diff --git a/CHANGELOG.md b/CHANGELOG.md index ecf3441ffb..1a81bf22a8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,17 @@ +Release v1.40.6 (2021-07-22) +=== + +### Service Client Updates +* `service/databrew`: Updates service API and documentation +* `service/ec2`: Updates service API and documentation + * This release allows customers to assign prefixes to their elastic network interface and to reserve IP blocks in their subnet CIDRs. These reserved blocks can be used to assign prefixes to elastic network interfaces or be excluded from auto-assignment. +* `service/elasticloadbalancingv2`: Updates service documentation +* `service/medialive`: Updates service API and documentation + * MediaLive now supports passing through style data on WebVTT caption outputs. +* `service/qldb`: Updates service API and documentation +* `service/s3control`: Updates service documentation + * Documentation updates for Amazon S3-control + Release v1.40.5 (2021-07-21) === diff --git a/aws/version.go b/aws/version.go index 9a521b2a30..cb8e110532 100644 --- a/aws/version.go +++ b/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.40.5" +const SDKVersion = "1.40.6" diff --git a/models/apis/databrew/2017-07-25/api-2.json b/models/apis/databrew/2017-07-25/api-2.json index 6385c602ed..5f21a261c1 100644 --- a/models/apis/databrew/2017-07-25/api-2.json +++ b/models/apis/databrew/2017-07-25/api-2.json @@ -619,6 +619,31 @@ "max":20, "min":0 }, + "ColumnSelector":{ + "type":"structure", + "members":{ + "Regex":{"shape":"ColumnName"}, + "Name":{"shape":"ColumnName"} + } + }, + "ColumnSelectorList":{ + "type":"list", + "member":{"shape":"ColumnSelector"}, + "min":1 + }, + "ColumnStatisticsConfiguration":{ + "type":"structure", + "required":["Statistics"], + "members":{ + "Selectors":{"shape":"ColumnSelectorList"}, + "Statistics":{"shape":"StatisticsConfiguration"} + } + }, + "ColumnStatisticsConfigurationList":{ + "type":"list", + "member":{"shape":"ColumnStatisticsConfiguration"}, + "min":1 + }, "CompressionFormat":{ "type":"string", "enum":[ @@ -707,6 +732,7 @@ "MaxCapacity":{"shape":"MaxCapacity"}, "MaxRetries":{"shape":"MaxRetries"}, "OutputLocation":{"shape":"S3Location"}, + "Configuration":{"shape":"ProfileConfiguration"}, "RoleArn":{"shape":"Arn"}, "Tags":{"shape":"TagMap"}, "Timeout":{"shape":"Timeout"}, @@ -760,6 +786,7 @@ "MaxRetries":{"shape":"MaxRetries"}, "Outputs":{"shape":"OutputList"}, "DataCatalogOutputs":{"shape":"DataCatalogOutputList"}, + "DatabaseOutputs":{"shape":"DatabaseOutputList"}, "ProjectName":{"shape":"ProjectName"}, "RecipeReference":{"shape":"RecipeReference"}, "RoleArn":{"shape":"Arn"}, @@ -883,6 +910,27 @@ "max":255, "min":1 }, + "DatabaseOutput":{ + "type":"structure", + "required":[ + "GlueConnectionName", + "DatabaseOptions" + ], + "members":{ + "GlueConnectionName":{"shape":"GlueConnectionName"}, + "DatabaseOptions":{"shape":"DatabaseTableOutputOptions"}, + "DatabaseOutputMode":{"shape":"DatabaseOutputMode"} + } + }, + "DatabaseOutputList":{ + "type":"list", + "member":{"shape":"DatabaseOutput"}, + "min":1 + }, + "DatabaseOutputMode":{ + "type":"string", + "enum":["NEW_TABLE"] + }, "DatabaseTableName":{ "type":"string", "max":255, @@ -1124,7 +1172,9 @@ "MaxRetries":{"shape":"MaxRetries"}, "Outputs":{"shape":"OutputList"}, "DataCatalogOutputs":{"shape":"DataCatalogOutputList"}, + "DatabaseOutputs":{"shape":"DatabaseOutputList"}, "ProjectName":{"shape":"ProjectName"}, + "ProfileConfiguration":{"shape":"ProfileConfiguration"}, "RecipeReference":{"shape":"RecipeReference"}, "ResourceArn":{"shape":"Arn"}, "RoleArn":{"shape":"Arn"}, @@ -1162,12 +1212,14 @@ "ErrorMessage":{"shape":"JobRunErrorMessage"}, "ExecutionTime":{"shape":"ExecutionTime"}, "JobName":{"shape":"JobName"}, + "ProfileConfiguration":{"shape":"ProfileConfiguration"}, "RunId":{"shape":"JobRunId"}, "State":{"shape":"JobRunState"}, "LogSubscription":{"shape":"LogSubscription"}, "LogGroupName":{"shape":"LogGroupName"}, "Outputs":{"shape":"OutputList"}, "DataCatalogOutputs":{"shape":"DataCatalogOutputList"}, + "DatabaseOutputs":{"shape":"DatabaseOutputList"}, "RecipeReference":{"shape":"RecipeReference"}, "StartedBy":{"shape":"StartedBy"}, "StartedOn":{"shape":"Date"}, @@ -1379,6 +1431,7 @@ "MaxRetries":{"shape":"MaxRetries"}, "Outputs":{"shape":"OutputList"}, "DataCatalogOutputs":{"shape":"DataCatalogOutputList"}, + "DatabaseOutputs":{"shape":"DatabaseOutputList"}, "ProjectName":{"shape":"ProjectName"}, "RecipeReference":{"shape":"RecipeReference"}, "ResourceArn":{"shape":"Arn"}, @@ -1417,6 +1470,7 @@ "LogGroupName":{"shape":"LogGroupName"}, "Outputs":{"shape":"OutputList"}, "DataCatalogOutputs":{"shape":"DataCatalogOutputList"}, + "DatabaseOutputs":{"shape":"DatabaseOutputList"}, "RecipeReference":{"shape":"RecipeReference"}, "StartedBy":{"shape":"StartedBy"}, "StartedOn":{"shape":"Date"}, @@ -1796,7 +1850,7 @@ }, "ParameterValue":{ "type":"string", - "max":12288, + "max":32768, "min":1 }, "PathOptions":{ @@ -1820,6 +1874,14 @@ "min":1 }, "Preview":{"type":"boolean"}, + "ProfileConfiguration":{ + "type":"structure", + "members":{ + "DatasetStatisticsConfiguration":{"shape":"StatisticsConfiguration"}, + "ProfileColumns":{"shape":"ColumnSelectorList"}, + "ColumnStatisticsConfigurations":{"shape":"ColumnStatisticsConfigurationList"} + } + }, "Project":{ "type":"structure", "required":[ @@ -2154,6 +2216,40 @@ } }, "StartedBy":{"type":"string"}, + "Statistic":{ + "type":"string", + "max":128, + "min":1, + "pattern":"^[A-Z\\_]+$" + }, + "StatisticList":{ + "type":"list", + "member":{"shape":"Statistic"}, + "min":1 + }, + "StatisticOverride":{ + "type":"structure", + "required":[ + "Statistic", + "Parameters" + ], + "members":{ + "Statistic":{"shape":"Statistic"}, + "Parameters":{"shape":"ParameterMap"} + } + }, + "StatisticOverrideList":{ + "type":"list", + "member":{"shape":"StatisticOverride"}, + "min":1 + }, + "StatisticsConfiguration":{ + "type":"structure", + "members":{ + "IncludedStatistics":{"shape":"StatisticList"}, + "Overrides":{"shape":"StatisticOverrideList"} + } + }, "StepIndex":{ "type":"integer", "min":0 @@ -2303,6 +2399,7 @@ "RoleArn" ], "members":{ + "Configuration":{"shape":"ProfileConfiguration"}, "EncryptionKeyArn":{"shape":"EncryptionKeyArn"}, "EncryptionMode":{"shape":"EncryptionMode"}, "Name":{ @@ -2369,6 +2466,7 @@ "MaxRetries":{"shape":"MaxRetries"}, "Outputs":{"shape":"OutputList"}, "DataCatalogOutputs":{"shape":"DataCatalogOutputList"}, + "DatabaseOutputs":{"shape":"DatabaseOutputList"}, "RoleArn":{"shape":"Arn"}, "Timeout":{"shape":"Timeout"} } diff --git a/models/apis/databrew/2017-07-25/docs-2.json b/models/apis/databrew/2017-07-25/docs-2.json index a92014e608..d8179a844d 100644 --- a/models/apis/databrew/2017-07-25/docs-2.json +++ b/models/apis/databrew/2017-07-25/docs-2.json @@ -124,7 +124,7 @@ "base": null, "refs": { "DataCatalogInputDefinition$CatalogId": "
The unique identifier of the Amazon Web Services account that holds the Data Catalog that stores the data.
", - "DataCatalogOutput$CatalogId": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.
" + "DataCatalogOutput$CatalogId": "The unique identifier of the Amazon Web Services account that holds the Data Catalog that stores the data.
" } }, "ClientSessionId": { @@ -138,6 +138,8 @@ "base": null, "refs": { "ColumnNameList$member": null, + "ColumnSelector$Regex": "A regular expression for selecting a column from a dataset.
", + "ColumnSelector$Name": "The name of a column from a dataset.
", "HiddenColumnList$member": null } }, @@ -153,6 +155,31 @@ "ViewFrame$ColumnRange": "The number of columns to include in the view frame, beginning with the StartColumnIndex
value and ignoring any columns in the HiddenColumns
list.
Selector of a column from a dataset for profile job configuration. One selector includes either a column name or a regular expression.
", + "refs": { + "ColumnSelectorList$member": null + } + }, + "ColumnSelectorList": { + "base": null, + "refs": { + "ColumnStatisticsConfiguration$Selectors": "List of column selectors. Selectors can be used to select columns from the dataset. When selectors are undefined, configuration will be applied to all supported columns.
", + "ProfileConfiguration$ProfileColumns": "List of column selectors. ProfileColumns can be used to select columns from the dataset. When ProfileColumns is undefined, the profile job will profile all supported columns.
" + } + }, + "ColumnStatisticsConfiguration": { + "base": "Configuration for column evaluations for a profile job. ColumnStatisticsConfiguration can be used to select evaluations and override parameters of evaluations for particular columns.
", + "refs": { + "ColumnStatisticsConfigurationList$member": null + } + }, + "ColumnStatisticsConfigurationList": { + "base": null, + "refs": { + "ProfileConfiguration$ColumnStatisticsConfigurations": "List of configurations for column evaluations. ColumnStatisticsConfigurations are used to select evaluations and override parameters of evaluations for particular columns. When ColumnStatisticsConfigurations is undefined, the profile job will profile all supported columns and run all supported evaluations.
" + } + }, "CompressionFormat": { "base": null, "refs": { @@ -298,7 +325,7 @@ } }, "DataCatalogOutput": { - "base": "Represents options that specify how and where DataBrew writes the output generated by recipe jobs.
", + "base": "Represents options that specify how and where in the Glue Data Catalog DataBrew writes the output generated by recipe jobs.
", "refs": { "DataCatalogOutputList$member": null } @@ -306,12 +333,12 @@ "DataCatalogOutputList": { "base": null, "refs": { - "CreateRecipeJobRequest$DataCatalogOutputs": "One or more artifacts that represent the AWS Glue Data Catalog output from running the job.
", - "DescribeJobResponse$DataCatalogOutputs": "One or more artifacts that represent the AWS Glue Data Catalog output from running the job.
", - "DescribeJobRunResponse$DataCatalogOutputs": "One or more artifacts that represent the AWS Glue Data Catalog output from running the job.
