name of the DB cluster snapshot attribute to modify.
To manage authorization for other Amazon Web Services accounts to copy or restore a manual DB cluster snapshot, set this value to restore.
To view the list of attributes available to modify, use the DescribeDBClusterSnapshotAttributes API action.
The DB instance identifier. This value is stored as a lowercase string.
Constraints:
Must match the identifier of an existing DBInstance.
The new compute and memory capacity of the DB instance, for example db.m4.large. Not all DB instance classes are available in all Amazon Web Services Regions, or for all database engines. For the full list of DB instance classes, and availability for your engine, see DB Instance Class in the Amazon RDS User Guide.
If you modify the DB instance class, an outage occurs during the change. The change is applied during the next maintenance window, unless ApplyImmediately is enabled for this request.
This setting doesn't apply to RDS Custom.
Default: Uses existing setting
", + "ModifyDBInstanceMessage$DBInstanceClass": "The new compute and memory capacity of the DB instance, for example db.m4.large. Not all DB instance classes are available in all Amazon Web Services Regions, or for all database engines. For the full list of DB instance classes, and availability for your engine, see DB Instance Class in the Amazon RDS User Guide.
If you modify the DB instance class, an outage occurs during the change. The change is applied during the next maintenance window, unless ApplyImmediately is enabled for this request.
This setting doesn't apply to RDS Custom for Oracle.
Default: Uses existing setting
", "ModifyDBInstanceMessage$DBSubnetGroupName": "The new DB subnet group for the DB instance. You can use this parameter to move your DB instance to a different VPC. If your DB instance isn't in a VPC, you can also use this parameter to move your DB instance into a VPC. For more information, see Working with a DB instance in a VPC in the Amazon RDS User Guide.
Changing the subnet group causes an outage during the change. The change is applied during the next maintenance window, unless you enable ApplyImmediately.
This parameter doesn't apply to RDS Custom.
Constraints: If supplied, must match the name of an existing DBSubnetGroup.
Example: mySubnetGroup
The new password for the master user. The password can include any printable ASCII character except \"/\", \"\"\", or \"@\".
Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible. Between the time of the request and the completion of the request, the MasterUserPassword element exists in the PendingModifiedValues element of the operation response.
This setting doesn't apply to RDS Custom.
Amazon Aurora
Not applicable. The password for the master user is managed by the DB cluster. For more information, see ModifyDBCluster.
Default: Uses existing setting
MariaDB
Constraints: Must contain from 8 to 41 characters.
Microsoft SQL Server
Constraints: Must contain from 8 to 128 characters.
MySQL
Constraints: Must contain from 8 to 41 characters.
Oracle
Constraints: Must contain from 8 to 30 characters.
PostgreSQL
Constraints: Must contain from 8 to 128 characters.
Amazon RDS API actions never return the password, so this action provides a way to regain access to a primary instance user if the password is lost. This includes restoring privileges that might have been accidentally revoked.
The name of the DB parameter group to apply to the DB instance.
Changing this setting doesn't result in an outage. The parameter group name itself is changed immediately, but the actual parameter changes are not applied until you reboot the instance without failover. In this case, the DB instance isn't rebooted automatically, and the parameter changes aren't applied during the next maintenance window. However, if you modify dynamic parameters in the newly associated DB parameter group, these changes are applied immediately without a reboot.
This setting doesn't apply to RDS Custom.
Default: Uses existing setting
Constraints: The DB parameter group must be in the same DB parameter group family as the DB instance.
", "ModifyDBInstanceMessage$PreferredBackupWindow": " The daily time range during which automated backups are created if automated backups are enabled, as determined by the BackupRetentionPeriod parameter. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible. The default is a 30-minute window selected at random from an 8-hour block of time for each Amazon Web Services Region. For more information, see Backup window in the Amazon RDS User Guide.
Amazon Aurora
Not applicable. The daily time range for creating automated backups is managed by the DB cluster. For more information, see ModifyDBCluster.
Constraints:
Must be in the format hh24:mi-hh24:mi
Must be in Universal Time Coordinated (UTC)
Must not conflict with the preferred maintenance window
Must be at least 30 minutes
The weekly time range (in UTC) during which system maintenance can occur, which might result in an outage. Changing this parameter doesn't result in an outage, except in the following situation, and the change is asynchronously applied as soon as possible. If there are pending actions that cause a reboot, and the maintenance window is changed to include the current time, then changing this parameter will cause a reboot of the DB instance. If moving this window to the current time, there must be at least 30 minutes between the current time and end of the window to ensure pending changes are applied.
For more information, see Amazon RDS Maintenance Window in the Amazon RDS User Guide.
Default: Uses existing setting
Format: ddd:hh24:mi-ddd:hh24:mi
Valid Days: Mon | Tue | Wed | Thu | Fri | Sat | Sun
Constraints: Must be at least 30 minutes
", - "ModifyDBInstanceMessage$EngineVersion": " The version number of the database engine to upgrade to. Changing this parameter results in an outage and the change is applied during the next maintenance window unless the ApplyImmediately parameter is enabled for this request.
For major version upgrades, if a nondefault DB parameter group is currently in use, a new DB parameter group in the DB parameter group family for the new engine version must be specified. The new DB parameter group can be the default for that DB parameter group family.
If you specify only a major version, Amazon RDS will update the DB instance to the default minor version if the current minor version is lower. For information about valid engine versions, see CreateDBInstance, or call DescribeDBEngineVersions.
In RDS Custom, this parameter is supported for read replicas only if they are in the PATCH_DB_FAILURE lifecycle.
The version number of the database engine to upgrade to. Changing this parameter results in an outage and the change is applied during the next maintenance window unless the ApplyImmediately parameter is enabled for this request.
For major version upgrades, if a nondefault DB parameter group is currently in use, a new DB parameter group in the DB parameter group family for the new engine version must be specified. The new DB parameter group can be the default for that DB parameter group family.
If you specify only a major version, Amazon RDS will update the DB instance to the default minor version if the current minor version is lower. For information about valid engine versions, see CreateDBInstance, or call DescribeDBEngineVersions.
In RDS Custom for Oracle, this parameter is supported for read replicas only if they are in the PATCH_DB_FAILURE lifecycle.
The license model for the DB instance.
This setting doesn't apply to RDS Custom.
Valid values: license-included | bring-your-own-license | general-public-license
A value that indicates the DB instance should be associated with the specified option group.
Changing this parameter doesn't result in an outage, with one exception. If the parameter change results in an option group that enables OEM, it can cause a brief period, lasting less than a second, during which new connections are rejected but existing connections aren't interrupted.
The change is applied during the next maintenance window unless the ApplyImmediately parameter is enabled for this request.
Permanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed from an option group, and that option group can't be removed from a DB instance after it is associated with a DB instance.
This setting doesn't apply to RDS Custom.
", "ModifyDBInstanceMessage$NewDBInstanceIdentifier": "The new DB instance identifier for the DB instance when renaming a DB instance. When you change the DB instance identifier, an instance reboot occurs immediately if you enable ApplyImmediately, or will occur during the next maintenance window if you disable Apply Immediately. This value is stored as a lowercase string.
This setting doesn't apply to RDS Custom.
Constraints:
Must contain from 1 to 63 letters, numbers, or hyphens.
The first character must be a letter.
Can't end with a hyphen or contain two consecutive hyphens.
Example: mydbinstance
The type of source that is generating the events. For example, if you want to be notified of events generated by a DB instance, you would set this parameter to db-instance. If this value isn't specified, all events are returned.
Valid values: db-instance | db-cluster | db-parameter-group | db-security-group | db-snapshot | db-cluster-snapshot
The DB cluster identifier for the global cluster being modified. This parameter isn't case-sensitive.
Constraints:
Must match the identifier of an existing global database cluster.
The new cluster identifier for the global database cluster when modifying a global database cluster. This value is stored as a lowercase string.
Constraints:
Must contain from 1 to 63 letters, numbers, or hyphens
The first character must be a letter
Can't end with a hyphen or contain two consecutive hyphens
Example: my-cluster2
The version number of the database engine to which you want to upgrade. Changing this parameter results in an outage. The change is applied during the next maintenance window unless ApplyImmediately is enabled.
To list all of the available engine versions for aurora (for MySQL 5.6-compatible Aurora), use the following command:
aws rds describe-db-engine-versions --engine aurora --query '*[]|[?SupportsGlobalDatabases == `true`].[EngineVersion]'
To list all of the available engine versions for aurora-mysql (for MySQL 5.7-compatible Aurora), use the following command:
aws rds describe-db-engine-versions --engine aurora-mysql --query '*[]|[?SupportsGlobalDatabases == `true`].[EngineVersion]'
To list all of the available engine versions for aurora-postgresql, use the following command:
aws rds describe-db-engine-versions --engine aurora-postgresql --query '*[]|[?SupportsGlobalDatabases == `true`].[EngineVersion]'
The version number of the database engine to which you want to upgrade. Changing this parameter results in an outage. The change is applied during the next maintenance window unless ApplyImmediately is enabled.
To list all of the available engine versions for aurora (for MySQL 5.6-compatible Aurora), use the following command:
aws rds describe-db-engine-versions --engine aurora --query '*[]|[?SupportsGlobalDatabases == `true`].[EngineVersion]'
To list all of the available engine versions for aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora), use the following command:
aws rds describe-db-engine-versions --engine aurora-mysql --query '*[]|[?SupportsGlobalDatabases == `true`].[EngineVersion]'
To list all of the available engine versions for aurora-postgresql, use the following command:
aws rds describe-db-engine-versions --engine aurora-postgresql --query '*[]|[?SupportsGlobalDatabases == `true`].[EngineVersion]'
The name of the option group to be modified.
Permanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed from an option group, and that option group can't be removed from a DB instance once it is associated with a DB instance
", "Option$OptionName": "The name of the option.
", "Option$OptionDescription": "The description of the option.
", @@ -4524,8 +4524,8 @@ "RestoreDBClusterFromS3Message$DBClusterIdentifier": "The name of the DB cluster to create from the source data in the Amazon S3 bucket. This parameter isn't case-sensitive.
Constraints:
Must contain from 1 to 63 letters, numbers, or hyphens.
First character must be a letter.
Can't end with a hyphen or contain two consecutive hyphens.
Example: my-cluster1
The name of the DB cluster parameter group to associate with the restored DB cluster. If this argument is omitted, default.aurora5.6 is used.
Constraints:
If supplied, must match the name of an existing DBClusterParameterGroup.
A DB subnet group to associate with the restored DB cluster.
Constraints: If supplied, must match the name of an existing DBSubnetGroup.
Example: mySubnetgroup
The name of the database engine to be used for this DB cluster.
Valid Values: aurora (for MySQL 5.6-compatible Aurora), aurora-mysql (for MySQL 5.7-compatible Aurora), and aurora-postgresql
The version number of the database engine to use.
To list all of the available engine versions for aurora (for MySQL 5.6-compatible Aurora), use the following command:
aws rds describe-db-engine-versions --engine aurora --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for aurora-mysql (for MySQL 5.7-compatible Aurora), use the following command:
aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for aurora-postgresql, use the following command:
aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"
Aurora MySQL
Example: 5.6.10a, 5.6.mysql_aurora.1.19.2, 5.7.12, 5.7.mysql_aurora.2.04.5
Aurora PostgreSQL
Example: 9.6.3, 10.7
The name of the database engine to be used for this DB cluster.
Valid Values: aurora (for MySQL 5.6-compatible Aurora), aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora), and aurora-postgresql
The version number of the database engine to use.
To list all of the available engine versions for aurora (for MySQL 5.6-compatible Aurora), use the following command:
aws rds describe-db-engine-versions --engine aurora --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora), use the following command:
aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for aurora-postgresql, use the following command:
aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"
Aurora MySQL
Example: 5.6.10a, 5.6.mysql_aurora.1.19.2, 5.7.12, 5.7.mysql_aurora.2.04.5, 8.0.mysql_aurora.3.01.0
Aurora PostgreSQL
Example: 9.6.3, 10.7
The name of the master user for the restored DB cluster.
Constraints:
Must be 1 to 16 letters or numbers.
First character must be a letter.
Can't be a reserved word for the chosen database engine.
The password for the master database user. This password can contain any printable ASCII character except \"/\", \"\"\", or \"@\".
Constraints: Must contain from 8 to 41 characters.
", "RestoreDBClusterFromS3Message$OptionGroupName": "A value that indicates that the restored DB cluster should be associated with the specified option group.
Permanent options can't be removed from an option group. An option group can't be removed from a DB cluster once it is associated with a DB cluster.
", @@ -4542,7 +4542,7 @@ "RestoreDBClusterFromSnapshotMessage$DBClusterIdentifier": "The name of the DB cluster to create from the DB snapshot or DB cluster snapshot. This parameter isn't case-sensitive.
Constraints:
Must contain from 1 to 63 letters, numbers, or hyphens
First character must be a letter
Can't end with a hyphen or contain two consecutive hyphens
Example: my-snapshot-id
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", "RestoreDBClusterFromSnapshotMessage$SnapshotIdentifier": "The identifier for the DB snapshot or DB cluster snapshot to restore from.
You can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot. However, you can use only the ARN to specify a DB snapshot.
Constraints:
Must match the identifier of an existing Snapshot.
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", "RestoreDBClusterFromSnapshotMessage$Engine": "The database engine to use for the new DB cluster.
Default: The same as source
Constraint: Must be compatible with the engine of the source
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", - "RestoreDBClusterFromSnapshotMessage$EngineVersion": "The version of the database engine to use for the new DB cluster.
To list all of the available engine versions for MySQL 5.6-compatible Aurora, use the following command:
aws rds describe-db-engine-versions --engine aurora --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for MySQL 5.7-compatible Aurora, use the following command:
aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for Aurora PostgreSQL, use the following command:
aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for RDS for MySQL, use the following command:
aws rds describe-db-engine-versions --engine mysql --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for RDS for PostgreSQL, use the following command:
aws rds describe-db-engine-versions --engine postgres --query \"DBEngineVersions[].EngineVersion\"
Aurora MySQL
See MySQL on Amazon RDS Versions in the Amazon Aurora User Guide.
Aurora PostgreSQL
See Amazon Aurora PostgreSQL releases and engine versions in the Amazon Aurora User Guide.
MySQL
See MySQL on Amazon RDS Versions in the Amazon RDS User Guide.
PostgreSQL
See Amazon RDS for PostgreSQL versions and extensions in the Amazon RDS User Guide.
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", + "RestoreDBClusterFromSnapshotMessage$EngineVersion": "The version of the database engine to use for the new DB cluster.
To list all of the available engine versions for MySQL 5.6-compatible Aurora, use the following command:
aws rds describe-db-engine-versions --engine aurora --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora, use the following command:
aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for Aurora PostgreSQL, use the following command:
aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for RDS for MySQL, use the following command:
aws rds describe-db-engine-versions --engine mysql --query \"DBEngineVersions[].EngineVersion\"
To list all of the available engine versions for RDS for PostgreSQL, use the following command:
aws rds describe-db-engine-versions --engine postgres --query \"DBEngineVersions[].EngineVersion\"
Aurora MySQL
See MySQL on Amazon RDS Versions in the Amazon Aurora User Guide.
Aurora PostgreSQL
See Amazon Aurora PostgreSQL releases and engine versions in the Amazon Aurora User Guide.
MySQL
See MySQL on Amazon RDS Versions in the Amazon RDS User Guide.
PostgreSQL
See Amazon RDS for PostgreSQL versions and extensions in the Amazon RDS User Guide.
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", "RestoreDBClusterFromSnapshotMessage$DBSubnetGroupName": "The name of the DB subnet group to use for the new DB cluster.
Constraints: If supplied, must match the name of an existing DB subnet group.
Example: mySubnetgroup
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", "RestoreDBClusterFromSnapshotMessage$DatabaseName": "The database name for the restored DB cluster.
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", "RestoreDBClusterFromSnapshotMessage$OptionGroupName": "The name of the option group to use for the restored DB cluster.
DB clusters are associated with a default option group that can't be modified.
", @@ -4552,7 +4552,7 @@ "RestoreDBClusterFromSnapshotMessage$Domain": "Specify the Active Directory directory ID to restore the DB cluster in. The domain must be created prior to this operation. Currently, only MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.
For more information, see Kerberos Authentication in the Amazon RDS User Guide.
Valid for: Aurora DB clusters only
", "RestoreDBClusterFromSnapshotMessage$DomainIAMRoleName": "Specify the name of the IAM role to be used when making API calls to the Directory Service.
Valid for: Aurora DB clusters only
", "RestoreDBClusterFromSnapshotMessage$DBClusterInstanceClass": "The compute and memory capacity of the each DB instance in the Multi-AZ DB cluster, for example db.m6g.xlarge. Not all DB instance classes are available in all Amazon Web Services Regions, or for all database engines.
For the full list of DB instance classes, and availability for your engine, see DB Instance Class in the Amazon RDS User Guide.
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", - "RestoreDBClusterFromSnapshotMessage$StorageType": "Specifies the storage type to be associated with the each DB instance in the Multi-AZ DB cluster.
Valid values: standard | gp2 | io1
If you specify io1, you must also include a value for the Iops parameter.
Default: io1 if the Iops parameter is specified, otherwise gp2
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", + "RestoreDBClusterFromSnapshotMessage$StorageType": "Specifies the storage type to be associated with the each DB instance in the Multi-AZ DB cluster.
Valid values: io1
When specified, a value for the Iops parameter is required.
Default: io1
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", "RestoreDBClusterToPointInTimeMessage$DBClusterIdentifier": "The name of the new DB cluster to be created.
Constraints:
Must contain from 1 to 63 letters, numbers, or hyphens
First character must be a letter
Can't end with a hyphen or contain two consecutive hyphens
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", "RestoreDBClusterToPointInTimeMessage$RestoreType": "The type of restore to be performed. You can specify one of the following values:
full-copy - The new DB cluster is restored as a full copy of the source DB cluster.
copy-on-write - The new DB cluster is restored as a clone of the source DB cluster.
Constraints: You can't specify copy-on-write if the engine version of the source DB cluster is earlier than 1.11.
If you don't specify a RestoreType value, then the new DB cluster is restored as a full copy of the source DB cluster.
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", "RestoreDBClusterToPointInTimeMessage$SourceDBClusterIdentifier": "The identifier of the source DB cluster from which to restore.
Constraints:
Must match the identifier of an existing DBCluster.
Valid for: Aurora DB clusters and Multi-AZ DB clusters
", @@ -4564,7 +4564,7 @@ "RestoreDBClusterToPointInTimeMessage$DomainIAMRoleName": "Specify the name of the IAM role to be used when making API calls to the Directory Service.
Valid for: Aurora DB clusters only
", "RestoreDBClusterToPointInTimeMessage$EngineMode": "The engine mode of the new cluster. Specify provisioned or serverless, depending on the type of the cluster you are creating. You can create an Aurora Serverless clone from a provisioned cluster, or a provisioned clone from an Aurora Serverless cluster. To create a clone that is an Aurora Serverless cluster, the original cluster must be an Aurora Serverless cluster or an encrypted provisioned cluster.
Valid for: Aurora DB clusters only
", "RestoreDBClusterToPointInTimeMessage$DBClusterInstanceClass": "The compute and memory capacity of the each DB instance in the Multi-AZ DB cluster, for example db.m6g.xlarge. Not all DB instance classes are available in all Amazon Web Services Regions, or for all database engines.
For the full list of DB instance classes, and availability for your engine, see DB instance class in the Amazon RDS User Guide.
Valid for: Multi-AZ DB clusters only
", - "RestoreDBClusterToPointInTimeMessage$StorageType": "Specifies the storage type to be associated with the each DB instance in the Multi-AZ DB cluster.
Valid values: standard | gp2 | io1
If you specify io1, also include a value for the Iops parameter.
Default: io1 if the Iops parameter is specified, otherwise gp2
Valid for: Multi-AZ DB clusters only
", + "RestoreDBClusterToPointInTimeMessage$StorageType": "Specifies the storage type to be associated with the each DB instance in the Multi-AZ DB cluster.
Valid values: io1
When specified, a value for the Iops parameter is required.
Default: io1
Valid for: Multi-AZ DB clusters only
", "RestoreDBInstanceFromDBSnapshotMessage$DBInstanceIdentifier": "Name of the DB instance to create from the DB snapshot. This parameter isn't case-sensitive.
Constraints:
Must contain from 1 to 63 numbers, letters, or hyphens
First character must be a letter
Can't end with a hyphen or contain two consecutive hyphens
Example: my-snapshot-id
The identifier for the DB snapshot to restore from.
Constraints:
Must match the identifier of an existing DBSnapshot.
If you are restoring from a shared manual DB snapshot, the DBSnapshotIdentifier must be the ARN of the shared DB snapshot.
The compute and memory capacity of the Amazon RDS DB instance, for example db.m4.large. Not all DB instance classes are available in all Amazon Web Services Regions, or for all database engines. For the full list of DB instance classes, and availability for your engine, see DB Instance Class in the Amazon RDS User Guide.
Default: The same DBInstanceClass as the original DB instance.