", - "Job$DataCatalogOutputs": "One or more artifacts that represent the AWS Glue Data Catalog output from running the job.
", - "JobRun$DataCatalogOutputs": "One or more artifacts that represent the AWS Glue Data Catalog output from running the job.
", - "UpdateRecipeJobRequest$DataCatalogOutputs": "One or more artifacts that represent the AWS Glue Data Catalog output from running the job.
" + "CreateRecipeJobRequest$DataCatalogOutputs": "One or more artifacts that represent the Glue Data Catalog output from running the job.
", + "DescribeJobResponse$DataCatalogOutputs": "One or more artifacts that represent the Glue Data Catalog output from running the job.
", + "DescribeJobRunResponse$DataCatalogOutputs": "One or more artifacts that represent the Glue Data Catalog output from running the job.
", + "Job$DataCatalogOutputs": "One or more artifacts that represent the Glue Data Catalog output from running the job.
", + "JobRun$DataCatalogOutputs": "One or more artifacts that represent the Glue Data Catalog output from running the job.
", + "UpdateRecipeJobRequest$DataCatalogOutputs": "One or more artifacts that represent the Glue Data Catalog output from running the job.
" } }, "DatabaseInputDefinition": { @@ -327,6 +354,29 @@ "DataCatalogOutput$DatabaseName": "The name of a database in the Data Catalog.
" } }, + "DatabaseOutput": { + "base": "Represents a JDBC database output object which defines the output destination for a DataBrew recipe job to write into.
", + "refs": { + "DatabaseOutputList$member": null + } + }, + "DatabaseOutputList": { + "base": null, + "refs": { + "CreateRecipeJobRequest$DatabaseOutputs": "Represents a list of JDBC database output objects which defines the output destination for a DataBrew recipe job to write to.
", + "DescribeJobResponse$DatabaseOutputs": "Represents a list of JDBC database output objects which defines the output destination for a DataBrew recipe job to write into.
", + "DescribeJobRunResponse$DatabaseOutputs": "Represents a list of JDBC database output objects which defines the output destination for a DataBrew recipe job to write into.
", + "Job$DatabaseOutputs": "Represents a list of JDBC database output objects which defines the output destination for a DataBrew recipe job to write into.
", + "JobRun$DatabaseOutputs": "Represents a list of JDBC database output objects which defines the output destination for a DataBrew recipe job to write into.
", + "UpdateRecipeJobRequest$DatabaseOutputs": "Represents a list of JDBC database output objects which defines the output destination for a DataBrew recipe job to write into.
" + } + }, + "DatabaseOutputMode": { + "base": null, + "refs": { + "DatabaseOutput$DatabaseOutputMode": "The output mode to write into the database. Currently supported option: NEW_TABLE.
" + } + }, "DatabaseTableName": { "base": null, "refs": { @@ -337,7 +387,8 @@ "DatabaseTableOutputOptions": { "base": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.
", "refs": { - "DataCatalogOutput$DatabaseOptions": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.
" + "DataCatalogOutput$DatabaseOptions": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.
", + "DatabaseOutput$DatabaseOptions": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.
" } }, "Dataset": { @@ -617,7 +668,8 @@ "GlueConnectionName": { "base": null, "refs": { - "DatabaseInputDefinition$GlueConnectionName": "The Glue Connection that stores the connection information for the target database.
" + "DatabaseInputDefinition$GlueConnectionName": "The Glue Connection that stores the connection information for the target database.
", + "DatabaseOutput$GlueConnectionName": "The Glue connection that stores the connection information for the target database.
" } }, "HeaderRow": { @@ -999,7 +1051,7 @@ } }, "Output": { - "base": "Represents options that specify how and where DataBrew writes the output generated by recipe jobs or profile jobs.
", + "base": "Represents options that specify how and where in Amazon S3 DataBrew writes the output generated by recipe jobs or profile jobs.
", "refs": { "OutputList$member": null } @@ -1037,7 +1089,8 @@ "ParameterMap": { "base": null, "refs": { - "RecipeAction$Parameters": "Contextual parameters for the transformation.
" + "RecipeAction$Parameters": "Contextual parameters for the transformation.
", + "StatisticOverride$Parameters": "A map that includes overrides of an evaluation’s parameters.
" } }, "ParameterName": { @@ -1086,6 +1139,15 @@ "SendProjectSessionActionRequest$Preview": "If true, the result of the recipe step will be returned, but not applied.
" } }, + "ProfileConfiguration": { + "base": "Configuration for profile jobs. Configuration can be used to select columns, do evaluations, and override default parameters of evaluations. When configuration is undefined, the profile job will apply default settings to all supported columns.
", + "refs": { + "CreateProfileJobRequest$Configuration": "Configuration for profile jobs. Used to select columns, do evaluations, and override default parameters of evaluations. When configuration is null, the profile job will run with default settings.
", + "DescribeJobResponse$ProfileConfiguration": "Configuration for profile jobs. Used to select columns, do evaluations, and override default parameters of evaluations. When configuration is null, the profile job will run with default settings.
", + "DescribeJobRunResponse$ProfileConfiguration": "Configuration for profile jobs. Used to select columns, do evaluations, and override default parameters of evaluations. When configuration is null, the profile job will run with default settings.
", + "UpdateProfileJobRequest$Configuration": "Configuration for profile jobs. Used to select columns, do evaluations, and override default parameters of evaluations. When configuration is null, the profile job will run with default settings.
" + } + }, "Project": { "base": "Represents all of the attributes of a DataBrew project.
", "refs": { @@ -1280,9 +1342,9 @@ } }, "S3TableOutputOptions": { - "base": "Represents options that specify how and where DataBrew writes the S3 output generated by recipe jobs.
", + "base": "Represents options that specify how and where DataBrew writes the Amazon S3 output generated by recipe jobs.
", "refs": { - "DataCatalogOutput$S3Options": "Represents options that specify how and where DataBrew writes the S3 output generated by recipe jobs.