", diff --git a/models/apis/sagemaker/2017-07-24/api-2.json b/models/apis/sagemaker/2017-07-24/api-2.json index a353b7e165..f8334b948a 100644 --- a/models/apis/sagemaker/2017-07-24/api-2.json +++ b/models/apis/sagemaker/2017-07-24/api-2.json @@ -3818,6 +3818,12 @@ "min":1, "pattern":"[^ ~^:?*\\[]+" }, + "BucketName":{ + "type":"string", + "max":63, + "min":3, + "pattern":"[a-z0-9][\\.\\-a-z0-9]{1,61}[a-z0-9]" + }, "CacheHitResult":{ "type":"structure", "members":{ @@ -5245,7 +5251,6 @@ "type":"structure", "required":[ "PipelineName", - "PipelineDefinition", "ClientRequestToken", "RoleArn" ], @@ -5253,13 +5258,15 @@ "PipelineName":{"shape":"PipelineName"}, "PipelineDisplayName":{"shape":"PipelineName"}, "PipelineDefinition":{"shape":"PipelineDefinition"}, + "PipelineDefinitionS3Location":{"shape":"PipelineDefinitionS3Location"}, "PipelineDescription":{"shape":"PipelineDescription"}, "ClientRequestToken":{ "shape":"IdempotencyToken", "idempotencyToken":true }, "RoleArn":{"shape":"RoleArn"}, - "Tags":{"shape":"TagList"} + "Tags":{"shape":"TagList"}, + "ParallelismConfiguration":{"shape":"ParallelismConfiguration"} } }, "CreatePipelineResponse":{ @@ -7276,7 +7283,8 @@ "CreationTime":{"shape":"Timestamp"}, "LastModifiedTime":{"shape":"Timestamp"}, "CreatedBy":{"shape":"UserContext"}, - "LastModifiedBy":{"shape":"UserContext"} + "LastModifiedBy":{"shape":"UserContext"}, + "ParallelismConfiguration":{"shape":"ParallelismConfiguration"} } }, "DescribePipelineRequest":{ @@ -7300,7 +7308,8 @@ "LastModifiedTime":{"shape":"Timestamp"}, "LastRunTime":{"shape":"Timestamp"}, "CreatedBy":{"shape":"UserContext"}, - "LastModifiedBy":{"shape":"UserContext"} + "LastModifiedBy":{"shape":"UserContext"}, + "ParallelismConfiguration":{"shape":"ParallelismConfiguration"} } }, "DescribeProcessingJobRequest":{ @@ -7910,6 +7919,15 @@ "Constraints":{"shape":"MetricsSource"} } }, + "EMRStepMetadata":{ + "type":"structure", + "members":{ + "ClusterId":{"shape":"String256"}, + "StepId":{"shape":"String256"}, + "StepName":{"shape":"String256"}, + "LogFilePath":{"shape":"String1024"} + } + }, "Edge":{ "type":"structure", "members":{ @@ -9713,6 +9731,12 @@ "max":1, "min":1 }, + "Key":{ + "type":"string", + "max":1024, + "min":1, + "pattern":".+" + }, "KmsKeyId":{ "type":"string", "max":2048, @@ -11277,6 +11301,10 @@ "type":"integer", "min":1 }, + "MaxParallelExecutionSteps":{ + "type":"integer", + "min":1 + }, "MaxParallelOfTests":{ "type":"integer", "min":1 @@ -12691,6 +12719,13 @@ "max":8192, "pattern":".*" }, + "ParallelismConfiguration":{ + "type":"structure", + "required":["MaxParallelExecutionSteps"], + "members":{ + "MaxParallelExecutionSteps":{"shape":"MaxParallelExecutionSteps"} + } + }, "Parameter":{ "type":"structure", "required":[ @@ -12835,6 +12870,7 @@ "LastRunTime":{"shape":"Timestamp"}, "CreatedBy":{"shape":"UserContext"}, "LastModifiedBy":{"shape":"UserContext"}, + "ParallelismConfiguration":{"shape":"ParallelismConfiguration"}, "Tags":{"shape":"TagList"} } }, @@ -12849,6 +12885,18 @@ "min":1, "pattern":".*(?:[ \\r\\n\\t].*)*" }, + "PipelineDefinitionS3Location":{ + "type":"structure", + "required":[ + "Bucket", + "ObjectKey" + ], + "members":{ + "Bucket":{"shape":"BucketName"}, + "ObjectKey":{"shape":"Key"}, + "VersionId":{"shape":"VersionId"} + } + }, "PipelineDescription":{ "type":"string", "max":3072, @@ -12869,6 +12917,7 @@ "LastModifiedTime":{"shape":"Timestamp"}, "CreatedBy":{"shape":"UserContext"}, "LastModifiedBy":{"shape":"UserContext"}, + "ParallelismConfiguration":{"shape":"ParallelismConfiguration"}, "PipelineParameters":{"shape":"ParameterList"} } }, @@ -12908,6 +12957,8 @@ "type":"structure", "members":{ "StepName":{"shape":"StepName"}, + "StepDisplayName":{"shape":"StepDisplayName"}, + "StepDescription":{"shape":"StepDescription"}, "StartTime":{"shape":"Timestamp"}, "EndTime":{"shape":"Timestamp"}, "StepStatus":{"shape":"StepStatus"}, @@ -12936,7 +12987,8 @@ "Callback":{"shape":"CallbackStepMetadata"}, "Lambda":{"shape":"LambdaStepMetadata"}, "QualityCheck":{"shape":"QualityCheckStepMetadata"}, - "ClarifyCheck":{"shape":"ClarifyCheckStepMetadata"} + "ClarifyCheck":{"shape":"ClarifyCheckStepMetadata"}, + "EMR":{"shape":"EMRStepMetadata"} } }, "PipelineExecutionSummary":{ @@ -14202,7 +14254,8 @@ "ClientRequestToken":{ "shape":"IdempotencyToken", "idempotencyToken":true - } + }, + "ParallelismConfiguration":{"shape":"ParallelismConfiguration"} } }, "RetryPipelineExecutionResponse":{ @@ -14717,7 +14770,8 @@ "ClientRequestToken":{ "shape":"IdempotencyToken", "idempotencyToken":true - } + }, + "ParallelismConfiguration":{"shape":"ParallelismConfiguration"} } }, "StartPipelineExecutionResponse":{ @@ -14732,11 +14786,23 @@ "pattern":".*" }, "StatusMessage":{"type":"string"}, - "StepName":{ + "StepDescription":{ + "type":"string", + "max":3072, + "min":0, + "pattern":".*" + }, + "StepDisplayName":{ "type":"string", "max":256, + "min":0, "pattern":".*" }, + "StepName":{ + "type":"string", + "max":64, + "pattern":"^[A-Za-z0-9\\-_]*$" + }, "StepStatus":{ "type":"string", "enum":[ @@ -16185,7 +16251,8 @@ "members":{ "PipelineExecutionArn":{"shape":"PipelineExecutionArn"}, "PipelineExecutionDescription":{"shape":"PipelineExecutionDescription"}, - "PipelineExecutionDisplayName":{"shape":"PipelineExecutionName"} + "PipelineExecutionDisplayName":{"shape":"PipelineExecutionName"}, + "ParallelismConfiguration":{"shape":"ParallelismConfiguration"} } }, "UpdatePipelineExecutionResponse":{ @@ -16201,8 +16268,10 @@ "PipelineName":{"shape":"PipelineName"}, "PipelineDisplayName":{"shape":"PipelineName"}, "PipelineDefinition":{"shape":"PipelineDefinition"}, + "PipelineDefinitionS3Location":{"shape":"PipelineDefinitionS3Location"}, "PipelineDescription":{"shape":"PipelineDescription"}, - "RoleArn":{"shape":"RoleArn"} + "RoleArn":{"shape":"RoleArn"}, + "ParallelismConfiguration":{"shape":"ParallelismConfiguration"} } }, "UpdatePipelineResponse":{ @@ -16445,6 +16514,12 @@ "type":"float", "min":0 }, + "VersionId":{ + "type":"string", + "max":1024, + "min":1, + "pattern":".+" + }, "VersionedArnOrName":{ "type":"string", "max":176, diff --git a/models/apis/sagemaker/2017-07-24/docs-2.json b/models/apis/sagemaker/2017-07-24/docs-2.json index c93f3baef0..61dd0ad5c2 100644 --- a/models/apis/sagemaker/2017-07-24/docs-2.json +++ b/models/apis/sagemaker/2017-07-24/docs-2.json @@ -224,10 +224,10 @@ "StopLabelingJob": "Stops a running labeling job. A job that is stopped cannot be restarted. Any results obtained before the job is stopped are placed in the Amazon S3 output bucket.
", "StopMonitoringSchedule": "Stops a previously started monitoring schedule.
", "StopNotebookInstance": "Terminates the ML compute instance. Before terminating the instance, Amazon SageMaker disconnects the ML storage volume from it. Amazon SageMaker preserves the ML storage volume. Amazon SageMaker stops charging you for the ML compute instance when you call StopNotebookInstance.
To access data on the ML storage volume for a notebook instance that has been terminated, call the StartNotebookInstance API. StartNotebookInstance launches another ML compute instance, configures it, and attaches the preserved ML storage volume so you can continue your work.
Stops a pipeline execution.
Callback Step
A pipeline execution won't stop while a callback step is running. When you call StopPipelineExecution on a pipeline execution with a running callback step, SageMaker Pipelines sends an additional Amazon SQS message to the specified SQS queue. The body of the SQS message contains a \"Status\" field which is set to \"Stopping\".
You should add logic to your Amazon SQS message consumer to take any needed action (for example, resource cleanup) upon receipt of the message followed by a call to SendPipelineExecutionStepSuccess or SendPipelineExecutionStepFailure.
Only when SageMaker Pipelines receives one of these calls will it stop the pipeline execution.
Lambda Step
A pipeline execution can't be stopped while a lambda step is running because the Lambda function invoked by the lambda step can't be stopped. If you attempt to stop the execution while the Lambda function is running, the pipeline waits for the Lambda function to finish or until the timeout is hit, whichever occurs first, and then stops. If the Lambda function finishes, the pipeline execution status is Stopped. If the timeout is hit the pipeline execution status is Failed.
Stops a pipeline execution.
Callback Step
A pipeline execution won't stop while a callback step is running. When you call StopPipelineExecution on a pipeline execution with a running callback step, Amazon SageMaker Pipelines sends an additional Amazon SQS message to the specified SQS queue. The body of the SQS message contains a \"Status\" field which is set to \"Stopping\".
You should add logic to your Amazon SQS message consumer to take any needed action (for example, resource cleanup) upon receipt of the message followed by a call to SendPipelineExecutionStepSuccess or SendPipelineExecutionStepFailure.
Only when Amazon SageMaker Pipelines receives one of these calls will it stop the pipeline execution.
Lambda Step
A pipeline execution can't be stopped while a lambda step is running because the Lambda function invoked by the lambda step can't be stopped. If you attempt to stop the execution while the Lambda function is running, the pipeline waits for the Lambda function to finish or until the timeout is hit, whichever occurs first, and then stops. If the Lambda function finishes, the pipeline execution status is Stopped. If the timeout is hit the pipeline execution status is Failed.
Stops a processing job.
", "StopTrainingJob": "Stops a training job. To stop a job, Amazon SageMaker sends the algorithm the SIGTERM signal, which delays job termination for 120 seconds. Algorithms might use this 120-second window to save the model artifacts, so the results of the training is not lost.
When it receives a StopTrainingJob request, Amazon SageMaker changes the status of the job to Stopping. After Amazon SageMaker stops the job, it sets the status to Stopped.
Stops a transform job.
When Amazon SageMaker receives a StopTransformJob request, the status of the job changes to Stopping. After Amazon SageMaker stops the job, the status is set to Stopped. When you stop a transform job before it is completed, Amazon SageMaker doesn't store the job's output in Amazon S3.
Stops a batch transform job.
When Amazon SageMaker receives a StopTransformJob request, the status of the job changes to Stopping. After Amazon SageMaker stops the job, the status is set to Stopped. When you stop a batch transform job before it is completed, Amazon SageMaker doesn't store the job's output in Amazon S3.
Updates an action.
", "UpdateAppImageConfig": "Updates the properties of an AppImageConfig.
", "UpdateArtifact": "Updates an artifact.
", @@ -1172,6 +1172,12 @@ "GitConfig$Branch": "The default branch for the Git repository.
" } }, + "BucketName": { + "base": null, + "refs": { + "PipelineDefinitionS3Location$Bucket": "Name of the S3 bucket.
" + } + }, "CacheHitResult": { "base": "Details on the cache hit of a pipeline execution step.
", "refs": { @@ -3570,6 +3576,12 @@ "DriftCheckBaselines$ModelQuality": "Represents the drift check model quality baselines that can be used when the model monitor is set using the model package.
" } }, + "EMRStepMetadata": { + "base": "The configurations and outcomes of an Amazon EMR step execution.
", + "refs": { + "PipelineExecutionStepMetadata$EMR": "The configurations and outcomes of an EMR step execution.
" + } + }, "Edge": { "base": "A directed edge connecting two lineage entities.
", "refs": { @@ -4532,7 +4544,7 @@ "FrameworkVersion": { "base": null, "refs": { - "InputConfig$FrameworkVersion": "Specifies the framework version to use.
This API field is only supported for PyTorch framework versions 1.4, 1.5, and 1.6 for cloud instance target devices: ml_c4, ml_c5, ml_m4, ml_m5, ml_p2, ml_p3, and ml_g4dn.
Specifies the framework version to use. This API field is only supported for the PyTorch and TensorFlow frameworks.
For information about framework versions supported for cloud targets and edge devices, see Cloud Supported Instance Types and Frameworks and Edge Supported Frameworks.
", "ModelPackageContainerDefinition$FrameworkVersion": "The framework version of the Model Package Container Image.
" } }, @@ -5231,7 +5243,7 @@ "IntegerValue": { "base": null, "refs": { - "PipelineExecutionStep$AttemptCount": null + "PipelineExecutionStep$AttemptCount": "The current attempt of the execution step. For more information, see Retry Policy for Amazon SageMaker Pipelines steps.
" } }, "InvocationsMaxRetries": { @@ -5341,6 +5353,12 @@ "KernelGatewayImageConfig$KernelSpecs": "The specification of the Jupyter kernels in the image.
" } }, + "Key": { + "base": null, + "refs": { + "PipelineDefinitionS3Location$ObjectKey": "The object key (or key name) uniquely identifies the object in an S3 bucket.
" + } + }, "KmsKeyId": { "base": null, "refs": { @@ -5348,14 +5366,14 @@ "AthenaDatasetDefinition$KmsKeyId": "The Amazon Web Services Key Management Service (Amazon Web Services KMS) key that Amazon SageMaker uses to encrypt data generated from an Athena query execution.
", "AutoMLOutputDataConfig$KmsKeyId": "The Amazon Web Services KMS encryption key ID.
", "AutoMLSecurityConfig$VolumeKmsKeyId": "The key used to encrypt stored data.
", - "CreateDomainRequest$HomeEfsFileSystemKmsKeyId": "This member is deprecated and replaced with KmsKeyId.
Use KmsKeyId.
SageMaker uses Amazon Web Services KMS to encrypt the EFS volume attached to the domain with an Amazon Web Services managed key by default. For more control, specify a customer managed key.
", "CreateEdgePackagingJobRequest$ResourceKey": "The Amazon Web Services KMS key to use when encrypting the EBS volume the edge packaging job runs on.
", "CreateEndpointConfigInput$KmsKeyId": "The Amazon Resource Name (ARN) of a Amazon Web Services Key Management Service key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance that hosts the endpoint.
The KmsKeyId can be any of the following formats:
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
Alias name: alias/ExampleAlias
Alias name ARN: arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias
The KMS key policy must grant permission to the IAM role that you specify in your CreateEndpoint, UpdateEndpoint requests. For more information, refer to the Amazon Web Services Key Management Service section Using Key Policies in Amazon Web Services KMS
Certain Nitro-based instances include local storage, dependent on the instance type. Local storage volumes are encrypted using a hardware module on the instance. You can't request a KmsKeyId when using an instance type with local storage. If any of the models that you specify in the ProductionVariants parameter use nitro-based instances with local storage, do not specify a value for the KmsKeyId parameter. If you specify a value for KmsKeyId when using any nitro-based instances with local storage, the call to CreateEndpointConfig fails.
For a list of instance types that support local instance storage, see Instance Store Volumes.
For more information about local instance storage encryption, see SSD Instance Store Volumes.
The Amazon Resource Name (ARN) of a Amazon Web Services Key Management Service key that Amazon SageMaker uses to encrypt data on the storage volume attached to your notebook instance. The KMS key you provide must be enabled. For information, see Enabling and Disabling Keys in the Amazon Web Services Key Management Service Developer Guide.
", "DataCaptureConfig$KmsKeyId": "", "DataCaptureConfigSummary$KmsKeyId": "", - "DescribeDomainResponse$HomeEfsFileSystemKmsKeyId": "This member is deprecated and replaced with KmsKeyId.
Use KmsKeyId.
The Amazon Web Services KMS customer managed key used to encrypt the EFS volume attached to the domain.
", "DescribeEdgePackagingJobResponse$ResourceKey": "The Amazon Web Services KMS key to use when encrypting the EBS volume the job run on.
", "DescribeEndpointConfigOutput$KmsKeyId": "Amazon Web Services KMS key ID Amazon SageMaker uses to encrypt data when storing it on the ML storage volume attached to the instance.
", @@ -6346,6 +6364,12 @@ "ResourceLimits$MaxNumberOfTrainingJobs": "The maximum number of training jobs that a hyperparameter tuning job can launch.
" } }, + "MaxParallelExecutionSteps": { + "base": null, + "refs": { + "ParallelismConfiguration$MaxParallelExecutionSteps": "The max number of steps that can be executed in parallel.
" + } + }, "MaxParallelOfTests": { "base": null, "refs": { @@ -7930,6 +7954,20 @@ "ListModelsOutput$NextToken": "If the response is truncated, Amazon SageMaker returns this token. To retrieve the next set of models, use it in the subsequent request.
" } }, + "ParallelismConfiguration": { + "base": "Configuration that controls the parallelism of the pipeline. By default, the parallelism configuration specified applies to all executions of the pipeline unless overridden.
", + "refs": { + "CreatePipelineRequest$ParallelismConfiguration": "This is the configuration that controls the parallelism of the pipeline. If specified, it applies to all runs of this pipeline by default.
", + "DescribePipelineExecutionResponse$ParallelismConfiguration": "The parallelism configuration applied to the pipeline.
", + "DescribePipelineResponse$ParallelismConfiguration": "Lists the parallelism configuration applied to the pipeline.
", + "Pipeline$ParallelismConfiguration": "The parallelism configuration applied to the pipeline.
", + "PipelineExecution$ParallelismConfiguration": "The parallelism configuration applied to the pipeline execution.
", + "RetryPipelineExecutionRequest$ParallelismConfiguration": "This configuration, if specified, overrides the parallelism configuration of the parent pipeline.
", + "StartPipelineExecutionRequest$ParallelismConfiguration": "This configuration, if specified, overrides the parallelism configuration of the parent pipeline for this specific run.
", + "UpdatePipelineExecutionRequest$ParallelismConfiguration": "This configuration, if specified, overrides the parallelism configuration of the parent pipeline for this specific run.
", + "UpdatePipelineRequest$ParallelismConfiguration": "If specified, it applies to all executions of this pipeline by default.
" + } + }, "Parameter": { "base": "Assigns a value to a named Pipeline parameter.
", "refs": { @@ -8080,6 +8118,13 @@ "UpdatePipelineRequest$PipelineDefinition": "The JSON pipeline definition.
" } }, + "PipelineDefinitionS3Location": { + "base": "The location of the pipeline definition stored in Amazon S3.
", + "refs": { + "CreatePipelineRequest$PipelineDefinitionS3Location": "The location of the pipeline definition stored in Amazon S3. If specified, SageMaker will retrieve the pipeline definition from this location.
", + "UpdatePipelineRequest$PipelineDefinitionS3Location": "The location of the pipeline definition stored in Amazon S3. If specified, SageMaker will retrieve the pipeline definition from this location.
" + } + }, "PipelineDescription": { "base": null, "refs": { @@ -9781,6 +9826,18 @@ "SecondaryStatusTransition$StatusMessage": "A detailed description of the progress within a secondary status.
Amazon SageMaker provides secondary statuses and status messages that apply to each of them:
Starting the training job.
Launching requested ML instances.
Insufficient capacity error from EC2 while launching instances, retrying!
Launched instance was unhealthy, replacing it!
Preparing the instances for training.
Downloading the training image.
Training image download completed. Training in progress.
Status messages are subject to change. Therefore, we recommend not including them in code that programmatically initiates actions. For examples, don't use status messages in if statements.
To have an overview of your training job's progress, view TrainingJobStatus and SecondaryStatus in DescribeTrainingJob, and StatusMessage together. For example, at the start of a training job, you might see the following:
TrainingJobStatus - InProgress
SecondaryStatus - Training
StatusMessage - Downloading the training image
The description of the step.
" + } + }, + "StepDisplayName": { + "base": null, + "refs": { + "PipelineExecutionStep$StepDisplayName": "The display name of the step.
" + } + }, "StepName": { "base": null, "refs": { @@ -9931,6 +9988,7 @@ "CreateDomainResponse$Url": "The URL to the created domain.
", "DescribeDomainResponse$Url": "The domain's URL.
", "DomainDetails$Url": "The domain's URL.
", + "EMRStepMetadata$LogFilePath": "The path to the log file where the cluster step's failure root cause is recorded.
", "OutputParameter$Value": "The value of the output parameter.
", "Parameter$Value": "The literal value for the parameter.
", "QualityCheckStepMetadata$BaselineUsedForDriftCheckStatistics": "The Amazon S3 URI of the baseline statistics file used for the drift check.
", @@ -9989,6 +10047,9 @@ "DescribeContextResponse$ContextType": "The type of the context.
", "DescribeDomainResponse$SingleSignOnManagedApplicationInstanceId": "The SSO managed application instance ID.
", "DescribeUserProfileResponse$SingleSignOnUserValue": "The SSO user value.
", + "EMRStepMetadata$ClusterId": "The identifier of the EMR cluster.
", + "EMRStepMetadata$StepId": "The identifier of the EMR cluster step.
", + "EMRStepMetadata$StepName": "The name of the EMR cluster step.
", "LambdaStepMetadata$Arn": "The Amazon Resource Name (ARN) of the Lambda function that was run by this step execution.
", "ListActionsRequest$ActionType": "A filter that returns only actions of the specified type.
", "ListArtifactsRequest$ArtifactType": "A filter that returns only artifacts of the specified type.
", @@ -10977,7 +11038,7 @@ "CreateTransformJobRequest$TransformJobName": "The name of the transform job. The name must be unique within an Amazon Web Services Region in an Amazon Web Services account.
", "DescribeTransformJobRequest$TransformJobName": "The name of the transform job that you want to view details of.
", "DescribeTransformJobResponse$TransformJobName": "The name of the transform job.
", - "StopTransformJobRequest$TransformJobName": "The name of the transform job to stop.
", + "StopTransformJobRequest$TransformJobName": "The name of the batch transform job to stop.
", "TransformJob$TransformJobName": "The name of the transform job.
", "TransformJobSummary$TransformJobName": "The name of the transform job.
" } @@ -11679,6 +11740,12 @@ "ProductionVariantSummary$DesiredWeight": "The requested weight, as specified in the UpdateEndpointWeightsAndCapacities request.
Version Id of the pipeline definition file. If not specified, Amazon SageMaker will retrieve the latest version.