" + "DataCatalogOutput$S3Options": "Represents options that specify how and where DataBrew writes the Amazon S3 output generated by recipe jobs.
" } }, "Sample": { @@ -1423,6 +1485,38 @@ "JobRun$StartedBy": "The Amazon Resource Name (ARN) of the user who initiated the job run.
" } }, + "Statistic": { + "base": null, + "refs": { + "StatisticList$member": null, + "StatisticOverride$Statistic": "The name of an evaluation
" + } + }, + "StatisticList": { + "base": null, + "refs": { + "StatisticsConfiguration$IncludedStatistics": "List of included evaluations. When the list is undefined, all supported evaluations will be included.
" + } + }, + "StatisticOverride": { + "base": "Override of a particular evaluation for a profile job.
", + "refs": { + "StatisticOverrideList$member": null + } + }, + "StatisticOverrideList": { + "base": null, + "refs": { + "StatisticsConfiguration$Overrides": "List of overrides for evaluations.
" + } + }, + "StatisticsConfiguration": { + "base": "Configuration of evaluations for a profile job. This configuration can be used to select evaluations and override the parameters of selected evaluations.
", + "refs": { + "ColumnStatisticsConfiguration$Statistics": "Configuration for evaluations. Statistics can be used to select evaluations and override parameters of evaluations.
", + "ProfileConfiguration$DatasetStatisticsConfiguration": "Configuration for inter-column evaluations. Configuration can be used to select evaluations and override parameters of evaluations. When configuration is undefined, the profile job will run all supported inter-column evaluations.
" + } + }, "StepIndex": { "base": null, "refs": { diff --git a/models/apis/ec2/2016-11-15/api-2.json b/models/apis/ec2/2016-11-15/api-2.json index 52c0640774..dd85f199fb 100755 --- a/models/apis/ec2/2016-11-15/api-2.json +++ b/models/apis/ec2/2016-11-15/api-2.json @@ -772,6 +772,15 @@ "input":{"shape":"CreateSubnetRequest"}, "output":{"shape":"CreateSubnetResult"} }, + "CreateSubnetCidrReservation":{ + "name":"CreateSubnetCidrReservation", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"CreateSubnetCidrReservationRequest"}, + "output":{"shape":"CreateSubnetCidrReservationResult"} + }, "CreateTags":{ "name":"CreateTags", "http":{ @@ -1251,6 +1260,15 @@ }, "input":{"shape":"DeleteSubnetRequest"} }, + "DeleteSubnetCidrReservation":{ + "name":"DeleteSubnetCidrReservation", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"DeleteSubnetCidrReservationRequest"}, + "output":{"shape":"DeleteSubnetCidrReservationResult"} + }, "DeleteTags":{ "name":"DeleteTags", "http":{ @@ -3108,6 +3126,15 @@ "input":{"shape":"GetSerialConsoleAccessStatusRequest"}, "output":{"shape":"GetSerialConsoleAccessStatusResult"} }, + "GetSubnetCidrReservations":{ + "name":"GetSubnetCidrReservations", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"GetSubnetCidrReservationsRequest"}, + "output":{"shape":"GetSubnetCidrReservationsResult"} + }, "GetTransitGatewayAttachmentPropagations":{ "name":"GetTransitGatewayAttachmentPropagations", "http":{ @@ -4914,6 +4941,11 @@ "shape":"Ipv6AddressList", "locationName":"ipv6Addresses" }, + "Ipv6PrefixCount":{"shape":"Integer"}, + "Ipv6Prefixes":{ + "shape":"IpPrefixList", + "locationName":"Ipv6Prefix" + }, "NetworkInterfaceId":{ "shape":"NetworkInterfaceId", "locationName":"networkInterfaceId" @@ -4927,6 +4959,10 @@ "shape":"Ipv6AddressList", "locationName":"assignedIpv6Addresses" }, + "AssignedIpv6Prefixes":{ + "shape":"IpPrefixList", + "locationName":"assignedIpv6PrefixSet" + }, "NetworkInterfaceId":{ "shape":"String", "locationName":"networkInterfaceId" @@ -4952,7 +4988,12 @@ "SecondaryPrivateIpAddressCount":{ "shape":"Integer", "locationName":"secondaryPrivateIpAddressCount" - } + }, + "Ipv4Prefixes":{ + "shape":"IpPrefixList", + "locationName":"Ipv4Prefix" + }, + "Ipv4PrefixCount":{"shape":"Integer"} } }, "AssignPrivateIpAddressesResult":{ @@ -4965,6 +5006,10 @@ "AssignedPrivateIpAddresses":{ "shape":"AssignedPrivateIpAddressList", "locationName":"assignedPrivateIpAddressesSet" + }, + "AssignedIpv4Prefixes":{ + "shape":"Ipv4PrefixesList", + "locationName":"assignedIpv4PrefixSet" } } }, @@ -8478,6 +8523,16 @@ "shape":"Integer", "locationName":"secondaryPrivateIpAddressCount" }, + "Ipv4Prefixes":{ + "shape":"Ipv4PrefixList", + "locationName":"Ipv4Prefix" + }, + "Ipv4PrefixCount":{"shape":"Integer"}, + "Ipv6Prefixes":{ + "shape":"Ipv6PrefixList", + "locationName":"Ipv6Prefix" + }, + "Ipv6PrefixCount":{"shape":"Integer"}, "InterfaceType":{"shape":"NetworkInterfaceCreationType"}, "SubnetId":{ "shape":"SubnetId", @@ -8841,11 +8896,39 @@ } } }, + "CreateSubnetCidrReservationRequest":{ + "type":"structure", + "required":[ + "SubnetId", + "Cidr", + "ReservationType" + ], + "members":{ + "TagSpecifications":{ + "shape":"TagSpecificationList", + "locationName":"TagSpecification" + }, + "SubnetId":{"shape":"SubnetId"}, + "Cidr":{"shape":"String"}, + "ReservationType":{"shape":"SubnetCidrReservationType"}, + "Description":{"shape":"String"}, + "DryRun":{"shape":"Boolean"} + } + }, + "CreateSubnetCidrReservationResult":{ + "type":"structure", + "members":{ + "SubnetCidrReservation":{ + "shape":"SubnetCidrReservation", + "locationName":"subnetCidrReservation" + } + } + }, "CreateSubnetRequest":{ "type":"structure", "required":[ - "CidrBlock", - "VpcId" + "VpcId", + "CidrBlock" ], "members":{ "TagSpecifications":{ @@ -8854,14 +8937,14 @@ }, "AvailabilityZone":{"shape":"String"}, "AvailabilityZoneId":{"shape":"String"}, - "CidrBlock":{"shape":"String"}, "Ipv6CidrBlock":{"shape":"String"}, "OutpostArn":{"shape":"String"}, "VpcId":{"shape":"VpcId"}, "DryRun":{ "shape":"Boolean", "locationName":"dryRun" - } + }, + "CidrBlock":{"shape":"String"} } }, "CreateSubnetResult":{ @@ -10378,6 +10461,23 @@ } } }, + "DeleteSubnetCidrReservationRequest":{ + "type":"structure", + "required":["SubnetCidrReservationId"], + "members":{ + "SubnetCidrReservationId":{"shape":"SubnetCidrReservationId"}, + "DryRun":{"shape":"Boolean"} + } + }, + "DeleteSubnetCidrReservationResult":{ + "type":"structure", + "members":{ + "DeletedSubnetCidrReservation":{ + "shape":"SubnetCidrReservation", + "locationName":"deletedSubnetCidrReservation" + } + } + }, "DeleteSubnetRequest":{ "type":"structure", "required":["SubnetId"], @@ -18059,6 +18159,42 @@ } } }, + "GetSubnetCidrReservationsMaxResults":{ + "type":"integer", + "max":1000, + "min":5 + }, + "GetSubnetCidrReservationsRequest":{ + "type":"structure", + "required":["SubnetId"], + "members":{ + "Filters":{ + "shape":"FilterList", + "locationName":"Filter" + }, + "SubnetId":{"shape":"SubnetId"}, + "DryRun":{"shape":"Boolean"}, + "NextToken":{"shape":"String"}, + "MaxResults":{"shape":"GetSubnetCidrReservationsMaxResults"} + } + }, + "GetSubnetCidrReservationsResult":{ + "type":"structure", + "members":{ + "SubnetIpv4CidrReservations":{ + "shape":"SubnetCidrReservationList", + "locationName":"subnetIpv4CidrReservationSet" + }, + "SubnetIpv6CidrReservations":{ + "shape":"SubnetCidrReservationList", + "locationName":"subnetIpv6CidrReservationSet" + }, + "NextToken":{ + "shape":"String", + "locationName":"nextToken" + } + } + }, "GetTransitGatewayAttachmentPropagationsRequest":{ "type":"structure", "required":["TransitGatewayAttachmentId"], @@ -20243,6 +20379,22 @@ "terminate" ] }, + "InstanceIpv4Prefix":{ + "type":"structure", + "members":{ + "Ipv4Prefix":{ + "shape":"String", + "locationName":"ipv4Prefix" + } + } + }, + "InstanceIpv4PrefixList":{ + "type":"list", + "member":{ + "shape":"InstanceIpv4Prefix", + "locationName":"item" + } + }, "InstanceIpv6Address":{ "type":"structure", "members":{ @@ -20272,6 +20424,22 @@ "Ipv6Address":{"shape":"String"} } }, + "InstanceIpv6Prefix":{ + "type":"structure", + "members":{ + "Ipv6Prefix":{ + "shape":"String", + "locationName":"ipv6Prefix" + } + } + }, + "InstanceIpv6PrefixList":{ + "type":"list", + "member":{ + "shape":"InstanceIpv6Prefix", + "locationName":"item" + } + }, "InstanceLifecycle":{ "type":"string", "enum":[ @@ -20436,6 +20604,14 @@ "InterfaceType":{ "shape":"String", "locationName":"interfaceType" + }, + "Ipv4Prefixes":{ + "shape":"InstanceIpv4PrefixList", + "locationName":"ipv4PrefixSet" + }, + "Ipv6Prefixes":{ + "shape":"InstanceIpv6PrefixList", + "locationName":"ipv6PrefixSet" } } }, @@ -20551,7 +20727,17 @@ }, "AssociateCarrierIpAddress":{"shape":"Boolean"}, "InterfaceType":{"shape":"String"}, - "NetworkCardIndex":{"shape":"Integer"} + "NetworkCardIndex":{"shape":"Integer"}, + "Ipv4Prefixes":{ + "shape":"Ipv4PrefixList", + "locationName":"Ipv4Prefix" + }, + "Ipv4PrefixCount":{"shape":"Integer"}, + "Ipv6Prefixes":{ + "shape":"Ipv6PrefixList", + "locationName":"Ipv6Prefix" + }, + "Ipv6PrefixCount":{"shape":"Integer"} } }, "InstanceNetworkInterfaceSpecificationList":{ @@ -21502,6 +21688,13 @@ "locationName":"item" } }, + "IpPrefixList":{ + "type":"list", + "member":{ + "shape":"String", + "locationName":"item" + } + }, "IpRange":{ "type":"structure", "members":{ @@ -21530,6 +21723,51 @@ } }, "Ipv4PoolEc2Id":{"type":"string"}, + "Ipv4PrefixList":{ + "type":"list", + "member":{ + "shape":"Ipv4PrefixSpecificationRequest", + "locationName":"item" + } + }, + "Ipv4PrefixListResponse":{ + "type":"list", + "member":{ + "shape":"Ipv4PrefixSpecificationResponse", + "locationName":"item" + } + }, + "Ipv4PrefixSpecification":{ + "type":"structure", + "members":{ + "Ipv4Prefix":{ + "shape":"String", + "locationName":"ipv4Prefix" + } + } + }, + "Ipv4PrefixSpecificationRequest":{ + "type":"structure", + "members":{ + "Ipv4Prefix":{"shape":"String"} + } + }, + "Ipv4PrefixSpecificationResponse":{ + "type":"structure", + "members":{ + "Ipv4Prefix":{ + "shape":"String", + "locationName":"ipv4Prefix" + } + } + }, + "Ipv4PrefixesList":{ + "type":"list", + "member":{ + "shape":"Ipv4PrefixSpecification", + "locationName":"item" + } + }, "Ipv6Address":{"type":"string"}, "Ipv6AddressList":{ "type":"list", @@ -21616,6 +21854,51 @@ "locationName":"item" } }, + "Ipv6PrefixList":{ + "type":"list", + "member":{ + "shape":"Ipv6PrefixSpecificationRequest", + "locationName":"item" + } + }, + "Ipv6PrefixListResponse":{ + "type":"list", + "member":{ + "shape":"Ipv6PrefixSpecificationResponse", + "locationName":"item" + } + }, + "Ipv6PrefixSpecification":{ + "type":"structure", + "members":{ + "Ipv6Prefix":{ + "shape":"String", + "locationName":"ipv6Prefix" + } + } + }, + "Ipv6PrefixSpecificationRequest":{ + "type":"structure", + "members":{ + "Ipv6Prefix":{"shape":"String"} + } + }, + "Ipv6PrefixSpecificationResponse":{ + "type":"structure", + "members":{ + "Ipv6Prefix":{ + "shape":"String", + "locationName":"ipv6Prefix" + } + } + }, + "Ipv6PrefixesList":{ + "type":"list", + "member":{ + "shape":"Ipv6PrefixSpecification", + "locationName":"item" + } + }, "Ipv6Range":{ "type":"structure", "members":{ @@ -22266,6 +22549,22 @@ "NetworkCardIndex":{ "shape":"Integer", "locationName":"networkCardIndex" + }, + "Ipv4Prefixes":{ + "shape":"Ipv4PrefixListResponse", + "locationName":"ipv4PrefixSet" + }, + "Ipv4PrefixCount":{ + "shape":"Integer", + "locationName":"ipv4PrefixCount" + }, + "Ipv6Prefixes":{ + "shape":"Ipv6PrefixListResponse", + "locationName":"ipv6PrefixSet" + }, + "Ipv6PrefixCount":{ + "shape":"Integer", + "locationName":"ipv6PrefixCount" } } }, @@ -22296,7 +22595,17 @@ "PrivateIpAddresses":{"shape":"PrivateIpAddressSpecificationList"}, "SecondaryPrivateIpAddressCount":{"shape":"Integer"}, "SubnetId":{"shape":"SubnetId"}, - "NetworkCardIndex":{"shape":"Integer"} + "NetworkCardIndex":{"shape":"Integer"}, + "Ipv4Prefixes":{ + "shape":"Ipv4PrefixList", + "locationName":"Ipv4Prefix" + }, + "Ipv4PrefixCount":{"shape":"Integer"}, + "Ipv6Prefixes":{ + "shape":"Ipv6PrefixList", + "locationName":"Ipv6Prefix" + }, + "Ipv6PrefixCount":{"shape":"Integer"} } }, "LaunchTemplateInstanceNetworkInterfaceSpecificationRequestList":{ @@ -24932,6 +25241,14 @@ "shape":"NetworkInterfacePrivateIpAddressList", "locationName":"privateIpAddressesSet" }, + "Ipv4Prefixes":{ + "shape":"Ipv4PrefixesList", + "locationName":"ipv4PrefixSet" + }, + "Ipv6Prefixes":{ + "shape":"Ipv6PrefixesList", + "locationName":"ipv6PrefixSet" + }, "RequesterId":{ "shape":"String", "locationName":"requesterId" @@ -30888,6 +31205,54 @@ "failed" ] }, + "SubnetCidrReservation":{ + "type":"structure", + "members":{ + "SubnetCidrReservationId":{ + "shape":"SubnetCidrReservationId", + "locationName":"subnetCidrReservationId" + }, + "SubnetId":{ + "shape":"SubnetId", + "locationName":"subnetId" + }, + "Cidr":{ + "shape":"String", + "locationName":"cidr" + }, + "ReservationType":{ + "shape":"SubnetCidrReservationType", + "locationName":"reservationType" + }, + "OwnerId":{ + "shape":"String", + "locationName":"ownerId" + }, + "Description":{ + "shape":"String", + "locationName":"description" + }, + "Tags":{ + "shape":"TagList", + "locationName":"tagSet" + } + } + }, + "SubnetCidrReservationId":{"type":"string"}, + "SubnetCidrReservationList":{ + "type":"list", + "member":{ + "shape":"SubnetCidrReservation", + "locationName":"item" + } + }, + "SubnetCidrReservationType":{ + "type":"string", + "enum":[ + "prefix", + "explicit" + ] + }, "SubnetId":{"type":"string"}, "SubnetIdStringList":{ "type":"list", @@ -32862,18 +33227,19 @@ }, "UnassignIpv6AddressesRequest":{ "type":"structure", - "required":[ - "NetworkInterfaceId", - "Ipv6Addresses" - ], + "required":["NetworkInterfaceId"], "members":{ - "NetworkInterfaceId":{ - "shape":"NetworkInterfaceId", - "locationName":"networkInterfaceId" - }, "Ipv6Addresses":{ "shape":"Ipv6AddressList", "locationName":"ipv6Addresses" + }, + "Ipv6Prefixes":{ + "shape":"IpPrefixList", + "locationName":"Ipv6Prefix" + }, + "NetworkInterfaceId":{ + "shape":"NetworkInterfaceId", + "locationName":"networkInterfaceId" } } }, @@ -32887,15 +33253,16 @@ "UnassignedIpv6Addresses":{ "shape":"Ipv6AddressList", "locationName":"unassignedIpv6Addresses" + }, + "UnassignedIpv6Prefixes":{ + "shape":"IpPrefixList", + "locationName":"unassignedIpv6PrefixSet" } } }, "UnassignPrivateIpAddressesRequest":{ "type":"structure", - "required":[ - "NetworkInterfaceId", - "PrivateIpAddresses" - ], + "required":["NetworkInterfaceId"], "members":{ "NetworkInterfaceId":{ "shape":"NetworkInterfaceId", @@ -32904,6 +33271,10 @@ "PrivateIpAddresses":{ "shape":"PrivateIpAddressStringList", "locationName":"privateIpAddress" + }, + "Ipv4Prefixes":{ + "shape":"IpPrefixList", + "locationName":"Ipv4Prefix" } } }, diff --git a/models/apis/ec2/2016-11-15/docs-2.json b/models/apis/ec2/2016-11-15/docs-2.json index d76a4d9770..7207ff2053 100755 --- a/models/apis/ec2/2016-11-15/docs-2.json +++ b/models/apis/ec2/2016-11-15/docs-2.json @@ -12,20 +12,20 @@ "AllocateAddress": "Allocates an Elastic IP address to your account. After you allocate the Elastic IP address you can associate it with an instance or network interface. After you release an Elastic IP address, it is released to the IP address pool and can be allocated to a different account.