" + } + }, "VersionedArnOrName": { "base": null, "refs": { diff --git a/models/endpoints/endpoints.json b/models/endpoints/endpoints.json index 8dd1255f34..038972a82f 100644 --- a/models/endpoints/endpoints.json +++ b/models/endpoints/endpoints.json @@ -6899,22 +6899,102 @@ }, "lambda" : { "endpoints" : { - "af-south-1" : { }, - "ap-east-1" : { }, - "ap-northeast-1" : { }, - "ap-northeast-2" : { }, - "ap-northeast-3" : { }, - "ap-south-1" : { }, - "ap-southeast-1" : { }, - "ap-southeast-2" : { }, - "ap-southeast-3" : { }, - "ca-central-1" : { }, - "eu-central-1" : { }, - "eu-north-1" : { }, - "eu-south-1" : { }, - "eu-west-1" : { }, - "eu-west-2" : { }, - "eu-west-3" : { }, + "af-south-1" : { + "variants" : [ { + "hostname" : "lambda.af-south-1.api.aws", + "tags" : [ "dualstack" ] + } ] + }, + "ap-east-1" : { + "variants" : [ { + "hostname" : "lambda.ap-east-1.api.aws", + "tags" : [ "dualstack" ] + } ] + }, + "ap-northeast-1" : { + "variants" : [ { + "hostname" : "lambda.ap-northeast-1.api.aws", + "tags" : [ "dualstack" ] + } ] + }, + "ap-northeast-2" : { + "variants" : [ { + "hostname" : "lambda.ap-northeast-2.api.aws", + "tags" : [ "dualstack" ] + } ] + }, + "ap-northeast-3" : { + "variants" : [ { + "hostname" : "lambda.ap-northeast-3.api.aws", + "tags" : [ "dualstack" ] + } ] + }, + "ap-south-1" : { + "variants" : [ { + "hostname" : "lambda.ap-south-1.api.aws", + "tags" : [ "dualstack" ] + } ] + }, + "ap-southeast-1" : { + "variants" : [ { + "hostname" : "lambda.ap-southeast-1.api.aws", + "tags" : [ "dualstack" ] + } ] + }, + "ap-southeast-2" : { + "variants" : [ { + "hostname" : "lambda.ap-southeast-2.api.aws", + "tags" : [ "dualstack" ] + } ] + }, + "ap-southeast-3" : { + "variants" : [ { + "hostname" : "lambda.ap-southeast-3.api.aws", + "tags" : [ "dualstack" ] + } ] + }, + "ca-central-1" : { + "variants" : [ { + "hostname" : "lambda.ca-central-1.api.aws", + "tags" : [ "dualstack" ] + } ] + }, + "eu-central-1" : { + "variants" : [ { + "hostname" : "lambda.eu-central-1.api.aws", + "tags" : [ "dualstack" ] + } ] + }, + "eu-north-1" : { + "variants" : [ { + "hostname" : "lambda.eu-north-1.api.aws", + "tags" : [ "dualstack" ] + } ] + }, + "eu-south-1" : { + "variants" : [ { + "hostname" : "lambda.eu-south-1.api.aws", + "tags" : [ "dualstack" ] + } ] + }, + "eu-west-1" : { + "variants" : [ { + "hostname" : "lambda.eu-west-1.api.aws", + "tags" : [ "dualstack" ] + } ] + }, + "eu-west-2" : { + "variants" : [ { + "hostname" : "lambda.eu-west-2.api.aws", + "tags" : [ "dualstack" ] + } ] + }, + "eu-west-3" : { + "variants" : [ { + "hostname" : "lambda.eu-west-3.api.aws", + "tags" : [ "dualstack" ] + } ] + }, "fips-us-east-1" : { "credentialScope" : { "region" : "us-east-1" @@ -6943,30 +7023,52 @@ "deprecated" : true, "hostname" : "lambda-fips.us-west-2.amazonaws.com" }, - "me-south-1" : { }, - "sa-east-1" : { }, + "me-south-1" : { + "variants" : [ { + "hostname" : "lambda.me-south-1.api.aws", + "tags" : [ "dualstack" ] + } ] + }, + "sa-east-1" : { + "variants" : [ { + "hostname" : "lambda.sa-east-1.api.aws", + "tags" : [ "dualstack" ] + } ] + }, "us-east-1" : { "variants" : [ { "hostname" : "lambda-fips.us-east-1.amazonaws.com", "tags" : [ "fips" ] + }, { + "hostname" : "lambda.us-east-1.api.aws", + "tags" : [ "dualstack" ] } ] }, "us-east-2" : { "variants" : [ { "hostname" : "lambda-fips.us-east-2.amazonaws.com", "tags" : [ "fips" ] + }, { + "hostname" : "lambda.us-east-2.api.aws", + "tags" : [ "dualstack" ] } ] }, "us-west-1" : { "variants" : [ { "hostname" : "lambda-fips.us-west-1.amazonaws.com", "tags" : [ "fips" ] + }, { + "hostname" : "lambda.us-west-1.api.aws", + "tags" : [ "dualstack" ] } ] }, "us-west-2" : { "variants" : [ { "hostname" : "lambda-fips.us-west-2.amazonaws.com", "tags" : [ "fips" ] + }, { + "hostname" : "lambda.us-west-2.api.aws", + "tags" : [ "dualstack" ] } ] } } @@ -10062,6 +10164,7 @@ "ap-south-1" : { }, "ap-southeast-1" : { }, "ap-southeast-2" : { }, + "ap-southeast-3" : { }, "ca-central-1" : { }, "eu-central-1" : { }, "eu-north-1" : { }, @@ -13130,8 +13233,18 @@ }, "lambda" : { "endpoints" : { - "cn-north-1" : { }, - "cn-northwest-1" : { } + "cn-north-1" : { + "variants" : [ { + "hostname" : "lambda.cn-north-1.api.amazonwebservices.com.cn", + "tags" : [ "dualstack" ] + } ] + }, + "cn-northwest-1" : { + "variants" : [ { + "hostname" : "lambda.cn-northwest-1.api.amazonwebservices.com.cn", + "tags" : [ "dualstack" ] + } ] + } } }, "license-manager" : { diff --git a/service/detective/api.go b/service/detective/api.go index 3ba5039993..b724780fa6 100644 --- a/service/detective/api.go +++ b/service/detective/api.go @@ -192,7 +192,7 @@ func (c *Detective) CreateGraphRequest(input *CreateGraphInput) (req *request.Re // // * The request would cause the number of member accounts in the behavior // graph to exceed the maximum allowed. A behavior graph cannot have more -// than 1000 member accounts. +// than 1200 member accounts. // // * The request would cause the data rate for the behavior graph to exceed // the maximum allowed. @@ -266,22 +266,34 @@ func (c *Detective) CreateMembersRequest(input *CreateMembersInput) (req *reques // CreateMembers API operation for Amazon Detective. // -// Sends a request to invite the specified AWS accounts to be member accounts -// in the behavior graph. This operation can only be called by the administrator -// account for a behavior graph. +// CreateMembers is used to send invitations to accounts. For the organization +// behavior graph, the Detective administrator account uses CreateMembers to +// enable organization accounts as member accounts. +// +// For invited accounts, CreateMembers sends a request to invite the specified +// Amazon Web Services accounts to be member accounts in the behavior graph. +// This operation can only be called by the administrator account for a behavior +// graph. // // CreateMembers verifies the accounts and then invites the verified accounts. // The administrator can optionally specify to not send invitation emails to // the member accounts. This would be used when the administrator manages their // member accounts centrally. // -// The request provides the behavior graph ARN and the list of accounts to invite. +// For organization accounts in the organization behavior graph, CreateMembers +// attempts to enable the accounts. The organization accounts do not receive +// invitations. +// +// The request provides the behavior graph ARN and the list of accounts to invite +// or to enable. // // The response separates the requested accounts into two lists: // -// * The accounts that CreateMembers was able to start the verification for. -// This list includes member accounts that are being verified, that have -// passed verification and are to be invited, and that have failed verification. +// * The accounts that CreateMembers was able to process. For invited accounts, +// includes member accounts that are being verified, that have passed verification +// and are to be invited, and that have failed verification. For organization +// accounts in the organization behavior graph, includes accounts that can +// be enabled and that cannot be enabled. // // * The accounts that CreateMembers was unable to process. This list includes // accounts that were already invited to be member accounts in the behavior @@ -309,7 +321,7 @@ func (c *Detective) CreateMembersRequest(input *CreateMembersInput) (req *reques // // * The request would cause the number of member accounts in the behavior // graph to exceed the maximum allowed. A behavior graph cannot have more -// than 1000 member accounts. +// than 1200 member accounts. // // * The request would cause the data rate for the behavior graph to exceed // the maximum allowed. @@ -385,7 +397,7 @@ func (c *Detective) DeleteGraphRequest(input *DeleteGraphInput) (req *request.Re // DeleteGraph API operation for Amazon Detective. // // Disables the specified behavior graph and queues it to be deleted. This operation -// removes the graph from each member account's list of behavior graphs. +// removes the behavior graph from each member account's list of behavior graphs. // // DeleteGraph can only be called by the administrator account for a behavior // graph. @@ -473,11 +485,22 @@ func (c *Detective) DeleteMembersRequest(input *DeleteMembersInput) (req *reques // DeleteMembers API operation for Amazon Detective. // -// Deletes one or more member accounts from the administrator account's behavior -// graph. This operation can only be called by a Detective administrator account. -// That account cannot use DeleteMembers to delete their own account from the -// behavior graph. To disable a behavior graph, the administrator account uses -// the DeleteGraph API method. +// Removes the specified member accounts from the behavior graph. The removed +// accounts no longer contribute data to the behavior graph. This operation +// can only be called by the administrator account for the behavior graph. +// +// For invited accounts, the removed accounts are deleted from the list of accounts +// in the behavior graph. To restore the account, the administrator account +// must send another invitation. +// +// For organization accounts in the organization behavior graph, the Detective +// administrator account can always enable the organization account again. Organization +// accounts that are not enabled as member accounts are not included in the +// ListMembers results for the organization behavior graph. +// +// An administrator account cannot use DeleteMembers to remove their own account +// from the behavior graph. To disable a behavior graph, the administrator account +// uses the DeleteGraph API method. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -521,6 +544,188 @@ func (c *Detective) DeleteMembersWithContext(ctx aws.Context, input *DeleteMembe return out, req.Send() } +const opDescribeOrganizationConfiguration = "DescribeOrganizationConfiguration" + +// DescribeOrganizationConfigurationRequest generates a "aws/request.Request" representing the +// client's request for the DescribeOrganizationConfiguration operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeOrganizationConfiguration for more information on using the DescribeOrganizationConfiguration +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeOrganizationConfigurationRequest method. +// req, resp := client.DescribeOrganizationConfigurationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/DescribeOrganizationConfiguration +func (c *Detective) DescribeOrganizationConfigurationRequest(input *DescribeOrganizationConfigurationInput) (req *request.Request, output *DescribeOrganizationConfigurationOutput) { + op := &request.Operation{ + Name: opDescribeOrganizationConfiguration, + HTTPMethod: "POST", + HTTPPath: "/orgs/describeOrganizationConfiguration", + } + + if input == nil { + input = &DescribeOrganizationConfigurationInput{} + } + + output = &DescribeOrganizationConfigurationOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeOrganizationConfiguration API operation for Amazon Detective. +// +// Returns information about the configuration for the organization behavior +// graph. Currently indicates whether to automatically enable new organization +// accounts as member accounts. +// +// Can only be called by the Detective administrator account for the organization. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Detective's +// API operation DescribeOrganizationConfiguration for usage and error information. +// +// Returned Error Types: +// * InternalServerException +// The request was valid but failed because of a problem with the service. +// +// * ValidationException +// The request parameters are invalid. +// +// * TooManyRequestsException +// The request cannot be completed because too many other requests are occurring +// at the same time. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/DescribeOrganizationConfiguration +func (c *Detective) DescribeOrganizationConfiguration(input *DescribeOrganizationConfigurationInput) (*DescribeOrganizationConfigurationOutput, error) { + req, out := c.DescribeOrganizationConfigurationRequest(input) + return out, req.Send() +} + +// DescribeOrganizationConfigurationWithContext is the same as DescribeOrganizationConfiguration with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeOrganizationConfiguration for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Detective) DescribeOrganizationConfigurationWithContext(ctx aws.Context, input *DescribeOrganizationConfigurationInput, opts ...request.Option) (*DescribeOrganizationConfigurationOutput, error) { + req, out := c.DescribeOrganizationConfigurationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDisableOrganizationAdminAccount = "DisableOrganizationAdminAccount" + +// DisableOrganizationAdminAccountRequest generates a "aws/request.Request" representing the +// client's request for the DisableOrganizationAdminAccount operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DisableOrganizationAdminAccount for more information on using the DisableOrganizationAdminAccount +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DisableOrganizationAdminAccountRequest method. +// req, resp := client.DisableOrganizationAdminAccountRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/DisableOrganizationAdminAccount +func (c *Detective) DisableOrganizationAdminAccountRequest(input *DisableOrganizationAdminAccountInput) (req *request.Request, output *DisableOrganizationAdminAccountOutput) { + op := &request.Operation{ + Name: opDisableOrganizationAdminAccount, + HTTPMethod: "POST", + HTTPPath: "/orgs/disableAdminAccount", + } + + if input == nil { + input = &DisableOrganizationAdminAccountInput{} + } + + output = &DisableOrganizationAdminAccountOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// DisableOrganizationAdminAccount API operation for Amazon Detective. +// +// Removes the Detective administrator account for the organization in the current +// Region. Deletes the behavior graph for that account. +// +// Can only be called by the organization management account. Before you can +// select a different Detective administrator account, you must remove the Detective +// administrator account in all Regions. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Detective's +// API operation DisableOrganizationAdminAccount for usage and error information. +// +// Returned Error Types: +// * InternalServerException +// The request was valid but failed because of a problem with the service. +// +// * ValidationException +// The request parameters are invalid. +// +// * TooManyRequestsException +// The request cannot be completed because too many other requests are occurring +// at the same time. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/DisableOrganizationAdminAccount +func (c *Detective) DisableOrganizationAdminAccount(input *DisableOrganizationAdminAccountInput) (*DisableOrganizationAdminAccountOutput, error) { + req, out := c.DisableOrganizationAdminAccountRequest(input) + return out, req.Send() +} + +// DisableOrganizationAdminAccountWithContext is the same as DisableOrganizationAdminAccount with the addition of +// the ability to pass a context and additional request options. +// +// See DisableOrganizationAdminAccount for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Detective) DisableOrganizationAdminAccountWithContext(ctx aws.Context, input *DisableOrganizationAdminAccountInput, opts ...request.Option) (*DisableOrganizationAdminAccountOutput, error) { + req, out := c.DisableOrganizationAdminAccountRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDisassociateMembership = "DisassociateMembership" // DisassociateMembershipRequest generates a "aws/request.Request" representing the @@ -567,7 +772,12 @@ func (c *Detective) DisassociateMembershipRequest(input *DisassociateMembershipI // DisassociateMembership API operation for Amazon Detective. // // Removes the member account from the specified behavior graph. This operation -// can only be called by a member account that has the ENABLED status. +// can only be called by an invited member account that has the ENABLED status. +// +// DisassociateMembership cannot be called by an organization account in the +// organization behavior graph. For the organization behavior graph, the Detective +// administrator account determines which organization accounts to enable or +// disable as member accounts. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -611,6 +821,103 @@ func (c *Detective) DisassociateMembershipWithContext(ctx aws.Context, input *Di return out, req.Send() } +const opEnableOrganizationAdminAccount = "EnableOrganizationAdminAccount" + +// EnableOrganizationAdminAccountRequest generates a "aws/request.Request" representing the +// client's request for the EnableOrganizationAdminAccount operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See EnableOrganizationAdminAccount for more information on using the EnableOrganizationAdminAccount +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the EnableOrganizationAdminAccountRequest method. +// req, resp := client.EnableOrganizationAdminAccountRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/EnableOrganizationAdminAccount +func (c *Detective) EnableOrganizationAdminAccountRequest(input *EnableOrganizationAdminAccountInput) (req *request.Request, output *EnableOrganizationAdminAccountOutput) { + op := &request.Operation{ + Name: opEnableOrganizationAdminAccount, + HTTPMethod: "POST", + HTTPPath: "/orgs/enableAdminAccount", + } + + if input == nil { + input = &EnableOrganizationAdminAccountInput{} + } + + output = &EnableOrganizationAdminAccountOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// EnableOrganizationAdminAccount API operation for Amazon Detective. +// +// Designates the Detective administrator account for the organization in the +// current Region. +// +// If the account does not have Detective enabled, then enables Detective for +// that account and creates a new behavior graph. +// +// Can only be called by the organization management account. +// +// The Detective administrator account for an organization must be the same +// in all Regions. If you already designated a Detective administrator account +// in another Region, then you must designate the same account. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Detective's +// API operation EnableOrganizationAdminAccount for usage and error information. +// +// Returned Error Types: +// * InternalServerException +// The request was valid but failed because of a problem with the service. +// +// * ValidationException +// The request parameters are invalid. +// +// * TooManyRequestsException +// The request cannot be completed because too many other requests are occurring +// at the same time. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/EnableOrganizationAdminAccount +func (c *Detective) EnableOrganizationAdminAccount(input *EnableOrganizationAdminAccountInput) (*EnableOrganizationAdminAccountOutput, error) { + req, out := c.EnableOrganizationAdminAccountRequest(input) + return out, req.Send() +} + +// EnableOrganizationAdminAccountWithContext is the same as EnableOrganizationAdminAccount with the addition of +// the ability to pass a context and additional request options. +// +// See EnableOrganizationAdminAccount for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Detective) EnableOrganizationAdminAccountWithContext(ctx aws.Context, input *EnableOrganizationAdminAccountInput, opts ...request.Option) (*EnableOrganizationAdminAccountOutput, error) { + req, out := c.EnableOrganizationAdminAccountRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opGetMembers = "GetMembers" // GetMembersRequest generates a "aws/request.Request" representing the @@ -892,7 +1199,7 @@ func (c *Detective) ListInvitationsRequest(input *ListInvitationsInput) (req *re // ListInvitations API operation for Amazon Detective. // // Retrieves the list of open and accepted behavior graph invitations for the -// member account. This operation can only be called by a member account. +// member account. This operation can only be called by an invited member account. // // Open invitations are invitations that the member account has not responded // to. @@ -1039,8 +1346,14 @@ func (c *Detective) ListMembersRequest(input *ListMembersInput) (req *request.Re // ListMembers API operation for Amazon Detective. // -// Retrieves the list of member accounts for a behavior graph. Does not return -// member accounts that were removed from the behavior graph. +// Retrieves the list of member accounts for a behavior graph. +// +// For invited accounts, the results do not include member accounts that were +// removed from the behavior graph. +// +// For the organization behavior graph, the results do not include organization +// accounts that the Detective administrator account has not enabled as member +// accounts. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1133,58 +1446,65 @@ func (c *Detective) ListMembersPagesWithContext(ctx aws.Context, input *ListMemb return p.Err() } -const opListTagsForResource = "ListTagsForResource" +const opListOrganizationAdminAccounts = "ListOrganizationAdminAccounts" -// ListTagsForResourceRequest generates a "aws/request.Request" representing the -// client's request for the ListTagsForResource operation. The "output" return +// ListOrganizationAdminAccountsRequest generates a "aws/request.Request" representing the +// client's request for the ListOrganizationAdminAccounts operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See ListTagsForResource for more information on using the ListTagsForResource +// See ListOrganizationAdminAccounts for more information on using the ListOrganizationAdminAccounts // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // -// // Example sending a request using the ListTagsForResourceRequest method. -// req, resp := client.ListTagsForResourceRequest(params) +// // Example sending a request using the ListOrganizationAdminAccountsRequest method. +// req, resp := client.ListOrganizationAdminAccountsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/ListTagsForResource -func (c *Detective) ListTagsForResourceRequest(input *ListTagsForResourceInput) (req *request.Request, output *ListTagsForResourceOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/ListOrganizationAdminAccounts +func (c *Detective) ListOrganizationAdminAccountsRequest(input *ListOrganizationAdminAccountsInput) (req *request.Request, output *ListOrganizationAdminAccountsOutput) { op := &request.Operation{ - Name: opListTagsForResource, - HTTPMethod: "GET", - HTTPPath: "/tags/{ResourceArn}", + Name: opListOrganizationAdminAccounts, + HTTPMethod: "POST", + HTTPPath: "/orgs/adminAccountslist", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { - input = &ListTagsForResourceInput{} + input = &ListOrganizationAdminAccountsInput{} } - output = &ListTagsForResourceOutput{} + output = &ListOrganizationAdminAccountsOutput{} req = c.newRequest(op, input, output) return } -// ListTagsForResource API operation for Amazon Detective. +// ListOrganizationAdminAccounts API operation for Amazon Detective. // -// Returns the tag values that are assigned to a behavior graph. +// Returns information about the Detective administrator account for an organization. +// Can only be called by the organization management account. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Detective's -// API operation ListTagsForResource for usage and error information. +// API operation ListOrganizationAdminAccounts for usage and error information. // // Returned Error Types: // * InternalServerException @@ -1193,50 +1513,188 @@ func (c *Detective) ListTagsForResourceRequest(input *ListTagsForResourceInput) // * ValidationException // The request parameters are invalid. // -// * ResourceNotFoundException -// The request refers to a nonexistent resource. +// * TooManyRequestsException +// The request cannot be completed because too many other requests are occurring +// at the same time. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/ListTagsForResource -func (c *Detective) ListTagsForResource(input *ListTagsForResourceInput) (*ListTagsForResourceOutput, error) { - req, out := c.ListTagsForResourceRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/ListOrganizationAdminAccounts +func (c *Detective) ListOrganizationAdminAccounts(input *ListOrganizationAdminAccountsInput) (*ListOrganizationAdminAccountsOutput, error) { + req, out := c.ListOrganizationAdminAccountsRequest(input) return out, req.Send() } -// ListTagsForResourceWithContext is the same as ListTagsForResource with the addition of +// ListOrganizationAdminAccountsWithContext is the same as ListOrganizationAdminAccounts with the addition of // the ability to pass a context and additional request options. // -// See ListTagsForResource for details on how to use this API operation. +// See ListOrganizationAdminAccounts for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *Detective) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsForResourceInput, opts ...request.Option) (*ListTagsForResourceOutput, error) { - req, out := c.ListTagsForResourceRequest(input) +func (c *Detective) ListOrganizationAdminAccountsWithContext(ctx aws.Context, input *ListOrganizationAdminAccountsInput, opts ...request.Option) (*ListOrganizationAdminAccountsOutput, error) { + req, out := c.ListOrganizationAdminAccountsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opRejectInvitation = "RejectInvitation" - -// RejectInvitationRequest generates a "aws/request.Request" representing the -// client's request for the RejectInvitation operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. +// ListOrganizationAdminAccountsPages iterates over the pages of a ListOrganizationAdminAccounts operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. // -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. +// See ListOrganizationAdminAccounts method for more information on how to use this operation. // -// See RejectInvitation for more information on using the RejectInvitation -// API call, and error handling. +// Note: This operation can generate multiple requests to a service. // -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// // Example iterating over at most 3 pages of a ListOrganizationAdminAccounts operation. +// pageNum := 0 +// err := client.ListOrganizationAdminAccountsPages(params, +// func(page *detective.ListOrganizationAdminAccountsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) // +func (c *Detective) ListOrganizationAdminAccountsPages(input *ListOrganizationAdminAccountsInput, fn func(*ListOrganizationAdminAccountsOutput, bool) bool) error { + return c.ListOrganizationAdminAccountsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListOrganizationAdminAccountsPagesWithContext same as ListOrganizationAdminAccountsPages except +// it takes a Context and allows setting request options on the pages. // -// // Example sending a request using the RejectInvitationRequest method. -// req, resp := client.RejectInvitationRequest(params) +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Detective) ListOrganizationAdminAccountsPagesWithContext(ctx aws.Context, input *ListOrganizationAdminAccountsInput, fn func(*ListOrganizationAdminAccountsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListOrganizationAdminAccountsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListOrganizationAdminAccountsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListOrganizationAdminAccountsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opListTagsForResource = "ListTagsForResource" + +// ListTagsForResourceRequest generates a "aws/request.Request" representing the +// client's request for the ListTagsForResource operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListTagsForResource for more information on using the ListTagsForResource +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ListTagsForResourceRequest method. +// req, resp := client.ListTagsForResourceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/ListTagsForResource +func (c *Detective) ListTagsForResourceRequest(input *ListTagsForResourceInput) (req *request.Request, output *ListTagsForResourceOutput) { + op := &request.Operation{ + Name: opListTagsForResource, + HTTPMethod: "GET", + HTTPPath: "/tags/{ResourceArn}", + } + + if input == nil { + input = &ListTagsForResourceInput{} + } + + output = &ListTagsForResourceOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListTagsForResource API operation for Amazon Detective. +// +// Returns the tag values that are assigned to a behavior graph. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Detective's +// API operation ListTagsForResource for usage and error information. +// +// Returned Error Types: +// * InternalServerException +// The request was valid but failed because of a problem with the service. +// +// * ValidationException +// The request parameters are invalid. +// +// * ResourceNotFoundException +// The request refers to a nonexistent resource. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/ListTagsForResource +func (c *Detective) ListTagsForResource(input *ListTagsForResourceInput) (*ListTagsForResourceOutput, error) { + req, out := c.ListTagsForResourceRequest(input) + return out, req.Send() +} + +// ListTagsForResourceWithContext is the same as ListTagsForResource with the addition of +// the ability to pass a context and additional request options. +// +// See ListTagsForResource for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Detective) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsForResourceInput, opts ...request.Option) (*ListTagsForResourceOutput, error) { + req, out := c.ListTagsForResourceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opRejectInvitation = "RejectInvitation" + +// RejectInvitationRequest generates a "aws/request.Request" representing the +// client's request for the RejectInvitation operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See RejectInvitation for more information on using the RejectInvitation +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the RejectInvitationRequest method. +// req, resp := client.RejectInvitationRequest(params) // // err := req.Send() // if err == nil { // resp is now filled @@ -1264,7 +1722,12 @@ func (c *Detective) RejectInvitationRequest(input *RejectInvitationInput) (req * // RejectInvitation API operation for Amazon Detective. // // Rejects an invitation to contribute the account data to a behavior graph. -// This operation must be called by a member account that has the INVITED status. +// This operation must be called by an invited member account that has the INVITED +// status. +// +// RejectInvitation cannot be called by an organization account in the organization +// behavior graph. In the organization behavior graph, organization accounts +// do not receive an invitation. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1384,7 +1847,7 @@ func (c *Detective) StartMonitoringMemberRequest(input *StartMonitoringMemberInp // // * The request would cause the number of member accounts in the behavior // graph to exceed the maximum allowed. A behavior graph cannot have more -// than 1000 member accounts. +// than 1200 member accounts. // // * The request would cause the data rate for the behavior graph to exceed // the maximum allowed. @@ -1589,6 +2052,95 @@ func (c *Detective) UntagResourceWithContext(ctx aws.Context, input *UntagResour return out, req.Send() } +const opUpdateOrganizationConfiguration = "UpdateOrganizationConfiguration" + +// UpdateOrganizationConfigurationRequest generates a "aws/request.Request" representing the +// client's request for the UpdateOrganizationConfiguration operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateOrganizationConfiguration for more information on using the UpdateOrganizationConfiguration +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UpdateOrganizationConfigurationRequest method. +// req, resp := client.UpdateOrganizationConfigurationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/UpdateOrganizationConfiguration +func (c *Detective) UpdateOrganizationConfigurationRequest(input *UpdateOrganizationConfigurationInput) (req *request.Request, output *UpdateOrganizationConfigurationOutput) { + op := &request.Operation{ + Name: opUpdateOrganizationConfiguration, + HTTPMethod: "POST", + HTTPPath: "/orgs/updateOrganizationConfiguration", + } + + if input == nil { + input = &UpdateOrganizationConfigurationInput{} + } + + output = &UpdateOrganizationConfigurationOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UpdateOrganizationConfiguration API operation for Amazon Detective. +// +// Updates the configuration for the Organizations integration in the current +// Region. Can only be called by the Detective administrator account for the +// organization. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Detective's +// API operation UpdateOrganizationConfiguration for usage and error information. +// +// Returned Error Types: +// * InternalServerException +// The request was valid but failed because of a problem with the service. +// +// * ValidationException +// The request parameters are invalid. +// +// * TooManyRequestsException +// The request cannot be completed because too many other requests are occurring +// at the same time. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/UpdateOrganizationConfiguration +func (c *Detective) UpdateOrganizationConfiguration(input *UpdateOrganizationConfigurationInput) (*UpdateOrganizationConfigurationOutput, error) { + req, out := c.UpdateOrganizationConfigurationRequest(input) + return out, req.Send() +} + +// UpdateOrganizationConfigurationWithContext is the same as UpdateOrganizationConfiguration with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateOrganizationConfiguration for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Detective) UpdateOrganizationConfigurationWithContext(ctx aws.Context, input *UpdateOrganizationConfigurationInput, opts ...request.Option) (*UpdateOrganizationConfigurationOutput, error) { + req, out := c.UpdateOrganizationConfigurationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + type AcceptInvitationInput struct { _ struct{} `type:"structure"` @@ -1660,17 +2212,18 @@ func (s AcceptInvitationOutput) GoString() string { return s.String() } -// An AWS account that is the administrator account of or a member of a behavior -// graph. +// An Amazon Web Services account that is the administrator account of or a +// member of a behavior graph. type Account struct { _ struct{} `type:"structure"` - // The account identifier of the AWS account. + // The account identifier of the Amazon Web Services account. // // AccountId is a required field AccountId *string `min:"12" type:"string" required:"true"` - // The AWS account root user email address for the AWS account. + // The Amazon Web Services account root user email address for the Amazon Web + // Services account. // // EmailAddress is a required field EmailAddress *string `min:"1" type:"string" required:"true"` @@ -1728,6 +2281,58 @@ func (s *Account) SetEmailAddress(v string) *Account { return s } +// Information about the Detective administrator account for an organization. +type Administrator struct { + _ struct{} `type:"structure"` + + // The Amazon Web Services account identifier of the Detective administrator + // account for the organization. + AccountId *string `min:"12" type:"string"` + + // The date and time when the Detective administrator account was enabled. The + // value is an ISO8601 formatted string. For example, 2021-08-18T16:35:56.284Z. + DelegationTime *time.Time `type:"timestamp" timestampFormat:"iso8601"` + + // The ARN of the organization behavior graph. + GraphArn *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Administrator) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Administrator) GoString() string { + return s.String() +} + +// SetAccountId sets the AccountId field's value. +func (s *Administrator) SetAccountId(v string) *Administrator { + s.AccountId = &v + return s +} + +// SetDelegationTime sets the DelegationTime field's value. +func (s *Administrator) SetDelegationTime(v time.Time) *Administrator { + s.DelegationTime = &v + return s +} + +// SetGraphArn sets the GraphArn field's value. +func (s *Administrator) SetGraphArn(v string) *Administrator { + s.GraphArn = &v + return s +} + // The request attempted an invalid action. type ConflictException struct { _ struct{} `type:"structure"` @@ -1872,20 +2477,24 @@ func (s *CreateGraphOutput) SetGraphArn(v string) *CreateGraphOutput { type CreateMembersInput struct { _ struct{} `type:"structure"` - // The list of AWS accounts to invite to become member accounts in the behavior - // graph. You can invite up to 50 accounts at a time. For each invited account, - // the account list contains the account identifier and the AWS account root - // user email address. + // The list of Amazon Web Services accounts to invite or to enable. You can + // invite or enable up to 50 accounts at a time. For each invited account, the + // account list contains the account identifier and the Amazon Web Services + // account root user email address. For organization accounts in the organization + // behavior graph, the email address is not required. // // Accounts is a required field Accounts []*Account `min:"1" type:"list" required:"true"` - // if set to true, then the member accounts do not receive email notifications. - // By default, this is set to false, and the member accounts receive email notifications. + // if set to true, then the invited accounts do not receive email notifications. + // By default, this is set to false, and the invited accounts receive email + // notifications. + // + // Organization accounts in the organization behavior graph do not receive email + // notifications. DisableEmailNotification *bool `type:"boolean"` - // The ARN of the behavior graph to invite the member accounts to contribute - // their data to. + // The ARN of the behavior graph. // // GraphArn is a required field GraphArn *string `type:"string" required:"true"` @@ -1972,15 +2581,16 @@ func (s *CreateMembersInput) SetMessage(v string) *CreateMembersInput { type CreateMembersOutput struct { _ struct{} `type:"structure"` - // The set of member account invitation requests that Detective was able to - // process. This includes accounts that are being verified, that failed verification, - // and that passed verification and are being sent an invitation. + // The set of member account invitation or enablement requests that Detective + // was able to process. This includes accounts that are being verified, that + // failed verification, and that passed verification and are being sent an invitation + // or are being enabled. Members []*MemberDetail `type:"list"` // The list of accounts for which Detective was unable to process the invitation - // request. For each account, the list provides the reason why the request could - // not be processed. The list includes accounts that are already member accounts - // in the behavior graph. + // or enablement request. For each account, the list provides the reason why + // the request could not be processed. The list includes accounts that are already + // member accounts in the behavior graph. UnprocessedAccounts []*UnprocessedAccount `type:"list"` } @@ -2085,13 +2695,14 @@ func (s DeleteGraphOutput) GoString() string { type DeleteMembersInput struct { _ struct{} `type:"structure"` - // The list of AWS account identifiers for the member accounts to delete from - // the behavior graph. You can delete up to 50 member accounts at a time. + // The list of Amazon Web Services account identifiers for the member accounts + // to remove from the behavior graph. You can remove up to 50 member accounts + // at a time. // // AccountIds is a required field AccountIds []*string `min:"1" type:"list" required:"true"` - // The ARN of the behavior graph to delete members from. + // The ARN of the behavior graph to remove members from. // // GraphArn is a required field GraphArn *string `type:"string" required:"true"` @@ -2149,11 +2760,11 @@ func (s *DeleteMembersInput) SetGraphArn(v string) *DeleteMembersInput { type DeleteMembersOutput struct { _ struct{} `type:"structure"` - // The list of AWS account identifiers for the member accounts that Detective - // successfully deleted from the behavior graph. + // The list of Amazon Web Services account identifiers for the member accounts + // that Detective successfully removed from the behavior graph. AccountIds []*string `min:"1" type:"list"` - // The list of member accounts that Detective was not able to delete from the + // The list of member accounts that Detective was not able to remove from the // behavior graph. For each member account, provides the reason that the deletion // could not be processed. UnprocessedAccounts []*UnprocessedAccount `type:"list"` @@ -2164,7 +2775,211 @@ type DeleteMembersOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteMembersOutput) String() string { +func (s DeleteMembersOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteMembersOutput) GoString() string { + return s.String() +} + +// SetAccountIds sets the AccountIds field's value. +func (s *DeleteMembersOutput) SetAccountIds(v []*string) *DeleteMembersOutput { + s.AccountIds = v + return s +} + +// SetUnprocessedAccounts sets the UnprocessedAccounts field's value. +func (s *DeleteMembersOutput) SetUnprocessedAccounts(v []*UnprocessedAccount) *DeleteMembersOutput { + s.UnprocessedAccounts = v + return s +} + +type DescribeOrganizationConfigurationInput struct { + _ struct{} `type:"structure"` + + // The ARN of the organization behavior graph. + // + // GraphArn is a required field + GraphArn *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeOrganizationConfigurationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeOrganizationConfigurationInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeOrganizationConfigurationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeOrganizationConfigurationInput"} + if s.GraphArn == nil { + invalidParams.Add(request.NewErrParamRequired("GraphArn")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetGraphArn sets the GraphArn field's value. +func (s *DescribeOrganizationConfigurationInput) SetGraphArn(v string) *DescribeOrganizationConfigurationInput { + s.GraphArn = &v + return s +} + +type DescribeOrganizationConfigurationOutput struct { + _ struct{} `type:"structure"` + + // Indicates whether to automatically enable new organization accounts as member + // accounts in the organization behavior graph. + AutoEnable *bool `type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeOrganizationConfigurationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeOrganizationConfigurationOutput) GoString() string { + return s.String() +} + +// SetAutoEnable sets the AutoEnable field's value. +func (s *DescribeOrganizationConfigurationOutput) SetAutoEnable(v bool) *DescribeOrganizationConfigurationOutput { + s.AutoEnable = &v + return s +} + +type DisableOrganizationAdminAccountInput struct { + _ struct{} `type:"structure" nopayload:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableOrganizationAdminAccountInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableOrganizationAdminAccountInput) GoString() string { + return s.String() +} + +type DisableOrganizationAdminAccountOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableOrganizationAdminAccountOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableOrganizationAdminAccountOutput) GoString() string { + return s.String() +} + +type DisassociateMembershipInput struct { + _ struct{} `type:"structure"` + + // The ARN of the behavior graph to remove the member account from. + // + // The member account's member status in the behavior graph must be ENABLED. + // + // GraphArn is a required field + GraphArn *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateMembershipInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateMembershipInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DisassociateMembershipInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DisassociateMembershipInput"} + if s.GraphArn == nil { + invalidParams.Add(request.NewErrParamRequired("GraphArn")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetGraphArn sets the GraphArn field's value. +func (s *DisassociateMembershipInput) SetGraphArn(v string) *DisassociateMembershipInput { + s.GraphArn = &v + return s +} + +type DisassociateMembershipOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateMembershipOutput) String() string { return awsutil.Prettify(s) } @@ -2173,31 +2988,18 @@ func (s DeleteMembersOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteMembersOutput) GoString() string { +func (s DisassociateMembershipOutput) GoString() string { return s.String() } -// SetAccountIds sets the AccountIds field's value. -func (s *DeleteMembersOutput) SetAccountIds(v []*string) *DeleteMembersOutput { - s.AccountIds = v - return s -} - -// SetUnprocessedAccounts sets the UnprocessedAccounts field's value. -func (s *DeleteMembersOutput) SetUnprocessedAccounts(v []*UnprocessedAccount) *DeleteMembersOutput { - s.UnprocessedAccounts = v - return s -} - -type DisassociateMembershipInput struct { +type EnableOrganizationAdminAccountInput struct { _ struct{} `type:"structure"` - // The ARN of the behavior graph to remove the member account from. - // - // The member account's member status in the behavior graph must be ENABLED. + // The Amazon Web Services account identifier of the account to designate as + // the Detective administrator account for the organization. // - // GraphArn is a required field - GraphArn *string `type:"string" required:"true"` + // AccountId is a required field + AccountId *string `min:"12" type:"string" required:"true"` } // String returns the string representation. @@ -2205,7 +3007,7 @@ type DisassociateMembershipInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DisassociateMembershipInput) String() string { +func (s EnableOrganizationAdminAccountInput) String() string { return awsutil.Prettify(s) } @@ -2214,15 +3016,18 @@ func (s DisassociateMembershipInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DisassociateMembershipInput) GoString() string { +func (s EnableOrganizationAdminAccountInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *DisassociateMembershipInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DisassociateMembershipInput"} - if s.GraphArn == nil { - invalidParams.Add(request.NewErrParamRequired("GraphArn")) +func (s *EnableOrganizationAdminAccountInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "EnableOrganizationAdminAccountInput"} + if s.AccountId == nil { + invalidParams.Add(request.NewErrParamRequired("AccountId")) + } + if s.AccountId != nil && len(*s.AccountId) < 12 { + invalidParams.Add(request.NewErrParamMinLen("AccountId", 12)) } if invalidParams.Len() > 0 { @@ -2231,13 +3036,13 @@ func (s *DisassociateMembershipInput) Validate() error { return nil } -// SetGraphArn sets the GraphArn field's value. -func (s *DisassociateMembershipInput) SetGraphArn(v string) *DisassociateMembershipInput { - s.GraphArn = &v +// SetAccountId sets the AccountId field's value. +func (s *EnableOrganizationAdminAccountInput) SetAccountId(v string) *EnableOrganizationAdminAccountInput { + s.AccountId = &v return s } -type DisassociateMembershipOutput struct { +type EnableOrganizationAdminAccountOutput struct { _ struct{} `type:"structure"` } @@ -2246,7 +3051,7 @@ type DisassociateMembershipOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DisassociateMembershipOutput) String() string { +func (s EnableOrganizationAdminAccountOutput) String() string { return awsutil.Prettify(s) } @@ -2255,16 +3060,16 @@ func (s DisassociateMembershipOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DisassociateMembershipOutput) GoString() string { +func (s EnableOrganizationAdminAccountOutput) GoString() string { return s.String() } type GetMembersInput struct { _ struct{} `type:"structure"` - // The list of AWS account identifiers for the member account for which to return - // member details. You can request details for up to 50 member accounts at a - // time. + // The list of Amazon Web Services account identifiers for the member account + // for which to return member details. You can request details for up to 50 + // member accounts at a time. // // You cannot use GetMembers to retrieve information about member accounts that // were removed from the behavior graph. @@ -2378,8 +3183,8 @@ type Graph struct { // The ARN of the behavior graph. Arn *string `type:"string"` - // The date and time that the behavior graph was created. The value is in milliseconds - // since the epoch. + // The date and time that the behavior graph was created. The value is an ISO8601 + // formatted string. For example, 2021-08-18T16:35:56.284Z. CreatedTime *time.Time `type:"timestamp" timestampFormat:"iso8601"` } @@ -2759,14 +3564,18 @@ type ListMembersOutput struct { // The list of member accounts in the behavior graph. // - // The results include member accounts that did not pass verification and member - // accounts that have not yet accepted the invitation to the behavior graph. - // The results do not include member accounts that were removed from the behavior - // graph. + // For invited accounts, the results include member accounts that did not pass + // verification and member accounts that have not yet accepted the invitation + // to the behavior graph. The results do not include member accounts that were + // removed from the behavior graph. + // + // For the organization behavior graph, the results do not include organization + // accounts that the Detective administrator account has not enabled as member + // accounts. MemberDetails []*MemberDetail `type:"list"` - // If there are more member accounts remaining in the results, then this is - // the pagination token to use to request the next page of member accounts. + // If there are more member accounts remaining in the results, then use this + // pagination token to request the next page of member accounts. NextToken *string `min:"1" type:"string"` } @@ -2800,6 +3609,105 @@ func (s *ListMembersOutput) SetNextToken(v string) *ListMembersOutput { return s } +type ListOrganizationAdminAccountsInput struct { + _ struct{} `type:"structure"` + + // The maximum number of results to return. + MaxResults *int64 `min:"1" type:"integer"` + + // For requests to get the next page of results, the pagination token that was + // returned with the previous set of results. The initial request does not include + // a pagination token. + NextToken *string `min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListOrganizationAdminAccountsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListOrganizationAdminAccountsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListOrganizationAdminAccountsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListOrganizationAdminAccountsInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMaxResults sets the MaxResults field's value. +func (s *ListOrganizationAdminAccountsInput) SetMaxResults(v int64) *ListOrganizationAdminAccountsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListOrganizationAdminAccountsInput) SetNextToken(v string) *ListOrganizationAdminAccountsInput { + s.NextToken = &v + return s +} + +type ListOrganizationAdminAccountsOutput struct { + _ struct{} `type:"structure"` + + // The list of delegated administrator accounts. + Administrators []*Administrator `type:"list"` + + // If there are more accounts remaining in the results, then this is the pagination + // token to use to request the next page of accounts. + NextToken *string `min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListOrganizationAdminAccountsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListOrganizationAdminAccountsOutput) GoString() string { + return s.String() +} + +// SetAdministrators sets the Administrators field's value. +func (s *ListOrganizationAdminAccountsOutput) SetAdministrators(v []*Administrator) *ListOrganizationAdminAccountsOutput { + s.Administrators = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListOrganizationAdminAccountsOutput) SetNextToken(v string) *ListOrganizationAdminAccountsOutput { + s.NextToken = &v + return s +} + type ListTagsForResourceInput struct { _ struct{} `type:"structure" nopayload:"true"` @@ -2881,16 +3789,15 @@ func (s *ListTagsForResourceOutput) SetTags(v map[string]*string) *ListTagsForRe return s } -// Details about a member account that was invited to contribute to a behavior -// graph. +// Details about a member account in a behavior graph. type MemberDetail struct { _ struct{} `type:"structure"` - // The AWS account identifier for the member account. + // The Amazon Web Services account identifier for the member account. AccountId *string `min:"12" type:"string"` - // The AWS account identifier of the administrator account for the behavior - // graph. + // The Amazon Web Services account identifier of the administrator account for + // the behavior graph. AdministratorId *string `min:"12" type:"string"` // For member accounts with a status of ACCEPTED_BUT_DISABLED, the reason that @@ -2906,18 +3813,26 @@ type MemberDetail struct { // is not enrolled in Amazon GuardDuty. DisabledReason *string `type:"string" enum:"MemberDisabledReason"` - // The AWS account root user email address for the member account. + // The Amazon Web Services account root user email address for the member account. EmailAddress *string `min:"1" type:"string"` - // The ARN of the behavior graph that the member account was invited to. + // The ARN of the behavior graph. GraphArn *string `type:"string"` - // The date and time that Detective sent the invitation to the