You can allocate an Elastic IP address from an address pool owned by Amazon Web Services or from an address pool created from a public IPv4 address range that you have brought to Amazon Web Services for use with your Amazon Web Services resources using bring your own IP addresses (BYOIP). For more information, see Bring Your Own IP Addresses (BYOIP) in the Amazon Elastic Compute Cloud User Guide.
[EC2-VPC] If you release an Elastic IP address, you might be able to recover it. You cannot recover an Elastic IP address that you released after it is allocated to another account. You cannot recover an Elastic IP address for EC2-Classic. To attempt to recover an Elastic IP address that you released, specify it in this operation.
An Elastic IP address is for use either in the EC2-Classic platform or in a VPC. By default, you can allocate 5 Elastic IP addresses for EC2-Classic per Region and 5 Elastic IP addresses for EC2-VPC per Region.
For more information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide.
You can allocate a carrier IP address which is a public IP address from a telecommunication carrier, to a network interface which resides in a subnet in a Wavelength Zone (for example an EC2 instance).
", "AllocateHosts": "Allocates a Dedicated Host to your account. At a minimum, specify the supported instance type or instance family, the Availability Zone in which to allocate the host, and the number of hosts to allocate.
", "ApplySecurityGroupsToClientVpnTargetNetwork": "Applies a security group to the association between the target network and the Client VPN endpoint. This action replaces the existing security groups with the specified security groups.
", - "AssignIpv6Addresses": "Assigns one or more IPv6 addresses to the specified network interface. You can specify one or more specific IPv6 addresses, or you can specify the number of IPv6 addresses to be automatically assigned from within the subnet's IPv6 CIDR block range. You can assign as many IPv6 addresses to a network interface as you can assign private IPv4 addresses, and the limit varies per instance type. For information, see IP Addresses Per Network Interface Per Instance Type in the Amazon Elastic Compute Cloud User Guide.
You must specify either the IPv6 addresses or the IPv6 address count in the request.
", - "AssignPrivateIpAddresses": "Assigns one or more secondary private IP addresses to the specified network interface.
You can specify one or more specific secondary IP addresses, or you can specify the number of secondary IP addresses to be automatically assigned within the subnet's CIDR block range. The number of secondary IP addresses that you can assign to an instance varies by instance type. For information about instance types, see Instance Types in the Amazon Elastic Compute Cloud User Guide. For more information about Elastic IP addresses, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide.
When you move a secondary private IP address to another network interface, any Elastic IP address that is associated with the IP address is also moved.
Remapping an IP address is an asynchronous operation. When you move an IP address from one network interface to another, check network/interfaces/macs/mac/local-ipv4s
in the instance metadata to confirm that the remapping is complete.
You must specify either the IP addresses or the IP address count in the request.
", + "AssignIpv6Addresses": "Assigns one or more IPv6 addresses to the specified network interface. You can specify one or more specific IPv6 addresses, or you can specify the number of IPv6 addresses to be automatically assigned from within the subnet's IPv6 CIDR block range. You can assign as many IPv6 addresses to a network interface as you can assign private IPv4 addresses, and the limit varies per instance type. For information, see IP Addresses Per Network Interface Per Instance Type in the Amazon Elastic Compute Cloud User Guide.
You must specify either the IPv6 addresses or the IPv6 address count in the request.
You can optionally use Prefix Delegation on the network interface. You must specify either the IPV6 Prefix Delegation prefixes, or the IPv6 Prefix Delegation count. For information, see Prefix Delegation in the Amazon Elastic Compute Cloud User Guide.
", + "AssignPrivateIpAddresses": "Assigns one or more secondary private IP addresses to the specified network interface.
You can specify one or more specific secondary IP addresses, or you can specify the number of secondary IP addresses to be automatically assigned within the subnet's CIDR block range. The number of secondary IP addresses that you can assign to an instance varies by instance type. For information about instance types, see Instance Types in the Amazon Elastic Compute Cloud User Guide. For more information about Elastic IP addresses, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide.
When you move a secondary private IP address to another network interface, any Elastic IP address that is associated with the IP address is also moved.
Remapping an IP address is an asynchronous operation. When you move an IP address from one network interface to another, check network/interfaces/macs/mac/local-ipv4s
in the instance metadata to confirm that the remapping is complete.
You must specify either the IP addresses or the IP address count in the request.
You can optionally use Prefix Delegation on the network interface. You must specify either the IPv4 Prefix Delegation prefixes, or the IPv4 Prefix Delegation count. For information, see Prefix Delegation in the Amazon Elastic Compute Cloud User Guide.
", "AssociateAddress": "Associates an Elastic IP address, or carrier IP address (for instances that are in subnets in Wavelength Zones) with an instance or a network interface. Before you can use an Elastic IP address, you must allocate it to your account.