member account. - // The value is in milliseconds since the epoch. + // The type of behavior graph membership. + // + // For an organization account in the organization behavior graph, the type + // is ORGANIZATION. + // + // For an account that was invited to a behavior graph, the type is INVITATION. + InvitationType *string `type:"string" enum:"InvitationType"` + + // For invited accounts, the date and time that Detective sent the invitation + // to the account. The value is an ISO8601 formatted string. For example, 2021-08-18T16:35:56.284Z. InvitedTime *time.Time `type:"timestamp" timestampFormat:"iso8601"` - // The AWS account identifier of the administrator account for the behavior - // graph. + // The Amazon Web Services account identifier of the administrator account for + // the behavior graph. // // Deprecated: This property is deprecated. Use AdministratorId instead. MasterId *string `min:"12" deprecated:"true" type:"string"` @@ -2936,6 +3851,7 @@ type MemberDetail struct { PercentOfGraphUtilization *float64 `deprecated:"true" type:"double"` // The date and time when the graph utilization percentage was last updated. + // The value is an ISO8601 formatted string. For example, 2021-08-18T16:35:56.284Z. // // Deprecated: This property is deprecated. Use VolumeUsageUpdatedTime instead. PercentOfGraphUtilizationUpdatedTime *time.Time `deprecated:"true" type:"timestamp" timestampFormat:"iso8601"` @@ -2943,38 +3859,47 @@ type MemberDetail struct { // The current membership status of the member account. The status can have // one of the following values: // - // * INVITED - Indicates that the member was sent an invitation but has not - // yet responded. + // * INVITED - For invited accounts only. Indicates that the member was sent + // an invitation but has not yet responded. // - // * VERIFICATION_IN_PROGRESS - Indicates that Detective is verifying that - // the account identifier and email address provided for the member account - // match. If they do match, then Detective sends the invitation. If the email - // address and account identifier don't match, then the member cannot be - // added to the behavior graph. + // * VERIFICATION_IN_PROGRESS - For invited accounts only, indicates that + // Detective is verifying that the account identifier and email address provided + // for the member account match. If they do match, then Detective sends the + // invitation. If the email address and account identifier don't match, then + // the member cannot be added to the behavior graph. For organization accounts + // in the organization behavior graph, indicates that Detective is verifying + // that the account belongs to the organization. // - // * VERIFICATION_FAILED - Indicates that the account and email address provided - // for the member account do not match, and Detective did not send an invitation - // to the account. + // * VERIFICATION_FAILED - For invited accounts only. Indicates that the + // account and email address provided for the member account do not match, + // and Detective did not send an invitation to the account. // - // * ENABLED - Indicates that the member account accepted the invitation - // to contribute to the behavior graph. + // * ENABLED - Indicates that the member account currently contributes data + // to the behavior graph. For invited accounts, the member account accepted + // the invitation. For organization accounts in the organization behavior + // graph, the Detective administrator account enabled the organization account + // as a member account. // - // * ACCEPTED_BUT_DISABLED - Indicates that the member account accepted the - // invitation but is prevented from contributing data to the behavior graph. - // DisabledReason provides the reason why the member account is not enabled. + // * ACCEPTED_BUT_DISABLED - The account accepted the invitation, or was + // enabled by the Detective administrator account, but is prevented from + // contributing data to the behavior graph. DisabledReason provides the reason + // why the member account is not enabled. // - // Member accounts that declined an invitation or that were removed from the - // behavior graph are not included. + // Invited accounts that declined an invitation or that were removed from the + // behavior graph are not included. In the organization behavior graph, organization + // accounts that the Detective administrator account did not enable are not + // included. Status *string `type:"string" enum:"MemberStatus"` // The date and time that the member account was last updated. The value is - // in milliseconds since the epoch. + // an ISO8601 formatted string. For example, 2021-08-18T16:35:56.284Z. UpdatedTime *time.Time `type:"timestamp" timestampFormat:"iso8601"` // The data volume in bytes per day for the member account. VolumeUsageInBytes *int64 `type:"long"` - // The data and time when the member account data volume was last updated. + // The data and time when the member account data volume was last updated. The + // value is an ISO8601 formatted string. For example, 2021-08-18T16:35:56.284Z. VolumeUsageUpdatedTime *time.Time `type:"timestamp" timestampFormat:"iso8601"` } @@ -3026,6 +3951,12 @@ func (s *MemberDetail) SetGraphArn(v string) *MemberDetail { return s } +// SetInvitationType sets the InvitationType field's value. +func (s *MemberDetail) SetInvitationType(v string) *MemberDetail { + s.InvitationType = &v + return s +} + // SetInvitedTime sets the InvitedTime field's value. func (s *MemberDetail) SetInvitedTime(v time.Time) *MemberDetail { s.InvitedTime = &v @@ -3213,7 +4144,7 @@ func (s *ResourceNotFoundException) RequestID() string { // // * The request would cause the number of member accounts in the behavior // graph to exceed the maximum allowed. A behavior graph cannot have more -// than 1000 member accounts. +// than 1200 member accounts. // // * The request would cause the data rate for the behavior graph to exceed // the maximum allowed. @@ -3460,12 +4391,78 @@ func (s TagResourceOutput) GoString() string { return s.String() } +// The request cannot be completed because too many other requests are occurring +// at the same time. +type TooManyRequestsException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"Message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s TooManyRequestsException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s TooManyRequestsException) GoString() string { + return s.String() +} + +func newErrorTooManyRequestsException(v protocol.ResponseMetadata) error { + return &TooManyRequestsException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *TooManyRequestsException) Code() string { + return "TooManyRequestsException" +} + +// Message returns the exception's message. +func (s *TooManyRequestsException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *TooManyRequestsException) OrigErr() error { + return nil +} + +func (s *TooManyRequestsException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *TooManyRequestsException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *TooManyRequestsException) RequestID() string { + return s.RespMetadata.RequestID +} + // A member account that was included in a request but for which the request // could not be processed. type UnprocessedAccount struct { _ struct{} `type:"structure"` - // The AWS account identifier of the member account that was not processed. + // The Amazon Web Services account identifier of the member account that was + // not processed. AccountId *string `min:"12" type:"string"` // The reason that the member account request could not be processed. @@ -3591,6 +4588,84 @@ func (s UntagResourceOutput) GoString() string { return s.String() } +type UpdateOrganizationConfigurationInput struct { + _ struct{} `type:"structure"` + + // Indicates whether to automatically enable new organization accounts as member + // accounts in the organization behavior graph. + AutoEnable *bool `type:"boolean"` + + // The ARN of the organization behavior graph. + // + // GraphArn is a required field + GraphArn *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateOrganizationConfigurationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateOrganizationConfigurationInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdateOrganizationConfigurationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateOrganizationConfigurationInput"} + if s.GraphArn == nil { + invalidParams.Add(request.NewErrParamRequired("GraphArn")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAutoEnable sets the AutoEnable field's value. +func (s *UpdateOrganizationConfigurationInput) SetAutoEnable(v bool) *UpdateOrganizationConfigurationInput { + s.AutoEnable = &v + return s +} + +// SetGraphArn sets the GraphArn field's value. +func (s *UpdateOrganizationConfigurationInput) SetGraphArn(v string) *UpdateOrganizationConfigurationInput { + s.GraphArn = &v + return s +} + +type UpdateOrganizationConfigurationOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateOrganizationConfigurationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateOrganizationConfigurationOutput) GoString() string { + return s.String() +} + // The request parameters are invalid. type ValidationException struct { _ struct{} `type:"structure"` @@ -3655,6 +4730,22 @@ func (s *ValidationException) RequestID() string { return s.RespMetadata.RequestID } +const ( + // InvitationTypeInvitation is a InvitationType enum value + InvitationTypeInvitation = "INVITATION" + + // InvitationTypeOrganization is a InvitationType enum value + InvitationTypeOrganization = "ORGANIZATION" +) + +// InvitationType_Values returns all elements of the InvitationType enum +func InvitationType_Values() []string { + return []string{ + InvitationTypeInvitation, + InvitationTypeOrganization, + } +} + const ( // MemberDisabledReasonVolumeTooHigh is a MemberDisabledReason enum value MemberDisabledReasonVolumeTooHigh = "VOLUME_TOO_HIGH" diff --git a/service/detective/detectiveiface/interface.go b/service/detective/detectiveiface/interface.go index db17a9a636..ddbe3e8815 100644 --- a/service/detective/detectiveiface/interface.go +++ b/service/detective/detectiveiface/interface.go @@ -80,10 +80,22 @@ type DetectiveAPI interface { DeleteMembersWithContext(aws.Context, *detective.DeleteMembersInput, ...request.Option) (*detective.DeleteMembersOutput, error) DeleteMembersRequest(*detective.DeleteMembersInput) (*request.Request, *detective.DeleteMembersOutput) + DescribeOrganizationConfiguration(*detective.DescribeOrganizationConfigurationInput) (*detective.DescribeOrganizationConfigurationOutput, error) + DescribeOrganizationConfigurationWithContext(aws.Context, *detective.DescribeOrganizationConfigurationInput, ...request.Option) (*detective.DescribeOrganizationConfigurationOutput, error) + DescribeOrganizationConfigurationRequest(*detective.DescribeOrganizationConfigurationInput) (*request.Request, *detective.DescribeOrganizationConfigurationOutput) + + DisableOrganizationAdminAccount(*detective.DisableOrganizationAdminAccountInput) (*detective.DisableOrganizationAdminAccountOutput, error) + DisableOrganizationAdminAccountWithContext(aws.Context, *detective.DisableOrganizationAdminAccountInput, ...request.Option) (*detective.DisableOrganizationAdminAccountOutput, error) + DisableOrganizationAdminAccountRequest(*detective.DisableOrganizationAdminAccountInput) (*request.Request, *detective.DisableOrganizationAdminAccountOutput) + DisassociateMembership(*detective.DisassociateMembershipInput) (*detective.DisassociateMembershipOutput, error) DisassociateMembershipWithContext(aws.Context, *detective.DisassociateMembershipInput, ...request.Option) (*detective.DisassociateMembershipOutput, error) DisassociateMembershipRequest(*detective.DisassociateMembershipInput) (*request.Request, *detective.DisassociateMembershipOutput) + EnableOrganizationAdminAccount(*detective.EnableOrganizationAdminAccountInput) (*detective.EnableOrganizationAdminAccountOutput, error) + EnableOrganizationAdminAccountWithContext(aws.Context, *detective.EnableOrganizationAdminAccountInput, ...request.Option) (*detective.EnableOrganizationAdminAccountOutput, error) + EnableOrganizationAdminAccountRequest(*detective.EnableOrganizationAdminAccountInput) (*request.Request, *detective.EnableOrganizationAdminAccountOutput) + GetMembers(*detective.GetMembersInput) (*detective.GetMembersOutput, error) GetMembersWithContext(aws.Context, *detective.GetMembersInput, ...request.Option) (*detective.GetMembersOutput, error) GetMembersRequest(*detective.GetMembersInput) (*request.Request, *detective.GetMembersOutput) @@ -109,6 +121,13 @@ type DetectiveAPI interface { ListMembersPages(*detective.ListMembersInput, func(*detective.ListMembersOutput, bool) bool) error ListMembersPagesWithContext(aws.Context, *detective.ListMembersInput, func(*detective.ListMembersOutput, bool) bool, ...request.Option) error + ListOrganizationAdminAccounts(*detective.ListOrganizationAdminAccountsInput) (*detective.ListOrganizationAdminAccountsOutput, error) + ListOrganizationAdminAccountsWithContext(aws.Context, *detective.ListOrganizationAdminAccountsInput, ...request.Option) (*detective.ListOrganizationAdminAccountsOutput, error) + ListOrganizationAdminAccountsRequest(*detective.ListOrganizationAdminAccountsInput) (*request.Request, *detective.ListOrganizationAdminAccountsOutput) + + ListOrganizationAdminAccountsPages(*detective.ListOrganizationAdminAccountsInput, func(*detective.ListOrganizationAdminAccountsOutput, bool) bool) error + ListOrganizationAdminAccountsPagesWithContext(aws.Context, *detective.ListOrganizationAdminAccountsInput, func(*detective.ListOrganizationAdminAccountsOutput, bool) bool, ...request.Option) error + ListTagsForResource(*detective.ListTagsForResourceInput) (*detective.ListTagsForResourceOutput, error) ListTagsForResourceWithContext(aws.Context, *detective.ListTagsForResourceInput, ...request.Option) (*detective.ListTagsForResourceOutput, error) ListTagsForResourceRequest(*detective.ListTagsForResourceInput) (*request.Request, *detective.ListTagsForResourceOutput) @@ -128,6 +147,10 @@ type DetectiveAPI interface { UntagResource(*detective.UntagResourceInput) (*detective.UntagResourceOutput, error) UntagResourceWithContext(aws.Context, *detective.UntagResourceInput, ...request.Option) (*detective.UntagResourceOutput, error) UntagResourceRequest(*detective.UntagResourceInput) (*request.Request, *detective.UntagResourceOutput) + + UpdateOrganizationConfiguration(*detective.UpdateOrganizationConfigurationInput) (*detective.UpdateOrganizationConfigurationOutput, error) + UpdateOrganizationConfigurationWithContext(aws.Context, *detective.UpdateOrganizationConfigurationInput, ...request.Option) (*detective.UpdateOrganizationConfigurationOutput, error) + UpdateOrganizationConfigurationRequest(*detective.UpdateOrganizationConfigurationInput) (*request.Request, *detective.UpdateOrganizationConfigurationOutput) } var _ DetectiveAPI = (*detective.Detective)(nil) diff --git a/service/detective/doc.go b/service/detective/doc.go index af60d78566..f1021c039c 100644 --- a/service/detective/doc.go +++ b/service/detective/doc.go @@ -4,21 +4,34 @@ // requests to Amazon Detective. // // Detective uses machine learning and purpose-built visualizations to help -// you analyze and investigate security issues across your Amazon Web Services -// (AWS) workloads. Detective automatically extracts time-based events such -// as login attempts, API calls, and network traffic from AWS CloudTrail and -// Amazon Virtual Private Cloud (Amazon VPC) flow logs. It also extracts findings -// detected by Amazon GuardDuty. +// you to analyze and investigate security issues across your Amazon Web Services +// (Amazon Web Services) workloads. Detective automatically extracts time-based +// events such as login attempts, API calls, and network traffic from CloudTrail +// and Amazon Virtual Private Cloud (Amazon VPC) flow logs. It also extracts +// findings detected by Amazon GuardDuty. // // The Detective API primarily supports the creation and management of behavior // graphs. A behavior graph contains the extracted data from a set of member // accounts, and is created and managed by an administrator account. // +// To add a member account to the behavior graph, the administrator account +// sends an invitation to the account. When the account accepts the invitation, +// it becomes a member account in the behavior graph. +// +// Detective is also integrated with Organizations. The organization management +// account designates the Detective administrator account for the organization. +// That account becomes the administrator account for the organization behavior +// graph. The Detective administrator account can enable any organization account +// as a member account in the organization behavior graph. The organization +// accounts do not receive invitations. The Detective administrator account +// can also invite other accounts to the organization behavior graph. +// // Every behavior graph is specific to a Region. You can only use the API to -// manage graphs that belong to the Region that is associated with the currently -// selected endpoint. +// manage behavior graphs that belong to the Region that is associated with +// the currently selected endpoint. // -// A Detective administrator account can use the Detective API to do the following: +// The administrator account for a behavior graph can use the Detective API +// to do the following: // // * Enable and disable Detective. Enabling Detective creates a new behavior // graph. @@ -29,7 +42,20 @@ // // * Remove member accounts from a behavior graph. // -// A member account can use the Detective API to do the following: +// * Apply tags to a behavior graph. +// +// The organization management account can use the Detective API to select the +// delegated administrator for Detective. +// +// The Detective administrator account for an organization can use the Detective +// API to do the following: +// +// * Perform all of the functions of an administrator account. +// +// * Determine whether to automatically enable new organization accounts +// as member accounts in the organization behavior graph. +// +// An invited member account can use the Detective API to do the following: // // * View the list of behavior graphs that they are invited to. // diff --git a/service/detective/errors.go b/service/detective/errors.go index 99cd5f3d6e..3a5adfdc6b 100644 --- a/service/detective/errors.go +++ b/service/detective/errors.go @@ -33,7 +33,7 @@ const ( // // * The request would cause the number of member accounts in the behavior // graph to exceed the maximum allowed. A behavior graph cannot have more - // than 1000 member accounts. + // than 1200 member accounts. // // * The request would cause the data rate for the behavior graph to exceed // the maximum allowed. @@ -42,6 +42,13 @@ const ( // This is usually because the member account is not enrolled in Amazon GuardDuty. ErrCodeServiceQuotaExceededException = "ServiceQuotaExceededException" + // ErrCodeTooManyRequestsException for service response error code + // "TooManyRequestsException". + // + // The request cannot be completed because too many other requests are occurring + // at the same time. + ErrCodeTooManyRequestsException = "TooManyRequestsException" + // ErrCodeValidationException for service response error code // "ValidationException". // @@ -54,5 +61,6 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ "InternalServerException": newErrorInternalServerException, "ResourceNotFoundException": newErrorResourceNotFoundException, "ServiceQuotaExceededException": newErrorServiceQuotaExceededException, + "TooManyRequestsException": newErrorTooManyRequestsException, "ValidationException": newErrorValidationException, } diff --git a/service/greengrassv2/api.go b/service/greengrassv2/api.go index 7b25bffe71..11fc0fc7af 100644 --- a/service/greengrassv2/api.go +++ b/service/greengrassv2/api.go @@ -13,6 +13,97 @@ import ( "github.com/aws/aws-sdk-go/private/protocol/restjson" ) +const opAssociateServiceRoleToAccount = "AssociateServiceRoleToAccount" + +// AssociateServiceRoleToAccountRequest generates a "aws/request.Request" representing the +// client's request for the AssociateServiceRoleToAccount operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See AssociateServiceRoleToAccount for more information on using the AssociateServiceRoleToAccount +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the AssociateServiceRoleToAccountRequest method. +// req, resp := client.AssociateServiceRoleToAccountRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/greengrassv2-2020-11-30/AssociateServiceRoleToAccount +func (c *GreengrassV2) AssociateServiceRoleToAccountRequest(input *AssociateServiceRoleToAccountInput) (req *request.Request, output *AssociateServiceRoleToAccountOutput) { + op := &request.Operation{ + Name: opAssociateServiceRoleToAccount, + HTTPMethod: "PUT", + HTTPPath: "/greengrass/servicerole", + } + + if input == nil { + input = &AssociateServiceRoleToAccountInput{} + } + + output = &AssociateServiceRoleToAccountOutput{} + req = c.newRequest(op, input, output) + return +} + +// AssociateServiceRoleToAccount API operation for AWS IoT Greengrass V2. +// +// Associates a Greengrass service role with IoT Greengrass for your Amazon +// Web Services account in this Amazon Web Services Region. IoT Greengrass uses +// this role to verify the identity of client devices and manage core device +// connectivity information. The role must include the AWSGreengrassResourceAccessRolePolicy +// (https://console.aws.amazon.com/iam/home#/policies/arn:awsiam::aws:policy/service-role/AWSGreengrassResourceAccessRolePolicy) +// managed policy or a custom policy that defines equivalent permissions for +// the IoT Greengrass features that you use. For more information, see Greengrass +// service role (https://docs.aws.amazon.com/greengrass/v2/developerguide/greengrass-service-role.html) +// in the IoT Greengrass Version 2 Developer Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS IoT Greengrass V2's +// API operation AssociateServiceRoleToAccount for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The request isn't valid. This can occur if your request contains malformed +// JSON or unsupported characters. +// +// * InternalServerException +// IoT Greengrass can't process your request right now. Try again later. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/greengrassv2-2020-11-30/AssociateServiceRoleToAccount +func (c *GreengrassV2) AssociateServiceRoleToAccount(input *AssociateServiceRoleToAccountInput) (*AssociateServiceRoleToAccountOutput, error) { + req, out := c.AssociateServiceRoleToAccountRequest(input) + return out, req.Send() +} + +// AssociateServiceRoleToAccountWithContext is the same as AssociateServiceRoleToAccount with the addition of +// the ability to pass a context and additional request options. +// +// See AssociateServiceRoleToAccount for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *GreengrassV2) AssociateServiceRoleToAccountWithContext(ctx aws.Context, input *AssociateServiceRoleToAccountInput, opts ...request.Option) (*AssociateServiceRoleToAccountOutput, error) { + req, out := c.AssociateServiceRoleToAccountRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opBatchAssociateClientDeviceWithCoreDevice = "BatchAssociateClientDeviceWithCoreDevice" // BatchAssociateClientDeviceWithCoreDeviceRequest generates a "aws/request.Request" representing the @@ -57,7 +148,7 @@ func (c *GreengrassV2) BatchAssociateClientDeviceWithCoreDeviceRequest(input *Ba // BatchAssociateClientDeviceWithCoreDevice API operation for AWS IoT Greengrass V2. // -// Associate a list of client devices with a core device. Use this API operation +// Associates a list of client devices with a core device. Use this API operation // to specify which client devices can discover a core device through cloud // discovery. With cloud discovery, client devices connect to IoT Greengrass // to retrieve associated core devices' connectivity information and certificates. @@ -163,7 +254,7 @@ func (c *GreengrassV2) BatchDisassociateClientDeviceFromCoreDeviceRequest(input // BatchDisassociateClientDeviceFromCoreDevice API operation for AWS IoT Greengrass V2. // -// Disassociate a list of client devices from a core device. After you disassociate +// Disassociates a list of client devices from a core device. After you disassociate // a client device from a core device, the client device won't be able to use // cloud discovery to retrieve the core device's connectivity information and // certificates. @@ -858,6 +949,90 @@ func (c *GreengrassV2) DescribeComponentWithContext(ctx aws.Context, input *Desc return out, req.Send() } +const opDisassociateServiceRoleFromAccount = "DisassociateServiceRoleFromAccount" + +// DisassociateServiceRoleFromAccountRequest generates a "aws/request.Request" representing the +// client's request for the DisassociateServiceRoleFromAccount operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DisassociateServiceRoleFromAccount for more information on using the DisassociateServiceRoleFromAccount +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DisassociateServiceRoleFromAccountRequest method. +// req, resp := client.DisassociateServiceRoleFromAccountRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/greengrassv2-2020-11-30/DisassociateServiceRoleFromAccount +func (c *GreengrassV2) DisassociateServiceRoleFromAccountRequest(input *DisassociateServiceRoleFromAccountInput) (req *request.Request, output *DisassociateServiceRoleFromAccountOutput) { + op := &request.Operation{ + Name: opDisassociateServiceRoleFromAccount, + HTTPMethod: "DELETE", + HTTPPath: "/greengrass/servicerole", + } + + if input == nil { + input = &DisassociateServiceRoleFromAccountInput{} + } + + output = &DisassociateServiceRoleFromAccountOutput{} + req = c.newRequest(op, input, output) + return +} + +// DisassociateServiceRoleFromAccount API operation for AWS IoT Greengrass V2. +// +// Disassociates the Greengrass service role from IoT Greengrass for your Amazon +// Web Services account in this Amazon Web Services Region. Without a service +// role, IoT Greengrass can't verify the identity of client devices or manage +// core device connectivity information. For more information, see Greengrass +// service role (https://docs.aws.amazon.com/greengrass/v2/developerguide/greengrass-service-role.html) +// in the IoT Greengrass Version 2 Developer Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS IoT Greengrass V2's +// API operation DisassociateServiceRoleFromAccount for usage and error information. +// +// Returned Error Types: +// * InternalServerException +// IoT Greengrass can't process your request right now. Try again later. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/greengrassv2-2020-11-30/DisassociateServiceRoleFromAccount +func (c *GreengrassV2) DisassociateServiceRoleFromAccount(input *DisassociateServiceRoleFromAccountInput) (*DisassociateServiceRoleFromAccountOutput, error) { + req, out := c.DisassociateServiceRoleFromAccountRequest(input) + return out, req.Send() +} + +// DisassociateServiceRoleFromAccountWithContext is the same as DisassociateServiceRoleFromAccount with the addition of +// the ability to pass a context and additional request options. +// +// See DisassociateServiceRoleFromAccount for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *GreengrassV2) DisassociateServiceRoleFromAccountWithContext(ctx aws.Context, input *DisassociateServiceRoleFromAccountInput, opts ...request.Option) (*DisassociateServiceRoleFromAccountOutput, error) { + req, out := c.DisassociateServiceRoleFromAccountRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opGetComponent = "GetComponent" // GetComponentRequest generates a "aws/request.Request" representing the @@ -1049,6 +1224,97 @@ func (c *GreengrassV2) GetComponentVersionArtifactWithContext(ctx aws.Context, i return out, req.Send() } +const opGetConnectivityInfo = "GetConnectivityInfo" + +// GetConnectivityInfoRequest generates a "aws/request.Request" representing the +// client's request for the GetConnectivityInfo operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetConnectivityInfo for more information on using the GetConnectivityInfo +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetConnectivityInfoRequest method. +// req, resp := client.GetConnectivityInfoRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/greengrassv2-2020-11-30/GetConnectivityInfo +func (c *GreengrassV2) GetConnectivityInfoRequest(input *GetConnectivityInfoInput) (req *request.Request, output *GetConnectivityInfoOutput) { + op := &request.Operation{ + Name: opGetConnectivityInfo, + HTTPMethod: "GET", + HTTPPath: "/greengrass/things/{thingName}/connectivityInfo", + } + + if input == nil { + input = &GetConnectivityInfoInput{} + } + + output = &GetConnectivityInfoOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetConnectivityInfo API operation for AWS IoT Greengrass V2. +// +// Retrieves connectivity information for a Greengrass core device. +// +// Connectivity information includes endpoints and ports where client devices +// can connect to an MQTT broker on the core device. When a client device calls +// the Greengrass discovery API (https://docs.aws.amazon.com/greengrass/v2/developerguide/greengrass-discover-api.html), +// IoT Greengrass returns connectivity information for all of the core devices +// where the client device can connect. For more information, see Connect client +// devices to core devices (https://docs.aws.amazon.com/greengrass/v2/developerguide/connect-client-devices.html) +// in the IoT Greengrass Version 2 Developer Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS IoT Greengrass V2's +// API operation GetConnectivityInfo for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The request isn't valid. This can occur if your request contains malformed +// JSON or unsupported characters. +// +// * InternalServerException +// IoT Greengrass can't process your request right now. Try again later. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/greengrassv2-2020-11-30/GetConnectivityInfo +func (c *GreengrassV2) GetConnectivityInfo(input *GetConnectivityInfoInput) (*GetConnectivityInfoOutput, error) { + req, out := c.GetConnectivityInfoRequest(input) + return out, req.Send() +} + +// GetConnectivityInfoWithContext is the same as GetConnectivityInfo with the addition of +// the ability to pass a context and additional request options. +// +// See GetConnectivityInfo for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *GreengrassV2) GetConnectivityInfoWithContext(ctx aws.Context, input *GetConnectivityInfoInput, opts ...request.Option) (*GetConnectivityInfoOutput, error) { + req, out := c.GetConnectivityInfoRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opGetCoreDevice = "GetCoreDevice" // GetCoreDeviceRequest generates a "aws/request.Request" representing the @@ -1238,6 +1504,90 @@ func (c *GreengrassV2) GetDeploymentWithContext(ctx aws.Context, input *GetDeplo return out, req.Send() } +const opGetServiceRoleForAccount = "GetServiceRoleForAccount" + +// GetServiceRoleForAccountRequest generates a "aws/request.Request" representing the +// client's request for the GetServiceRoleForAccount operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetServiceRoleForAccount for more information on using the GetServiceRoleForAccount +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetServiceRoleForAccountRequest method. +// req, resp := client.GetServiceRoleForAccountRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/greengrassv2-2020-11-30/GetServiceRoleForAccount +func (c *GreengrassV2) GetServiceRoleForAccountRequest(input *GetServiceRoleForAccountInput) (req *request.Request, output *GetServiceRoleForAccountOutput) { + op := &request.Operation{ + Name: opGetServiceRoleForAccount, + HTTPMethod: "GET", + HTTPPath: "/greengrass/servicerole", + } + + if input == nil { + input = &GetServiceRoleForAccountInput{} + } + + output = &GetServiceRoleForAccountOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetServiceRoleForAccount API operation for AWS IoT Greengrass V2. +// +// Gets the service role associated with IoT Greengrass for your Amazon Web +// Services account in this Amazon Web Services Region. IoT Greengrass uses +// this role to verify the identity of client devices and manage core device +// connectivity information. For more information, see Greengrass service role +// (https://docs.aws.amazon.com/greengrass/v2/developerguide/greengrass-service-role.html) +// in the IoT Greengrass Version 2 Developer Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS IoT Greengrass V2's +// API operation GetServiceRoleForAccount for usage and error information. +// +// Returned Error Types: +// * InternalServerException +// IoT Greengrass can't process your request right now. Try again later. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/greengrassv2-2020-11-30/GetServiceRoleForAccount +func (c *GreengrassV2) GetServiceRoleForAccount(input *GetServiceRoleForAccountInput) (*GetServiceRoleForAccountOutput, error) { + req, out := c.GetServiceRoleForAccountRequest(input) + return out, req.Send() +} + +// GetServiceRoleForAccountWithContext is the same as GetServiceRoleForAccount with the addition of +// the ability to pass a context and additional request options. +// +// See GetServiceRoleForAccount for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *GreengrassV2) GetServiceRoleForAccountWithContext(ctx aws.Context, input *GetServiceRoleForAccountInput, opts ...request.Option) (*GetServiceRoleForAccountOutput, error) { + req, out := c.GetServiceRoleForAccountRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opListClientDevicesAssociatedWithCoreDevice = "ListClientDevicesAssociatedWithCoreDevice" // ListClientDevicesAssociatedWithCoreDeviceRequest generates a "aws/request.Request" representing the @@ -2674,6 +3024,97 @@ func (c *GreengrassV2) UntagResourceWithContext(ctx aws.Context, input *UntagRes return out, req.Send() } +const opUpdateConnectivityInfo = "UpdateConnectivityInfo" + +// UpdateConnectivityInfoRequest generates a "aws/request.Request" representing the +// client's request for the UpdateConnectivityInfo operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateConnectivityInfo for more information on using the UpdateConnectivityInfo +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UpdateConnectivityInfoRequest method. +// req, resp := client.UpdateConnectivityInfoRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/greengrassv2-2020-11-30/UpdateConnectivityInfo +func (c *GreengrassV2) UpdateConnectivityInfoRequest(input *UpdateConnectivityInfoInput) (req *request.Request, output *UpdateConnectivityInfoOutput) { + op := &request.Operation{ + Name: opUpdateConnectivityInfo, + HTTPMethod: "PUT", + HTTPPath: "/greengrass/things/{thingName}/connectivityInfo", + } + + if input == nil { + input = &UpdateConnectivityInfoInput{} + } + + output = &UpdateConnectivityInfoOutput{} + req = c.newRequest(op, input, output) + return +} + +// UpdateConnectivityInfo API operation for AWS IoT Greengrass V2. +// +// Updates connectivity information for a Greengrass core device. +// +// Connectivity information includes endpoints and ports where client devices +// can connect to an MQTT broker on the core device. When a client device calls +// the Greengrass discovery API (https://docs.aws.amazon.com/greengrass/v2/developerguide/greengrass-discover-api.html), +// IoT Greengrass returns connectivity information for all of the core devices +// where the client device can connect. For more information, see Connect client +// devices to core devices (https://docs.aws.amazon.com/greengrass/v2/developerguide/connect-client-devices.html) +// in the IoT Greengrass Version 2 Developer Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS IoT Greengrass V2's +// API operation UpdateConnectivityInfo for usage and error information. +// +// Returned Error Types: +// * ValidationException +// The request isn't valid. This can occur if your request contains malformed +// JSON or unsupported characters. +// +// * InternalServerException +// IoT Greengrass can't process your request right now. Try again later. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/greengrassv2-2020-11-30/UpdateConnectivityInfo +func (c *GreengrassV2) UpdateConnectivityInfo(input *UpdateConnectivityInfoInput) (*UpdateConnectivityInfoOutput, error) { + req, out := c.UpdateConnectivityInfoRequest(input) + return out, req.Send() +} + +// UpdateConnectivityInfoWithContext is the same as UpdateConnectivityInfo with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateConnectivityInfo for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *GreengrassV2) UpdateConnectivityInfoWithContext(ctx aws.Context, input *UpdateConnectivityInfoInput, opts ...request.Option) (*UpdateConnectivityInfoOutput, error) { + req, out := c.UpdateConnectivityInfoRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + // You don't have permission to perform the action. type AccessDeniedException struct { _ struct{} `type:"structure"` @@ -2842,6 +3283,86 @@ func (s *AssociateClientDeviceWithCoreDeviceErrorEntry) SetThingName(v string) * return s } +type AssociateServiceRoleToAccountInput struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the service role to associate with IoT + // Greengrass for your Amazon Web Services account in this Amazon Web Services + // Region. + // + // RoleArn is a required field + RoleArn *string `locationName:"RoleArn" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateServiceRoleToAccountInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateServiceRoleToAccountInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AssociateServiceRoleToAccountInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AssociateServiceRoleToAccountInput"} + if s.RoleArn == nil { + invalidParams.Add(request.NewErrParamRequired("RoleArn")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetRoleArn sets the RoleArn field's value. +func (s *AssociateServiceRoleToAccountInput) SetRoleArn(v string) *AssociateServiceRoleToAccountInput { + s.RoleArn = &v + return s +} + +type AssociateServiceRoleToAccountOutput struct { + _ struct{} `type:"structure"` + + // The time when the service role was associated with IoT Greengrass for your + // Amazon Web Services account in this Amazon Web Services Region. + AssociatedAt *string `locationName:"AssociatedAt" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateServiceRoleToAccountOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateServiceRoleToAccountOutput) GoString() string { + return s.String() +} + +// SetAssociatedAt sets the AssociatedAt field's value. +func (s *AssociateServiceRoleToAccountOutput) SetAssociatedAt(v string) *AssociateServiceRoleToAccountOutput { + s.AssociatedAt = &v + return s +} + // Contains information about a client device that is associated to a core device // for cloud discovery. type AssociatedClientDevice struct { @@ -3061,8 +3582,8 @@ func (s *BatchDisassociateClientDeviceFromCoreDeviceInput) SetEntries(v []*Disas type BatchDisassociateClientDeviceFromCoreDeviceOutput struct { _ struct{} `type:"structure"` - // The list of errors (if any) for the entries in the request. Each error entry - // contains the name of the IoT thing that failed to disassociate. + // The list of any errors for the entries in the request. Each error entry contains + // the name of the IoT thing that failed to disassociate. ErrorEntries []*DisassociateClientDeviceFromCoreDeviceErrorEntry `locationName:"errorEntries" min:"1" type:"list"` } @@ -3899,23 +4420,87 @@ func (s *ConflictException) Message() string { return "" } -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *ConflictException) OrigErr() error { - return nil +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ConflictException) OrigErr() error { + return nil +} + +func (s *ConflictException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ConflictException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ConflictException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Contains information about an endpoint and port where client devices can +// connect to an MQTT broker on a Greengrass core device. +type ConnectivityInfo struct { + _ struct{} `type:"structure"` + + // The IP address or DNS address where client devices can connect to an MQTT + // broker on the Greengrass core device. + HostAddress *string `locationName:"HostAddress" type:"string"` + + // An ID for the connectivity information. + Id *string `locationName:"Id" type:"string"` + + // Additional metadata to provide to client devices that connect to this core + // device. + Metadata *string `locationName:"Metadata" type:"string"` + + // The port where the MQTT broker operates on the core device. This port is + // typically 8883, which is the default port for the MQTT broker component that + // runs on core devices. + PortNumber *int64 `locationName:"PortNumber" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConnectivityInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConnectivityInfo) GoString() string { + return s.String() +} + +// SetHostAddress sets the HostAddress field's value. +func (s *ConnectivityInfo) SetHostAddress(v string) *ConnectivityInfo { + s.HostAddress = &v + return s } -func (s *ConflictException) Error() string { - return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +// SetId sets the Id field's value. +func (s *ConnectivityInfo) SetId(v string) *ConnectivityInfo { + s.Id = &v + return s } -// Status code returns the HTTP status code for the request's response error. -func (s *ConflictException) StatusCode() int { - return s.RespMetadata.StatusCode +// SetMetadata sets the Metadata field's value. +func (s *ConnectivityInfo) SetMetadata(v string) *ConnectivityInfo { + s.Metadata = &v + return s } -// RequestID returns the service's response RequestID for request. -func (s *ConflictException) RequestID() string { - return s.RespMetadata.RequestID +// SetPortNumber sets the PortNumber field's value. +func (s *ConnectivityInfo) SetPortNumber(v int64) *ConnectivityInfo { + s.PortNumber = &v + return s } // Contains information about a Greengrass core device, which is an IoT thing @@ -5063,6 +5648,60 @@ func (s *DisassociateClientDeviceFromCoreDeviceErrorEntry) SetThingName(v string return s } +type DisassociateServiceRoleFromAccountInput struct { + _ struct{} `type:"structure" nopayload:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateServiceRoleFromAccountInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateServiceRoleFromAccountInput) GoString() string { + return s.String() +} + +type DisassociateServiceRoleFromAccountOutput struct { + _ struct{} `type:"structure"` + + // The time when the service role was disassociated from IoT Greengrass for + // your Amazon Web Services account in this Amazon Web Services Region. + DisassociatedAt *string `locationName:"DisassociatedAt" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateServiceRoleFromAccountOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateServiceRoleFromAccountOutput) GoString() string { + return s.String() +} + +// SetDisassociatedAt sets the DisassociatedAt field's value. +func (s *DisassociateServiceRoleFromAccountOutput) SetDisassociatedAt(v string) *DisassociateServiceRoleFromAccountOutput { + s.DisassociatedAt = &v + return s +} + // Contains information about a deployment job that IoT Greengrass sends to // a Greengrass core device. type EffectiveDeployment struct { @@ -5413,6 +6052,95 @@ func (s *GetComponentVersionArtifactOutput) SetPreSignedUrl(v string) *GetCompon return s } +type GetConnectivityInfoInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // The name of the core device. This is also the name of the IoT thing. + // + // ThingName is a required field + ThingName *string `location:"uri" locationName:"thingName" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetConnectivityInfoInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetConnectivityInfoInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetConnectivityInfoInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetConnectivityInfoInput"} + if s.ThingName == nil { + invalidParams.Add(request.NewErrParamRequired("ThingName")) + } + if s.ThingName != nil && len(*s.ThingName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ThingName", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetThingName sets the ThingName field's value. +func (s *GetConnectivityInfoInput) SetThingName(v string) *GetConnectivityInfoInput { + s.ThingName = &v + return s +} + +type GetConnectivityInfoOutput struct { + _ struct{} `type:"structure"` + + // The connectivity information for the core device. + ConnectivityInfo []*ConnectivityInfo `locationName:"ConnectivityInfo" type:"list"` + + // A message about the connectivity information request. + Message *string `locationName:"Message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetConnectivityInfoOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetConnectivityInfoOutput) GoString() string { + return s.String() +} + +// SetConnectivityInfo sets the ConnectivityInfo field's value. +func (s *GetConnectivityInfoOutput) SetConnectivityInfo(v []*ConnectivityInfo) *GetConnectivityInfoOutput { + s.ConnectivityInfo = v + return s +} + +// SetMessage sets the Message field's value. +func (s *GetConnectivityInfoOutput) SetMessage(v string) *GetConnectivityInfoOutput { + s.Message = &v + return s +} + type GetCoreDeviceInput struct { _ struct{} `type:"structure" nopayload:"true"` @@ -5757,6 +6485,70 @@ func (s *GetDeploymentOutput) SetTargetArn(v string) *GetDeploymentOutput { return s } +type GetServiceRoleForAccountInput struct { + _ struct{} `type:"structure" nopayload:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetServiceRoleForAccountInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetServiceRoleForAccountInput) GoString() string { + return s.String() +} + +type GetServiceRoleForAccountOutput struct { + _ struct{} `type:"structure"` + + // The time when the service role was associated with IoT Greengrass for your + // Amazon Web Services account in this Amazon Web Services Region. + AssociatedAt *string `locationName:"AssociatedAt" type:"string"` + + // The ARN of the service role that is associated with IoT Greengrass for your + // Amazon Web Services account in this Amazon Web Services Region. + RoleArn *string `locationName:"RoleArn" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetServiceRoleForAccountOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetServiceRoleForAccountOutput) GoString() string { + return s.String() +} + +// SetAssociatedAt sets the AssociatedAt field's value. +func (s *GetServiceRoleForAccountOutput) SetAssociatedAt(v string) *GetServiceRoleForAccountOutput { + s.AssociatedAt = &v + return s +} + +// SetRoleArn sets the RoleArn field's value. +func (s *GetServiceRoleForAccountOutput) SetRoleArn(v string) *GetServiceRoleForAccountOutput { + s.RoleArn = &v + return s +} + // Contains information about a component on a Greengrass core device. type InstalledComponent struct { _ struct{} `type:"structure"` @@ -8561,6 +9353,109 @@ func (s UntagResourceOutput) GoString() string { return s.String() } +type UpdateConnectivityInfoInput struct { + _ struct{} `type:"structure"` + + // The connectivity information for the core device. + // + // ConnectivityInfo is a required field + ConnectivityInfo []*ConnectivityInfo `locationName:"ConnectivityInfo" type:"list" required:"true"` + + // The name of the core device. This is also the name of the IoT thing. + // + // ThingName is a required field + ThingName *string `location:"uri" locationName:"thingName" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateConnectivityInfoInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateConnectivityInfoInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdateConnectivityInfoInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateConnectivityInfoInput"} + if s.ConnectivityInfo == nil { + invalidParams.Add(request.NewErrParamRequired("ConnectivityInfo")) + } + if s.ThingName == nil { + invalidParams.Add(request.NewErrParamRequired("ThingName")) + } + if s.ThingName != nil && len(*s.ThingName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ThingName", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetConnectivityInfo sets the ConnectivityInfo field's value. +func (s *UpdateConnectivityInfoInput) SetConnectivityInfo(v []*ConnectivityInfo) *UpdateConnectivityInfoInput { + s.ConnectivityInfo = v + return s +} + +// SetThingName sets the ThingName field's value. +func (s *UpdateConnectivityInfoInput) SetThingName(v string) *UpdateConnectivityInfoInput { + s.ThingName = &v + return s +} + +type UpdateConnectivityInfoOutput struct { + _ struct{} `type:"structure"` + + // A message about the connectivity information update request. + Message *string `locationName:"Message" type:"string"` + + // The new version of the connectivity information for the core device. + Version *string `locationName:"Version" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateConnectivityInfoOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateConnectivityInfoOutput) GoString() string { + return s.String() +} + +// SetMessage sets the Message field's value. +func (s *UpdateConnectivityInfoOutput) SetMessage(v string) *UpdateConnectivityInfoOutput { + s.Message = &v + return s +} + +// SetVersion sets the Version field's value. +func (s *UpdateConnectivityInfoOutput) SetVersion(v string) *UpdateConnectivityInfoOutput { + s.Version = &v + return s +} + // The request isn't valid. This can occur if your request contains malformed // JSON or unsupported characters. type ValidationException struct { diff --git a/service/greengrassv2/greengrassv2iface/interface.go b/service/greengrassv2/greengrassv2iface/interface.go index 75a42f3a50..a015cb3c3f 100644 --- a/service/greengrassv2/greengrassv2iface/interface.go +++ b/service/greengrassv2/greengrassv2iface/interface.go @@ -26,7 +26,7 @@ import ( // // myFunc uses an SDK service client to make a request to // // AWS IoT Greengrass V2. // func myFunc(svc greengrassv2iface.GreengrassV2API) bool { -// // Make svc.BatchAssociateClientDeviceWithCoreDevice request +// // Make svc.AssociateServiceRoleToAccount request // } // // func main() { @@ -42,7 +42,7 @@ import ( // type mockGreengrassV2Client struct { // greengrassv2iface.GreengrassV2API // } -// func (m *mockGreengrassV2Client) BatchAssociateClientDeviceWithCoreDevice(input *greengrassv2.BatchAssociateClientDeviceWithCoreDeviceInput) (*greengrassv2.BatchAssociateClientDeviceWithCoreDeviceOutput, error) { +// func (m *mockGreengrassV2Client) AssociateServiceRoleToAccount(input *greengrassv2.AssociateServiceRoleToAccountInput) (*greengrassv2.AssociateServiceRoleToAccountOutput, error) { // // mock response/functionality // } // @@ -60,6 +60,10 @@ import ( // and waiters. Its suggested to use the pattern above for testing, or using // tooling to generate mocks to satisfy the interfaces. type GreengrassV2API interface { + AssociateServiceRoleToAccount(*greengrassv2.AssociateServiceRoleToAccountInput) (*greengrassv2.AssociateServiceRoleToAccountOutput, error) + AssociateServiceRoleToAccountWithContext(aws.Context, *greengrassv2.AssociateServiceRoleToAccountInput, ...request.Option) (*greengrassv2.AssociateServiceRoleToAccountOutput, error) + AssociateServiceRoleToAccountRequest(*greengrassv2.AssociateServiceRoleToAccountInput) (*request.Request, *greengrassv2.AssociateServiceRoleToAccountOutput) + BatchAssociateClientDeviceWithCoreDevice(*greengrassv2.BatchAssociateClientDeviceWithCoreDeviceInput) (*greengrassv2.BatchAssociateClientDeviceWithCoreDeviceOutput, error) BatchAssociateClientDeviceWithCoreDeviceWithContext(aws.Context, *greengrassv2.BatchAssociateClientDeviceWithCoreDeviceInput, ...request.Option) (*greengrassv2.BatchAssociateClientDeviceWithCoreDeviceOutput, error) BatchAssociateClientDeviceWithCoreDeviceRequest(*greengrassv2.BatchAssociateClientDeviceWithCoreDeviceInput) (*request.Request, *greengrassv2.BatchAssociateClientDeviceWithCoreDeviceOutput) @@ -92,6 +96,10 @@ type GreengrassV2API interface { DescribeComponentWithContext(aws.Context, *greengrassv2.DescribeComponentInput, ...request.Option) (*greengrassv2.DescribeComponentOutput, error) DescribeComponentRequest(*greengrassv2.DescribeComponentInput) (*request.Request, *greengrassv2.DescribeComponentOutput) + DisassociateServiceRoleFromAccount(*greengrassv2.DisassociateServiceRoleFromAccountInput) (*greengrassv2.DisassociateServiceRoleFromAccountOutput, error) + DisassociateServiceRoleFromAccountWithContext(aws.Context, *greengrassv2.DisassociateServiceRoleFromAccountInput, ...request.Option) (*greengrassv2.DisassociateServiceRoleFromAccountOutput, error) + DisassociateServiceRoleFromAccountRequest(*greengrassv2.DisassociateServiceRoleFromAccountInput) (*request.Request, *greengrassv2.DisassociateServiceRoleFromAccountOutput) + GetComponent(*greengrassv2.GetComponentInput) (*greengrassv2.GetComponentOutput, error) GetComponentWithContext(aws.Context, *greengrassv2.GetComponentInput, ...request.Option) (*greengrassv2.GetComponentOutput, error) GetComponentRequest(*greengrassv2.GetComponentInput) (*request.Request, *greengrassv2.GetComponentOutput) @@ -100,6 +108,10 @@ type GreengrassV2API interface { GetComponentVersionArtifactWithContext(aws.Context, *greengrassv2.GetComponentVersionArtifactInput, ...request.Option) (*greengrassv2.GetComponentVersionArtifactOutput, error) GetComponentVersionArtifactRequest(*greengrassv2.GetComponentVersionArtifactInput) (*request.Request, *greengrassv2.GetComponentVersionArtifactOutput) + GetConnectivityInfo(*greengrassv2.GetConnectivityInfoInput) (*greengrassv2.GetConnectivityInfoOutput, error) + GetConnectivityInfoWithContext(aws.Context, *greengrassv2.GetConnectivityInfoInput, ...request.Option) (*greengrassv2.GetConnectivityInfoOutput, error) + GetConnectivityInfoRequest(*greengrassv2.GetConnectivityInfoInput) (*request.Request, *greengrassv2.GetConnectivityInfoOutput) + GetCoreDevice(*greengrassv2.GetCoreDeviceInput) (*greengrassv2.GetCoreDeviceOutput, error) GetCoreDeviceWithContext(aws.Context, *greengrassv2.GetCoreDeviceInput, ...request.Option) (*greengrassv2.GetCoreDeviceOutput, error) GetCoreDeviceRequest(*greengrassv2.GetCoreDeviceInput) (*request.Request, *greengrassv2.GetCoreDeviceOutput) @@ -108,6 +120,10 @@ type GreengrassV2API interface { GetDeploymentWithContext(aws.Context, *greengrassv2.GetDeploymentInput, ...request.Option) (*greengrassv2.GetDeploymentOutput, error) GetDeploymentRequest(*greengrassv2.GetDeploymentInput) (*request.Request, *greengrassv2.GetDeploymentOutput) + GetServiceRoleForAccount(*greengrassv2.GetServiceRoleForAccountInput) (*greengrassv2.GetServiceRoleForAccountOutput, error) + GetServiceRoleForAccountWithContext(aws.Context, *greengrassv2.GetServiceRoleForAccountInput, ...request.Option) (*greengrassv2.GetServiceRoleForAccountOutput, error) + GetServiceRoleForAccountRequest(*greengrassv2.GetServiceRoleForAccountInput) (*request.Request, *greengrassv2.GetServiceRoleForAccountOutput) + ListClientDevicesAssociatedWithCoreDevice(*greengrassv2.ListClientDevicesAssociatedWithCoreDeviceInput) (*greengrassv2.ListClientDevicesAssociatedWithCoreDeviceOutput, error) ListClientDevicesAssociatedWithCoreDeviceWithContext(aws.Context, *greengrassv2.ListClientDevicesAssociatedWithCoreDeviceInput, ...request.Option) (*greengrassv2.ListClientDevicesAssociatedWithCoreDeviceOutput, error) ListClientDevicesAssociatedWithCoreDeviceRequest(*greengrassv2.ListClientDevicesAssociatedWithCoreDeviceInput) (*request.Request, *greengrassv2.ListClientDevicesAssociatedWithCoreDeviceOutput) @@ -172,6 +188,10 @@ type GreengrassV2API interface { UntagResource(*greengrassv2.UntagResourceInput) (*greengrassv2.UntagResourceOutput, error) UntagResourceWithContext(aws.Context, *greengrassv2.UntagResourceInput, ...request.Option) (*greengrassv2.UntagResourceOutput, error) UntagResourceRequest(*greengrassv2.UntagResourceInput) (*request.Request, *greengrassv2.UntagResourceOutput) + + UpdateConnectivityInfo(*greengrassv2.UpdateConnectivityInfoInput) (*greengrassv2.UpdateConnectivityInfoOutput, error) + UpdateConnectivityInfoWithContext(aws.Context, *greengrassv2.UpdateConnectivityInfoInput, ...request.Option) (*greengrassv2.UpdateConnectivityInfoOutput, error) + UpdateConnectivityInfoRequest(*greengrassv2.UpdateConnectivityInfoInput) (*request.Request, *greengrassv2.UpdateConnectivityInfoOutput) } var _ GreengrassV2API = (*greengrassv2.GreengrassV2)(nil) diff --git a/service/mediaconvert/api.go b/service/mediaconvert/api.go index 66bb032487..5214f75adf 100644 --- a/service/mediaconvert/api.go +++ b/service/mediaconvert/api.go @@ -19796,14 +19796,24 @@ type NoiseReducerTemporalFilterSettings struct { // and creates better VQ for low bitrate outputs. AggressiveMode *int64 `locationName:"aggressiveMode" type:"integer"` - // Optional. When you set Noise reducer (noiseReducer) to Temporal (TEMPORAL), - // you can use this setting to apply sharpening. The default behavior, Auto - // (AUTO), allows the transcoder to determine whether to apply filtering, depending - // on input type and quality. When you set Noise reducer to Temporal, your output - // bandwidth is reduced. When Post temporal sharpening is also enabled, that - // bandwidth reduction is smaller. + // When you set Noise reducer (noiseReducer) to Temporal (TEMPORAL), the sharpness + // of your output is reduced. You can optionally use Post temporal sharpening + // (PostTemporalSharpening) to apply sharpening to the edges of your output. + // The default behavior, Auto (AUTO), allows the transcoder to determine whether + // to apply sharpening, depending on your input type and quality. When you set + // Post temporal sharpening to Enabled (ENABLED), specify how much sharpening + // is applied using Post temporal sharpening strength (PostTemporalSharpeningStrength). + // Set Post temporal sharpening to Disabled (DISABLED) to not apply sharpening. PostTemporalSharpening *string `locationName:"postTemporalSharpening" type:"string" enum:"NoiseFilterPostTemporalSharpening"` + // Use Post temporal sharpening strength (PostTemporalSharpeningStrength) to + // define the amount of sharpening the transcoder applies to your output. Set + // Post temporal sharpening strength to Low (LOW), or leave blank, to apply + // a low amount of sharpening. Set Post temporal sharpening strength to Medium + // (MEDIUM) to apply medium amount of sharpening. Set Post temporal sharpening + // strength to High (HIGH) to apply a high amount of sharpening. + PostTemporalSharpeningStrength *string `locationName:"postTemporalSharpeningStrength" type:"string" enum:"NoiseFilterPostTemporalSharpeningStrength"` + // The speed of the filter (higher number is faster). Low setting reduces bit // rate at the cost of transcode time, high setting improves transcode time // at the cost of bit rate. @@ -19860,6 +19870,12 @@ func (s *NoiseReducerTemporalFilterSettings) SetPostTemporalSharpening(v string) return s } +// SetPostTemporalSharpeningStrength sets the PostTemporalSharpeningStrength field's value. +func (s *NoiseReducerTemporalFilterSettings) SetPostTemporalSharpeningStrength(v string) *NoiseReducerTemporalFilterSettings { + s.PostTemporalSharpeningStrength = &v + return s +} + // SetSpeed sets the Speed field's value. func (s *NoiseReducerTemporalFilterSettings) SetSpeed(v int64) *NoiseReducerTemporalFilterSettings { s.Speed = &v @@ -33904,12 +33920,14 @@ func NielsenUniqueTicPerAudioTrackType_Values() []string { } } -// Optional. When you set Noise reducer (noiseReducer) to Temporal (TEMPORAL), -// you can use this setting to apply sharpening. The default behavior, Auto -// (AUTO), allows the transcoder to determine whether to apply filtering, depending -// on input type and quality. When you set Noise reducer to Temporal, your output -// bandwidth is reduced. When Post temporal sharpening is also enabled, that -// bandwidth reduction is smaller. +// When you set Noise reducer (noiseReducer) to Temporal (TEMPORAL), the sharpness +// of your output is reduced. You can optionally use Post temporal sharpening +// (PostTemporalSharpening) to apply sharpening to the edges of your output. +// The default behavior, Auto (AUTO), allows the transcoder to determine whether +// to apply sharpening, depending on your input type and quality. When you set +// Post temporal sharpening to Enabled (ENABLED), specify how much sharpening +// is applied using Post temporal sharpening strength (PostTemporalSharpeningStrength). +// Set Post temporal sharpening to Disabled (DISABLED) to not apply sharpening. const ( // NoiseFilterPostTemporalSharpeningDisabled is a NoiseFilterPostTemporalSharpening enum value NoiseFilterPostTemporalSharpeningDisabled = "DISABLED" @@ -33930,6 +33948,32 @@ func NoiseFilterPostTemporalSharpening_Values() []string { } } +// Use Post temporal sharpening strength (PostTemporalSharpeningStrength) to +// define the amount of sharpening the transcoder applies to your output. Set +// Post temporal sharpening strength to Low (LOW), or leave blank, to apply +// a low amount of sharpening. Set Post temporal sharpening strength to Medium +// (MEDIUM) to apply medium amount of sharpening. Set Post temporal sharpening +// strength to High (HIGH) to apply a high amount of sharpening. +const ( + // NoiseFilterPostTemporalSharpeningStrengthLow is a NoiseFilterPostTemporalSharpeningStrength enum value + NoiseFilterPostTemporalSharpeningStrengthLow = "LOW" + + // NoiseFilterPostTemporalSharpeningStrengthMedium is a NoiseFilterPostTemporalSharpeningStrength enum value + NoiseFilterPostTemporalSharpeningStrengthMedium = "MEDIUM" + + // NoiseFilterPostTemporalSharpeningStrengthHigh is a NoiseFilterPostTemporalSharpeningStrength enum value + NoiseFilterPostTemporalSharpeningStrengthHigh = "HIGH" +) + +// NoiseFilterPostTemporalSharpeningStrength_Values returns all elements of the NoiseFilterPostTemporalSharpeningStrength enum +func NoiseFilterPostTemporalSharpeningStrength_Values() []string { + return []string{ + NoiseFilterPostTemporalSharpeningStrengthLow, + NoiseFilterPostTemporalSharpeningStrengthMedium, + NoiseFilterPostTemporalSharpeningStrengthHigh, + } +} + // Use Noise reducer filter (NoiseReducerFilter) to select one of the following // spatial image filtering functions. To use this setting, you must also enable // Noise reducer (NoiseReducer). * Bilateral preserves edges while reducing diff --git a/service/rds/api.go b/service/rds/api.go index d58209c035..22fca06926 100644 --- a/service/rds/api.go +++ b/service/rds/api.go @@ -1409,8 +1409,8 @@ func (c *RDS) CreateCustomDBEngineVersionRequest(input *CreateCustomDBEngineVers // Amazon RDS, which is a fully managed service, supplies the Amazon Machine // Image (AMI) and database software. The Amazon RDS database software is preinstalled, // so you need only select a DB engine and version, and create your database. -// With Amazon RDS Custom, you upload your database installation files in Amazon -// S3. +// With Amazon RDS Custom for Oracle, you upload your database installation +// files in Amazon S3. // // When you create a custom engine version, you specify the files in a JSON // document called a CEV manifest. This document describes installation .zip @@ -18373,9 +18373,9 @@ type CreateCustomDBEngineVersionInput struct { Engine *string `min:"1" type:"string" required:"true"` // The name of your CEV. The name format is 19.customized_string . For example, - // a valid name is 19.my_cev1. This setting is required for RDS Custom, but - // optional for Amazon RDS. The combination of Engine and EngineVersion is unique - // per customer per Region. + // a valid name is 19.my_cev1. This setting is required for RDS Custom for Oracle, + // but optional for Amazon RDS. The combination of Engine and EngineVersion + // is unique per customer per Region. // // EngineVersion is a required field EngineVersion *string `min:"1" type:"string" required:"true"` @@ -19282,7 +19282,7 @@ type CreateDBClusterInput struct { // // * aurora (for MySQL 5.6-compatible Aurora) // - // * aurora-mysql (for MySQL 5.7-compatible Aurora) + // * aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora) // // * aurora-postgresql // @@ -19331,8 +19331,8 @@ type CreateDBClusterInput struct { // // aws rds describe-db-engine-versions --engine aurora --query "DBEngineVersions[].EngineVersion" // - // To list all of the available engine versions for MySQL 5.7-compatible Aurora, - // use the following command: + // To list all of the available engine versions for MySQL 5.7-compatible and + // MySQL 8.0-compatible Aurora, use the following command: // // aws rds describe-db-engine-versions --engine aurora-mysql --query "DBEngineVersions[].EngineVersion" // @@ -19653,11 +19653,11 @@ type CreateDBClusterInput struct { // // This setting is required to create a Multi-AZ DB cluster. // - // Valid values: standard | gp2 | io1 + // Valid values: io1 // - // If you specify io1, also include a value for the Iops parameter. + // When specified, a value for the Iops parameter is required. // - // Default: io1 if the Iops parameter is specified, otherwise gp2 + // Default: io1 // // Valid for: Multi-AZ DB clusters only StorageType *string `type:"string"` @@ -20054,7 +20054,7 @@ type CreateDBClusterParameterGroupInput struct { // // Aurora MySQL // - // Example: aurora5.6, aurora-mysql5.7 + // Example: aurora5.6, aurora-mysql5.7, aurora-mysql8.0 // // Aurora PostgreSQL // @@ -20086,7 +20086,7 @@ type CreateDBClusterParameterGroupInput struct { // // * aurora (for MySQL 5.6-compatible Aurora) // - // * aurora-mysql (for MySQL 5.7-compatible Aurora) + // * aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora) // // * aurora-postgresql // @@ -20339,9 +20339,11 @@ type CreateDBInstanceInput struct { // // Constraints to the amount of storage for each storage type are the following: // - // * General Purpose (SSD) storage (gp2): Must be an integer from 40 to 65536. + // * General Purpose (SSD) storage (gp2): Must be an integer from 40 to 65536 + // for RDS Custom for Oracle, 16384 for RDS Custom for SQL Server. // - // * Provisioned IOPS storage (io1): Must be an integer from 40 to 65536. + // * Provisioned IOPS storage (io1): Must be an integer from 40 to 65536 + // for RDS Custom for Oracle, 16384 for RDS Custom for SQL Server. // // MySQL // @@ -20388,15 +20390,15 @@ type CreateDBInstanceInput struct { // Constraints to the amount of storage for each storage type are the following: // // * General Purpose (SSD) storage (gp2): Enterprise and Standard editions: - // Must be an integer from 200 to 16384. Web and Express editions: Must be + // Must be an integer from 20 to 16384. Web and Express editions: Must be // an integer from 20 to 16384. // // * Provisioned IOPS storage (io1): Enterprise and Standard editions: Must - // be an integer from 200 to 16384. Web and Express editions: Must be an + // be an integer from 100 to 16384. Web and Express editions: Must be an // integer from 100 to 16384. // // * Magnetic storage (standard): Enterprise and Standard editions: Must - // be an integer from 200 to 1024. Web and Express editions: Must be an integer + // be an integer from 20 to 1024. Web and Express editions: Must be an integer // from 20 to 1024. AllocatedStorage *int64 `type:"integer"` @@ -20412,6 +20414,10 @@ type CreateDBInstanceInput struct { // on Amazon Web Services Regions and Availability Zones, see Regions and Availability // Zones (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html). // + // Amazon Aurora + // + // Not applicable. Availability Zones are managed by the DB cluster. + // // Default: A random, system-chosen Availability Zone in the endpoint's Amazon // Web Services Region. // @@ -20446,7 +20452,7 @@ type CreateDBInstanceInput struct { // // * Can't be set to 0 if the DB instance is a source to read replicas // - // * Can't be set to 0 or 35 for an RDS Custom DB instance + // * Can't be set to 0 or 35 for an RDS Custom for Oracle DB instance BackupRetentionPeriod *int64 `type:"integer"` // Specifies where automated backups and manual snapshots are stored. @@ -20585,7 +20591,7 @@ type CreateDBInstanceInput struct { // // * Can't be longer than 8 characters // - // Amazon RDS Custom + // Amazon RDS Custom for Oracle // // The Oracle System ID (SID) of the created RDS Custom DB instance. If you // don't specify a value, the default value is ORCL. @@ -20600,6 +20606,10 @@ type CreateDBInstanceInput struct { // // * It can't be a word reserved by the database engine. // + // Amazon RDS Custom for SQL Server + // + // Not applicable. Must be null. + // // SQL Server // // Not applicable. Must be null. @@ -20765,11 +20775,17 @@ type CreateDBInstanceInput struct { // // * aurora (for MySQL 5.6-compatible Aurora) // - // * aurora-mysql (for MySQL 5.7-compatible Aurora) + // * aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora) // // * aurora-postgresql // - // * custom-oracle-ee (for RDS Custom instances) + // * custom-oracle-ee (for RDS Custom for Oracle instances) + // + // * custom-sqlserver-ee (for RDS Custom for SQL Server instances) + // + // * custom-sqlserver-se (for RDS Custom for SQL Server instances) + // + // * custom-sqlserver-web (for RDS Custom for SQL Server instances) // // * mariadb // @@ -20809,14 +20825,19 @@ type CreateDBInstanceInput struct { // Not applicable. The version number of the database engine to be used by the // DB instance is managed by the DB cluster. // - // Amazon RDS Custom + // Amazon RDS Custom for Oracle // // A custom engine version (CEV) that you have previously created. This setting - // is required for RDS Custom. The CEV name has the following format: 19.customized_string - // . An example identifier is 19.my_cev1. For more information, see Creating - // an RDS Custom DB instance (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-creating.html#custom-creating.create) + // is required for RDS Custom for Oracle. The CEV name has the following format: + // 19.customized_string . An example identifier is 19.my_cev1. For more information, + // see Creating an RDS Custom for Oracle DB instance (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-creating.html#custom-creating.create) // in the Amazon RDS User Guide.. // + // Amazon RDS Custom for SQL Server + // + // See RDS Custom for SQL Server general requirements (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-reqs-limits.html#custom-reqs-limits.reqsMS) + // in the Amazon RDS User Guide. + // // MariaDB // // For information, see MariaDB on Amazon RDS Versions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt) @@ -20872,10 +20893,10 @@ type CreateDBInstanceInput struct { // // Amazon RDS Custom // - // A KMS key is required for RDS Custom Oracle instances. For most RDS engines, - // if you leave this parameter empty while enabling StorageEncrypted, the engine - // uses the default KMS key. However, RDS Custom for Oracle doesn't use the - // default key when this parameter is empty. You must explicitly specify a key. + // A KMS key is required for RDS Custom instances. For most RDS engines, if + // you leave this parameter empty while enabling StorageEncrypted, the engine + // uses the default KMS key. However, RDS Custom doesn't use the default key + // when this parameter is empty. You must explicitly specify a key. KmsKeyId *string `type:"string"` // License model information for this DB instance. @@ -21150,8 +21171,8 @@ type CreateDBInstanceInput struct { // A value that indicates whether the DB instance is encrypted. By default, // it isn't encrypted. // - // For RDS Custom Oracle instances, either set this parameter to true or leave - // it unset. If you set this parameter to false, RDS reports an error. + // For RDS Custom instances, either set this parameter to true or leave it unset. + // If you set this parameter to false, RDS reports an error. // // Amazon Aurora // @@ -22298,7 +22319,7 @@ type CreateDBParameterGroupInput struct { // // * aurora (for MySQL 5.6-compatible Aurora) // - // * aurora-mysql (for MySQL 5.7-compatible Aurora) + // * aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora) // // * aurora-postgresql // @@ -24002,7 +24023,7 @@ type DBCluster struct { // Specifies whether the DB cluster is encrypted. StorageEncrypted *bool `type:"boolean"` - // The storage type associated with DB instance. + // The storage type associated with the DB cluster. // // This setting is only for non-Aurora Multi-AZ DB clusters. StorageType *string `type:"string"` @@ -24916,7 +24937,14 @@ type DBClusterSnapshot struct { // a null value. SourceDBClusterSnapshotArn *string `type:"string"` - // Specifies the status of this DB cluster snapshot. + // Specifies the status of this DB cluster snapshot. Valid statuses are the + // following: + // + // * available + // + // * copying + // + // * creating Status *string `type:"string"` // Specifies whether the DB cluster snapshot is encrypted. @@ -31558,7 +31586,7 @@ type DescribeDBEngineVersionsInput struct { // // * aurora (for MySQL 5.6-compatible Aurora) // - // * aurora-mysql (for MySQL 5.7-compatible Aurora) + // * aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora) // // * aurora-postgresql // @@ -35232,7 +35260,7 @@ type DescribeOrderableDBInstanceOptionsInput struct { // // * aurora (for MySQL 5.6-compatible Aurora) // - // * aurora-mysql (for MySQL 5.7-compatible Aurora) + // * aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora) // // * aurora-postgresql // @@ -38413,8 +38441,8 @@ type ModifyCustomDBEngineVersionInput struct { Engine *string `min:"1" type:"string" required:"true"` // The custom engine version (CEV) that you want to modify. This option is required - // for RDS Custom, but optional for Amazon RDS. The combination of Engine and - // EngineVersion is unique per customer per Amazon Web Services Region. + // for RDS Custom for Oracle, but optional for Amazon RDS. The combination of + // Engine and EngineVersion is unique per customer per Amazon Web Services Region. // // EngineVersion is a required field EngineVersion *string `min:"1" type:"string" required:"true"` @@ -39199,8 +39227,8 @@ type ModifyDBClusterInput struct { // // aws rds describe-db-engine-versions --engine aurora --query "DBEngineVersions[].EngineVersion" // - // To list all of the available engine versions for MySQL 5.7-compatible Aurora, - // use the following command: + // To list all of the available engine versions for MySQL 5.7-compatible and + // MySQL 8.0-compatible Aurora, use the following command: // // aws rds describe-db-engine-versions --engine aurora-mysql --query "DBEngineVersions[].EngineVersion" // @@ -39365,11 +39393,11 @@ type ModifyDBClusterInput struct { // Specifies the storage type to be associated with the DB cluster. // - // Valid values: standard | gp2 | io1 + // Valid values: io1 // - // If you specify io1, you must also include a value for the Iops parameter. + // When specified, a value for the Iops parameter is required. // - // Default: io1 if the Iops parameter is specified, otherwise gp2 + // Default: io1 // // Valid for: Multi-AZ DB clusters only StorageType *string `type:"string"` @@ -39906,9 +39934,8 @@ type ModifyDBInstanceInput struct { // the next maintenance window. Some parameter changes can cause an outage and // are applied on the next call to RebootDBInstance, or the next failure reboot. // Review the table of parameters in Modifying a DB Instance (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html) - // in the Amazon RDS User Guide. to see the impact of enabling or disabling - // ApplyImmediately for each modified parameter and to determine when the changes - // are applied. + // in the Amazon RDS User Guide to see the impact of enabling or disabling ApplyImmediately + // for each modified parameter and to determine when the changes are applied. ApplyImmediately *bool `type:"boolean"` // A value that indicates whether minor version upgrades are applied automatically @@ -39963,7 +39990,7 @@ type ModifyDBInstanceInput struct { // // * It must be a value from 0 to 35. It can't be set to 0 if the DB instance // is a source to read replicas. It can't be set to 0 or 35 for an RDS Custom - // DB instance. + // for Oracle DB instance. // // * It can be specified for a MySQL read replica only if the source is running // MySQL 5.6 or later. @@ -40030,7 +40057,7 @@ type ModifyDBInstanceInput struct { // The change is applied during the next maintenance window, unless ApplyImmediately // is enabled for this request. // - // This setting doesn't apply to RDS Custom. + // This setting doesn't apply to RDS Custom for Oracle. // // Default: Uses existing setting DBInstanceClass *string `type:"string"` @@ -40213,8 +40240,8 @@ type ModifyDBInstanceInput struct { // to the default minor version if the current minor version is lower. For information // about valid engine versions, see CreateDBInstance, or call DescribeDBEngineVersions. // - // In RDS Custom, this parameter is supported for read replicas only if they - // are in the PATCH_DB_FAILURE lifecycle. + // In RDS Custom for Oracle, this parameter is supported for read replicas only + // if they are in the PATCH_DB_FAILURE lifecycle. EngineVersion *string `type:"string"` // The new Provisioned IOPS (I/O operations per second) value for the RDS instance. @@ -40476,8 +40503,6 @@ type ModifyDBInstanceInput struct { // // Changes to the PubliclyAccessible parameter are applied immediately regardless // of the value of the ApplyImmediately parameter. - // - // This setting doesn't apply to RDS Custom. PubliclyAccessible *bool `type:"boolean"` // A value that sets the open mode of a replica database to either mounted or @@ -40923,7 +40948,7 @@ type ModifyDBParameterGroupInput struct { // An array of parameter names, values, and the application methods for the // parameter update. At least one parameter name, value, and application method - // method must be supplied; later arguments are optional. A maximum of 20 parameters + // must be supplied; later arguments are optional. A maximum of 20 parameters // can be modified in a single request. // // Valid Values (for the application method): immediate | pending-reboot @@ -40933,10 +40958,18 @@ type ModifyDBParameterGroupInput struct { // // When the application method is immediate, changes to dynamic parameters are // applied immediately to the DB instances associated with the parameter group. + // // When the application method is pending-reboot, changes to dynamic and static // parameters are applied after a reboot without failover to the DB instances // associated with the parameter group. // + // You can't use pending-reboot with dynamic parameters on RDS for SQL Server + // DB instances. Use immediate. + // + // For more information on modifying DB parameters, see Working with DB parameter + // groups (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithParamGroups.html) + // in the Amazon RDS User Guide. + // // Parameters is a required field Parameters []*Parameter `locationNameList:"Parameter" type:"list" required:"true"` } @@ -41880,7 +41913,7 @@ type ModifyGlobalClusterInput struct { // == `true`].[EngineVersion]' // // To list all of the available engine versions for aurora-mysql (for MySQL - // 5.7-compatible Aurora), use the following command: + // 5.7-compatible and MySQL 8.0-compatible Aurora), use the following command: // // aws rds describe-db-engine-versions --engine aurora-mysql --query '*[]|[?SupportsGlobalDatabases // == `true`].[EngineVersion]' @@ -45546,7 +45579,7 @@ type RestoreDBClusterFromS3Input struct { // The name of the database engine to be used for this DB cluster. // // Valid Values: aurora (for MySQL 5.6-compatible Aurora), aurora-mysql (for - // MySQL 5.7-compatible Aurora), and aurora-postgresql + // MySQL 5.7-compatible and MySQL 8.0-compatible Aurora), and aurora-postgresql // // Engine is a required field Engine *string `type:"string" required:"true"` @@ -45559,7 +45592,7 @@ type RestoreDBClusterFromS3Input struct { // aws rds describe-db-engine-versions --engine aurora --query "DBEngineVersions[].EngineVersion" // // To list all of the available engine versions for aurora-mysql (for MySQL - // 5.7-compatible Aurora), use the following command: + // 5.7-compatible and MySQL 8.0-compatible Aurora), use the following command: // // aws rds describe-db-engine-versions --engine aurora-mysql --query "DBEngineVersions[].EngineVersion" // @@ -45570,7 +45603,8 @@ type RestoreDBClusterFromS3Input struct { // // Aurora MySQL // - // Example: 5.6.10a, 5.6.mysql_aurora.1.19.2, 5.7.12, 5.7.mysql_aurora.2.04.5 + // Example: 5.6.10a, 5.6.mysql_aurora.1.19.2, 5.7.12, 5.7.mysql_aurora.2.04.5, + // 8.0.mysql_aurora.3.01.0 // // Aurora PostgreSQL // @@ -46155,8 +46189,8 @@ type RestoreDBClusterFromSnapshotInput struct { // // aws rds describe-db-engine-versions --engine aurora --query "DBEngineVersions[].EngineVersion" // - // To list all of the available engine versions for MySQL 5.7-compatible Aurora, - // use the following command: + // To list all of the available engine versions for MySQL 5.7-compatible and + // MySQL 8.0-compatible Aurora, use the following command: // // aws rds describe-db-engine-versions --engine aurora-mysql --query "DBEngineVersions[].EngineVersion" // @@ -46305,11 +46339,11 @@ type RestoreDBClusterFromSnapshotInput struct { // Specifies the storage type to be associated with the each DB instance in // the Multi-AZ DB cluster. // - // Valid values: standard | gp2 | io1 + // Valid values: io1 // - // If you specify io1, you must also include a value for the Iops parameter. + // When specified, a value for the Iops parameter is required. // - // Default: io1 if the Iops parameter is specified, otherwise gp2 + // Default: io1 // // Valid for: Aurora DB clusters and Multi-AZ DB clusters StorageType *string `type:"string"` @@ -46844,11 +46878,11 @@ type RestoreDBClusterToPointInTimeInput struct { // Specifies the storage type to be associated with the each DB instance in // the Multi-AZ DB cluster. // - // Valid values: standard | gp2 | io1 + // Valid values: io1 // - // If you specify io1, also include a value for the Iops parameter. + // When specified, a value for the Iops parameter is required. // - // Default: io1 if the Iops parameter is specified, otherwise gp2 + // Default: io1 // // Valid for: Multi-AZ DB clusters only StorageType *string `type:"string"` diff --git a/service/sagemaker/api.go b/service/sagemaker/api.go index 0fe3c8e4d3..b9e1132775 100644 --- a/service/sagemaker/api.go +++ b/service/sagemaker/api.go @@ -21631,16 +21631,16 @@ func (c *SageMaker) StopPipelineExecutionRequest(input *StopPipelineExecutionInp // // A pipeline execution won't stop while a callback step is running. When you // call StopPipelineExecution on a pipeline execution with a running callback -// step, SageMaker Pipelines sends an additional Amazon SQS message to the specified -// SQS queue. The body of the SQS message contains a "Status" field which is -// set to "Stopping". +// step, Amazon SageMaker Pipelines sends an additional Amazon SQS message to +// the specified SQS queue. The body of the SQS message contains a "Status" +// field which is set to "Stopping". // // You should add logic to your Amazon SQS message consumer to take any needed // action (for example, resource cleanup) upon receipt of the message followed // by a call to SendPipelineExecutionStepSuccess or SendPipelineExecutionStepFailure. // -// Only when SageMaker Pipelines receives one of these calls will it stop the -// pipeline execution. +// Only when Amazon SageMaker Pipelines receives one of these calls will it +// stop the pipeline execution. // // Lambda Step // @@ -21897,11 +21897,11 @@ func (c *SageMaker) StopTransformJobRequest(input *StopTransformJobInput) (req * // StopTransformJob API operation for Amazon SageMaker Service. // -// Stops a transform job. +// Stops a batch transform job. // // When Amazon SageMaker receives a StopTransformJob request, the status of // the job changes to Stopping. After Amazon SageMaker stops the job, the status -// is set to Stopped. When you stop a transform job before it is completed, +// is set to Stopped. When you stop a batch transform job before it is completed, // Amazon SageMaker doesn't store the job's output in Amazon S3. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -32122,7 +32122,7 @@ type CreateDomainInput struct { // A collection of Domain settings. DomainSettings *DomainSettings `type:"structure"` - // This member is deprecated and replaced with KmsKeyId. + // Use KmsKeyId. // // Deprecated: This property is deprecated, use KmsKeyId instead. HomeEfsFileSystemKmsKeyId *string `deprecated:"true" type:"string"` @@ -36407,10 +36407,16 @@ type CreatePipelineInput struct { // of the operation. An idempotent operation completes no more than one time. ClientRequestToken *string `min:"32" type:"string" idempotencyToken:"true"` + // This is the configuration that controls the parallelism of the pipeline. + // If specified, it applies to all runs of this pipeline by default. + ParallelismConfiguration *ParallelismConfiguration `type:"structure"` + // The JSON pipeline definition of the pipeline. - // - // PipelineDefinition is a required field - PipelineDefinition *string `min:"1" type:"string" required:"true"` + PipelineDefinition *string `min:"1" type:"string"` + + // The location of the pipeline definition stored in Amazon S3. If specified, + // SageMaker will retrieve the pipeline definition from this location. + PipelineDefinitionS3Location *PipelineDefinitionS3Location `type:"structure"` // A description of the pipeline. PipelineDescription *string `type:"string"` @@ -36457,9 +36463,6 @@ func (s *CreatePipelineInput) Validate() error { if s.ClientRequestToken != nil && len(*s.ClientRequestToken) < 32 { invalidParams.Add(request.NewErrParamMinLen("ClientRequestToken", 32)) } - if s.PipelineDefinition == nil { - invalidParams.Add(request.NewErrParamRequired("PipelineDefinition")) - } if s.PipelineDefinition != nil && len(*s.PipelineDefinition) < 1 { invalidParams.Add(request.NewErrParamMinLen("PipelineDefinition", 1)) } @@ -36478,6 +36481,16 @@ func (s *CreatePipelineInput) Validate() error { if s.RoleArn != nil && len(*s.RoleArn) < 20 { invalidParams.Add(request.NewErrParamMinLen("RoleArn", 20)) } + if s.ParallelismConfiguration != nil { + if err := s.ParallelismConfiguration.Validate(); err != nil { + invalidParams.AddNested("ParallelismConfiguration", err.(request.ErrInvalidParams)) + } + } + if s.PipelineDefinitionS3Location != nil { + if err := s.PipelineDefinitionS3Location.Validate(); err != nil { + invalidParams.AddNested("PipelineDefinitionS3Location", err.(request.ErrInvalidParams)) + } + } if s.Tags != nil { for i, v := range s.Tags { if v == nil { @@ -36501,12 +36514,24 @@ func (s *CreatePipelineInput) SetClientRequestToken(v string) *CreatePipelineInp return s } +// SetParallelismConfiguration sets the ParallelismConfiguration field's value. +func (s *CreatePipelineInput) SetParallelismConfiguration(v *ParallelismConfiguration) *CreatePipelineInput { + s.ParallelismConfiguration = v + return s +} + // SetPipelineDefinition sets the PipelineDefinition field's value. func (s *CreatePipelineInput) SetPipelineDefinition(v string) *CreatePipelineInput { s.PipelineDefinition = &v return s } +// SetPipelineDefinitionS3Location sets the PipelineDefinitionS3Location field's value. +func (s *CreatePipelineInput) SetPipelineDefinitionS3Location(v *PipelineDefinitionS3Location) *CreatePipelineInput { + s.PipelineDefinitionS3Location = v + return s +} + // SetPipelineDescription sets the PipelineDescription field's value. func (s *CreatePipelineInput) SetPipelineDescription(v string) *CreatePipelineInput { s.PipelineDescription = &v @@ -45462,7 +45487,7 @@ type DescribeDomainOutput struct { // The ID of the Amazon Elastic File System (EFS) managed by this Domain. HomeEfsFileSystemId *string `type:"string"` - // This member is deprecated and replaced with KmsKeyId. + // Use KmsKeyId. // // Deprecated: This property is deprecated, use KmsKeyId instead. HomeEfsFileSystemKmsKeyId *string `deprecated:"true" type:"string"` @@ -50051,6 +50076,9 @@ type DescribePipelineExecutionOutput struct { // The time when the pipeline execution was modified last. LastModifiedTime *time.Time `type:"timestamp"` + // The parallelism configuration applied to the pipeline. + ParallelismConfiguration *ParallelismConfiguration `type:"structure"` + // The Amazon Resource Name (ARN) of the pipeline. PipelineArn *string `type:"string"` @@ -50118,6 +50146,12 @@ func (s *DescribePipelineExecutionOutput) SetLastModifiedTime(v time.Time) *Desc return s } +// SetParallelismConfiguration sets the ParallelismConfiguration field's value. +func (s *DescribePipelineExecutionOutput) SetParallelismConfiguration(v *ParallelismConfiguration) *DescribePipelineExecutionOutput { + s.ParallelismConfiguration = v + return s +} + // SetPipelineArn sets the PipelineArn field's value. func (s *DescribePipelineExecutionOutput) SetPipelineArn(v string) *DescribePipelineExecutionOutput { s.PipelineArn = &v @@ -50223,6 +50257,9 @@ type DescribePipelineOutput struct { // The time when the pipeline was last run. LastRunTime *time.Time `type:"timestamp"` + // Lists the parallelism configuration applied to the pipeline. + ParallelismConfiguration *ParallelismConfiguration `type:"structure"` + // The Amazon Resource Name (ARN) of the pipeline. PipelineArn *string `type:"string"` @@ -50293,6 +50330,12 @@ func (s *DescribePipelineOutput) SetLastRunTime(v time.Time) *DescribePipelineOu return s } +// SetParallelismConfiguration sets the ParallelismConfiguration field's value. +func (s *DescribePipelineOutput) SetParallelismConfiguration(v *ParallelismConfiguration) *DescribePipelineOutput { + s.ParallelismConfiguration = v + return s +} + // SetPipelineArn sets the PipelineArn field's value. func (s *DescribePipelineOutput) SetPipelineArn(v string) *DescribePipelineOutput { s.PipelineArn = &v @@ -53665,6 +53708,65 @@ func (s *DriftCheckModelQuality) SetStatistics(v *MetricsSource) *DriftCheckMode return s } +// The configurations and outcomes of an Amazon EMR step execution. +type EMRStepMetadata struct { + _ struct{} `type:"structure"` + + // The identifier of the EMR cluster. + ClusterId *string `type:"string"` + + // The path to the log file where the cluster step's failure root cause is recorded. + LogFilePath *string `type:"string"` + + // The identifier of the EMR cluster step. + StepId *string `type:"string"` + + // The name of the EMR cluster step. + StepName *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EMRStepMetadata) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EMRStepMetadata) GoString() string { + return s.String() +} + +// SetClusterId sets the ClusterId field's value. +func (s *EMRStepMetadata) SetClusterId(v string) *EMRStepMetadata { + s.ClusterId = &v + return s +} + +// SetLogFilePath sets the LogFilePath field's value. +func (s *EMRStepMetadata) SetLogFilePath(v string) *EMRStepMetadata { + s.LogFilePath = &v + return s +} + +// SetStepId sets the StepId field's value. +func (s *EMRStepMetadata) SetStepId(v string) *EMRStepMetadata { + s.StepId = &v + return s +} + +// SetStepName sets the StepName field's value. +func (s *EMRStepMetadata) SetStepName(v string) *EMRStepMetadata { + s.StepName = &v + return s +} + // A directed edge connecting two lineage entities. type Edge struct { _ struct{} `type:"structure"` @@ -60212,11 +60314,12 @@ type InputConfig struct { // Framework is a required field Framework *string `type:"string" required:"true" enum:"Framework"` - // Specifies the framework version to use. + // Specifies the framework version to use. This API field is only supported + // for the PyTorch and TensorFlow frameworks. // - // This API field is only supported for PyTorch framework versions 1.4, 1.5, - // and 1.6 for cloud instance target devices: ml_c4, ml_c5, ml_m4, ml_m5, ml_p2, - // ml_p3, and ml_g4dn. + // For information about framework versions supported for cloud targets and + // edge devices, see Cloud Supported Instance Types and Frameworks (https://docs.aws.amazon.com/sagemaker/latest/dg/neo-supported-cloud.html) + // and Edge Supported Frameworks (https://docs.aws.amazon.com/sagemaker/latest/dg/neo-supported-devices-edge-frameworks.html). FrameworkVersion *string `min:"3" type:"string"` // The S3 path where the model artifacts, which result from model training, @@ -76301,6 +76404,58 @@ func (s *OutputParameter) SetValue(v string) *OutputParameter { return s } +// Configuration that controls the parallelism of the pipeline. By default, +// the parallelism configuration specified applies to all executions of the +// pipeline unless overridden. +type ParallelismConfiguration struct { + _ struct{} `type:"structure"` + + // The max number of steps that can be executed in parallel. + // + // MaxParallelExecutionSteps is a required field + MaxParallelExecutionSteps *int64 `min:"1" type:"integer" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ParallelismConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ParallelismConfiguration) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ParallelismConfiguration) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ParallelismConfiguration"} + if s.MaxParallelExecutionSteps == nil { + invalidParams.Add(request.NewErrParamRequired("MaxParallelExecutionSteps")) + } + if s.MaxParallelExecutionSteps != nil && *s.MaxParallelExecutionSteps < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxParallelExecutionSteps", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMaxParallelExecutionSteps sets the MaxParallelExecutionSteps field's value. +func (s *ParallelismConfiguration) SetMaxParallelExecutionSteps(v int64) *ParallelismConfiguration { + s.MaxParallelExecutionSteps = &v + return s +} + // Assigns a value to a named Pipeline parameter. type Parameter struct { _ struct{} `type:"structure"` @@ -76919,6 +77074,9 @@ type Pipeline struct { // The time when the pipeline was last run. LastRunTime *time.Time `type:"timestamp"` + // The parallelism configuration applied to the pipeline. + ParallelismConfiguration *ParallelismConfiguration `type:"structure"` + // The Amazon Resource Name (ARN) of the pipeline. PipelineArn *string `type:"string"` @@ -76989,6 +77147,12 @@ func (s *Pipeline) SetLastRunTime(v time.Time) *Pipeline { return s } +// SetParallelismConfiguration sets the ParallelismConfiguration field's value. +func (s *Pipeline) SetParallelismConfiguration(v *ParallelismConfiguration) *Pipeline { + s.ParallelismConfiguration = v + return s +} + // SetPipelineArn sets the PipelineArn field's value. func (s *Pipeline) SetPipelineArn(v string) *Pipeline { s.PipelineArn = &v @@ -77031,6 +77195,86 @@ func (s *Pipeline) SetTags(v []*Tag) *Pipeline { return s } +// The location of the pipeline definition stored in Amazon S3. +type PipelineDefinitionS3Location struct { + _ struct{} `type:"structure"` + + // Name of the S3 bucket. + // + // Bucket is a required field + Bucket *string `min:"3" type:"string" required:"true"` + + // The object key (or key name) uniquely identifies the object in an S3 bucket. + // + // ObjectKey is a required field + ObjectKey *string `min:"1" type:"string" required:"true"` + + // Version Id of the pipeline definition file. If not specified, Amazon SageMaker + // will retrieve the latest version. + VersionId *string `min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PipelineDefinitionS3Location) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PipelineDefinitionS3Location) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *PipelineDefinitionS3Location) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PipelineDefinitionS3Location"} + if s.Bucket == nil { + invalidParams.Add(request.NewErrParamRequired("Bucket")) + } + if s.Bucket != nil && len(*s.Bucket) < 3 { + invalidParams.Add(request.NewErrParamMinLen("Bucket", 3)) + } + if s.ObjectKey == nil { + invalidParams.Add(request.NewErrParamRequired("ObjectKey")) + } + if s.ObjectKey != nil && len(*s.ObjectKey) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ObjectKey", 1)) + } + if s.VersionId != nil && len(*s.VersionId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("VersionId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetBucket sets the Bucket field's value. +func (s *PipelineDefinitionS3Location) SetBucket(v string) *PipelineDefinitionS3Location { + s.Bucket = &v + return s +} + +// SetObjectKey sets the ObjectKey field's value. +func (s *PipelineDefinitionS3Location) SetObjectKey(v string) *PipelineDefinitionS3Location { + s.ObjectKey = &v + return s +} + +// SetVersionId sets the VersionId field's value. +func (s *PipelineDefinitionS3Location) SetVersionId(v string) *PipelineDefinitionS3Location { + s.VersionId = &v + return s +} + // An execution of a pipeline. type PipelineExecution struct { _ struct{} `type:"structure"` @@ -77052,6 +77296,9 @@ type PipelineExecution struct { // The time that the pipeline execution was last modified. LastModifiedTime *time.Time `type:"timestamp"` + // The parallelism configuration applied to the pipeline execution. + ParallelismConfiguration *ParallelismConfiguration `type:"structure"` + // The Amazon Resource Name (ARN) of the pipeline that was executed. PipelineArn *string `type:"string"` @@ -77122,6 +77369,12 @@ func (s *PipelineExecution) SetLastModifiedTime(v time.Time) *PipelineExecution return s } +// SetParallelismConfiguration sets the ParallelismConfiguration field's value. +func (s *PipelineExecution) SetParallelismConfiguration(v *ParallelismConfiguration) *PipelineExecution { + s.ParallelismConfiguration = v + return s +} + // SetPipelineArn sets the PipelineArn field's value. func (s *PipelineExecution) SetPipelineArn(v string) *PipelineExecution { s.PipelineArn = &v @@ -77168,6 +77421,8 @@ func (s *PipelineExecution) SetPipelineParameters(v []*Parameter) *PipelineExecu type PipelineExecutionStep struct { _ struct{} `type:"structure"` + // The current attempt of the execution step. For more information, see Retry + // Policy for Amazon SageMaker Pipelines steps (https://docs.aws.amazon.com/https:/docs.aws.amazon.com/sagemaker/latest/dg/pipelines-retry-policy.html). AttemptCount *int64 `type:"integer"` // If this pipeline execution step was cached, details on the cache hit. @@ -77186,6 +77441,12 @@ type PipelineExecutionStep struct { // The time that the step started executing. StartTime *time.Time `type:"timestamp"` + // The description of the step. + StepDescription *string `type:"string"` + + // The display name of the step. + StepDisplayName *string `type:"string"` + // The name of the step that is executed. StepName *string `type:"string"` @@ -77247,6 +77508,18 @@ func (s *PipelineExecutionStep) SetStartTime(v time.Time) *PipelineExecutionStep return s } +// SetStepDescription sets the StepDescription field's value. +func (s *PipelineExecutionStep) SetStepDescription(v string) *PipelineExecutionStep { + s.StepDescription = &v + return s +} + +// SetStepDisplayName sets the StepDisplayName field's value. +func (s *PipelineExecutionStep) SetStepDisplayName(v string) *PipelineExecutionStep { + s.StepDisplayName = &v + return s +} + // SetStepName sets the StepName field's value. func (s *PipelineExecutionStep) SetStepName(v string) *PipelineExecutionStep { s.StepName = &v @@ -77292,6 +77565,9 @@ type PipelineExecutionStepMetadata struct { // The outcome of the condition evaluation that was run by this step execution. Condition *ConditionStepMetadata `type:"structure"` + // The configurations and outcomes of an EMR step execution. + EMR *EMRStepMetadata `type:"structure"` + // The Amazon Resource Name (ARN) of the Lambda function that was run by this // step execution and a list of output parameters. Lambda *LambdaStepMetadata `type:"structure"` @@ -77378,6 +77654,12 @@ func (s *PipelineExecutionStepMetadata) SetCondition(v *ConditionStepMetadata) * return s } +// SetEMR sets the EMR field's value. +func (s *PipelineExecutionStepMetadata) SetEMR(v *EMRStepMetadata) *PipelineExecutionStepMetadata { + s.EMR = v + return s +} + // SetLambda sets the Lambda field's value. func (s *PipelineExecutionStepMetadata) SetLambda(v *LambdaStepMetadata) *PipelineExecutionStepMetadata { s.Lambda = v @@ -82270,6 +82552,10 @@ type RetryPipelineExecutionInput struct { // of the operation. An idempotent operation completes no more than once. ClientRequestToken *string `min:"32" type:"string" idempotencyToken:"true"` + // This configuration, if specified, overrides the parallelism configuration + // of the parent pipeline. + ParallelismConfiguration *ParallelismConfiguration `type:"structure"` + // The Amazon Resource Name (ARN) of the pipeline execution. // // PipelineExecutionArn is a required field @@ -82303,6 +82589,11 @@ func (s *RetryPipelineExecutionInput) Validate() error { if s.PipelineExecutionArn == nil { invalidParams.Add(request.NewErrParamRequired("PipelineExecutionArn")) } + if s.ParallelismConfiguration != nil { + if err := s.ParallelismConfiguration.Validate(); err != nil { + invalidParams.AddNested("ParallelismConfiguration", err.(request.ErrInvalidParams)) + } + } if invalidParams.Len() > 0 { return invalidParams @@ -82316,6 +82607,12 @@ func (s *RetryPipelineExecutionInput) SetClientRequestToken(v string) *RetryPipe return s } +// SetParallelismConfiguration sets the ParallelismConfiguration field's value. +func (s *RetryPipelineExecutionInput) SetParallelismConfiguration(v *ParallelismConfiguration) *RetryPipelineExecutionInput { + s.ParallelismConfiguration = v + return s +} + // SetPipelineExecutionArn sets the PipelineExecutionArn field's value. func (s *RetryPipelineExecutionInput) SetPipelineExecutionArn(v string) *RetryPipelineExecutionInput { s.PipelineExecutionArn = &v @@ -84125,6 +84422,10 @@ type StartPipelineExecutionInput struct { // of the operation. An idempotent operation completes no more than once. ClientRequestToken *string `min:"32" type:"string" idempotencyToken:"true"` + // This configuration, if specified, overrides the parallelism configuration + // of the parent pipeline for this specific run. + ParallelismConfiguration *ParallelismConfiguration `type:"structure"` + // The description of the pipeline execution. PipelineExecutionDescription *string `type:"string"` @@ -84173,6 +84474,11 @@ func (s *StartPipelineExecutionInput) Validate() error { if s.PipelineName != nil && len(*s.PipelineName) < 1 { invalidParams.Add(request.NewErrParamMinLen("PipelineName", 1)) } + if s.ParallelismConfiguration != nil { + if err := s.ParallelismConfiguration.Validate(); err != nil { + invalidParams.AddNested("ParallelismConfiguration", err.(request.ErrInvalidParams)) + } + } if s.PipelineParameters != nil { for i, v := range s.PipelineParameters { if v == nil { @@ -84196,6 +84502,12 @@ func (s *StartPipelineExecutionInput) SetClientRequestToken(v string) *StartPipe return s } +// SetParallelismConfiguration sets the ParallelismConfiguration field's value. +func (s *StartPipelineExecutionInput) SetParallelismConfiguration(v *ParallelismConfiguration) *StartPipelineExecutionInput { + s.ParallelismConfiguration = v + return s +} + // SetPipelineExecutionDescription sets the PipelineExecutionDescription field's value. func (s *StartPipelineExecutionInput) SetPipelineExecutionDescription(v string) *StartPipelineExecutionInput { s.PipelineExecutionDescription = &v @@ -85051,7 +85363,7 @@ func (s StopTrainingJobOutput) GoString() string { type StopTransformJobInput struct { _ struct{} `type:"structure"` - // The name of the transform job to stop. + // The name of the batch transform job to stop. // // TransformJobName is a required field TransformJobName *string `min:"1" type:"string" required:"true"` @@ -91105,6 +91417,10 @@ func (s UpdateNotebookInstanceOutput) GoString() string { type UpdatePipelineExecutionInput struct { _ struct{} `type:"structure"` + // This configuration, if specified, overrides the parallelism configuration + // of the parent pipeline for this specific run. + ParallelismConfiguration *ParallelismConfiguration `type:"structure"` + // The Amazon Resource Name (ARN) of the pipeline execution. // // PipelineExecutionArn is a required field @@ -91144,6 +91460,11 @@ func (s *UpdatePipelineExecutionInput) Validate() error { if s.PipelineExecutionDisplayName != nil && len(*s.PipelineExecutionDisplayName) < 1 { invalidParams.Add(request.NewErrParamMinLen("PipelineExecutionDisplayName", 1)) } + if s.ParallelismConfiguration != nil { + if err := s.ParallelismConfiguration.Validate(); err != nil { + invalidParams.AddNested("ParallelismConfiguration", err.(request.ErrInvalidParams)) + } + } if invalidParams.Len() > 0 { return invalidParams @@ -91151,6 +91472,12 @@ func (s *UpdatePipelineExecutionInput) Validate() error { return nil } +// SetParallelismConfiguration sets the ParallelismConfiguration field's value. +func (s *UpdatePipelineExecutionInput) SetParallelismConfiguration(v *ParallelismConfiguration) *UpdatePipelineExecutionInput { + s.ParallelismConfiguration = v + return s +} + // SetPipelineExecutionArn sets the PipelineExecutionArn field's value. func (s *UpdatePipelineExecutionInput) SetPipelineExecutionArn(v string) *UpdatePipelineExecutionInput { s.PipelineExecutionArn = &v @@ -91203,9 +91530,16 @@ func (s *UpdatePipelineExecutionOutput) SetPipelineExecutionArn(v string) *Updat type UpdatePipelineInput struct { _ struct{} `type:"structure"` + // If specified, it applies to all executions of this pipeline by default. + ParallelismConfiguration *ParallelismConfiguration `type:"structure"` + // The JSON pipeline definition. PipelineDefinition *string `min:"1" type:"string"` + // The location of the pipeline definition stored in Amazon S3. If specified, + // SageMaker will retrieve the pipeline definition from this location. + PipelineDefinitionS3Location *PipelineDefinitionS3Location `type:"structure"` + // The description of the pipeline. PipelineDescription *string `type:"string"` @@ -91257,6 +91591,16 @@ func (s *UpdatePipelineInput) Validate() error { if s.RoleArn != nil && len(*s.RoleArn) < 20 { invalidParams.Add(request.NewErrParamMinLen("RoleArn", 20)) } + if s.ParallelismConfiguration != nil { + if err := s.ParallelismConfiguration.Validate(); err != nil { + invalidParams.AddNested("ParallelismConfiguration", err.(request.ErrInvalidParams)) + } + } + if s.PipelineDefinitionS3Location != nil { + if err := s.PipelineDefinitionS3Location.Validate(); err != nil { + invalidParams.AddNested("PipelineDefinitionS3Location", err.(request.ErrInvalidParams)) + } + } if invalidParams.Len() > 0 { return invalidParams @@ -91264,12 +91608,24 @@ func (s *UpdatePipelineInput) Validate() error { return nil } +// SetParallelismConfiguration sets the ParallelismConfiguration field's value. +func (s *UpdatePipelineInput) SetParallelismConfiguration(v *ParallelismConfiguration) *UpdatePipelineInput { + s.ParallelismConfiguration = v + return s +} + // SetPipelineDefinition sets the PipelineDefinition field's value. func (s *UpdatePipelineInput) SetPipelineDefinition(v string) *UpdatePipelineInput { s.PipelineDefinition = &v return s } +// SetPipelineDefinitionS3Location sets the PipelineDefinitionS3Location field's value. +func (s *UpdatePipelineInput) SetPipelineDefinitionS3Location(v *PipelineDefinitionS3Location) *UpdatePipelineInput { + s.PipelineDefinitionS3Location = v + return s +} + // SetPipelineDescription sets the PipelineDescription field's value. func (s *UpdatePipelineInput) SetPipelineDescription(v string) *UpdatePipelineInput { s.PipelineDescription = &v