An Elastic IP address is for use in either the EC2-Classic platform or in a VPC. For more information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide.
[EC2-Classic, VPC in an EC2-VPC-only account] If the Elastic IP address is already associated with a different instance, it is disassociated from that instance and associated with the specified instance. If you associate an Elastic IP address with an instance that has an existing Elastic IP address, the existing address is disassociated from the instance, but remains allocated to your account.
[VPC in an EC2-Classic account] If you don't specify a private IP address, the Elastic IP address is associated with the primary IP address. If the Elastic IP address is already associated with a different instance or a network interface, you get an error unless you allow reassociation. You cannot associate an Elastic IP address with an instance or network interface that has an existing Elastic IP address.
[Subnets in Wavelength Zones] You can associate an IP address from the telecommunication carrier to the instance or network interface.
You cannot associate an Elastic IP address with an interface in a different network border group.
This is an idempotent operation. If you perform the operation more than once, Amazon EC2 doesn't return an error, and you may be charged for each time the Elastic IP address is remapped to the same instance. For more information, see the Elastic IP Addresses section of Amazon EC2 Pricing.
Associates a target network with a Client VPN endpoint. A target network is a subnet in a VPC. You can associate multiple subnets from the same VPC with a Client VPN endpoint. You can associate only one subnet in each Availability Zone. We recommend that you associate at least two subnets to provide Availability Zone redundancy.
If you specified a VPC when you created the Client VPN endpoint or if you have previous subnet associations, the specified subnet must be in the same VPC. To specify a subnet that's in a different VPC, you must first modify the Client VPN endpoint (ModifyClientVpnEndpoint) and change the VPC that's associated with it.
", - "AssociateDhcpOptions": "Associates a set of DHCP options (that you've previously created) with the specified VPC, or associates no DHCP options with the VPC.
After you associate the options with the VPC, any existing instances and all new instances that you launch in that VPC use the options. You don't need to restart or relaunch the instances. They automatically pick up the changes within a few hours, depending on how frequently the instance renews its DHCP lease. You can explicitly renew the lease using the operating system on the instance.
For more information, see DHCP Options Sets in the Amazon Virtual Private Cloud User Guide.
", + "AssociateDhcpOptions": "Associates a set of DHCP options (that you've previously created) with the specified VPC, or associates no DHCP options with the VPC.
After you associate the options with the VPC, any existing instances and all new instances that you launch in that VPC use the options. You don't need to restart or relaunch the instances. They automatically pick up the changes within a few hours, depending on how frequently the instance renews its DHCP lease. You can explicitly renew the lease using the operating system on the instance.
For more information, see DHCP options sets in the Amazon Virtual Private Cloud User Guide.
", "AssociateEnclaveCertificateIamRole": "Associates an Identity and Access Management (IAM) role with an Certificate Manager (ACM) certificate. This enables the certificate to be used by the ACM for Nitro Enclaves application inside an enclave. For more information, see Certificate Manager for Nitro Enclaves in the Amazon Web Services Nitro Enclaves User Guide.
When the IAM role is associated with the ACM certificate, the certificate, certificate chain, and encrypted private key are placed in an Amazon S3 bucket that only the associated IAM role can access. The private key of the certificate is encrypted with an Amazon Web Services managed key that has an attached attestation-based key policy.
To enable the IAM role to access the Amazon S3 object, you must grant it permission to call s3:GetObject
on the Amazon S3 bucket returned by the command. To enable the IAM role to access the KMS key, you must grant it permission to call kms:Decrypt
on the KMS key returned by the command. For more information, see Grant the role permission to access the certificate and encryption key in the Amazon Web Services Nitro Enclaves User Guide.
Associates an IAM instance profile with a running or stopped instance. You cannot associate more than one IAM instance profile with an instance.
", - "AssociateInstanceEventWindow": "Associates one or more targets with an event window. Only one type of target (instance IDs, Dedicated Host IDs, or tags) can be specified with an event window.
For more information, see Define event windows for scheduled events in the Amazon EC2 User Guide.
", - "AssociateRouteTable": "Associates a subnet in your VPC or an internet gateway or virtual private gateway attached to your VPC with a route table in your VPC. This association causes traffic from the subnet or gateway to be routed according to the routes in the route table. The action returns an association ID, which you need in order to disassociate the route table later. A route table can be associated with multiple subnets.
For more information, see Route Tables in the Amazon Virtual Private Cloud User Guide.
", + "AssociateInstanceEventWindow": "Associates one or more targets with an event window. Only one type of target (instance IDs, Dedicated Host IDs, or tags) can be specified with an event window.
For more information, see Define event windows for scheduled events in the Amazon EC2 User Guide.
", + "AssociateRouteTable": "Associates a subnet in your VPC or an internet gateway or virtual private gateway attached to your VPC with a route table in your VPC. This association causes traffic from the subnet or gateway to be routed according to the routes in the route table. The action returns an association ID, which you need in order to disassociate the route table later. A route table can be associated with multiple subnets.
For more information, see Route tables in the Amazon Virtual Private Cloud User Guide.
", "AssociateSubnetCidrBlock": "Associates a CIDR block with your subnet. You can only associate a single IPv6 CIDR block with your subnet. An IPv6 CIDR block must have a prefix length of /64.
", "AssociateTransitGatewayMulticastDomain": "Associates the specified subnets and transit gateway attachments with the specified transit gateway multicast domain.
The transit gateway attachment must be in the available state before you can add a resource. Use DescribeTransitGatewayAttachments to see the state of the attachment.
", "AssociateTransitGatewayRouteTable": "Associates the specified attachment with the specified transit gateway route table. You can associate only one route table with an attachment.
", "AssociateTrunkInterface": "Associates a branch network interface with a trunk network interface.
Before you create the association, run the create-network-interface command and set --interface-type
to trunk
. You must also create a network interface for each branch network interface that you want to associate with the trunk network interface.
For more information, see Network interface trunking in the Amazon Elastic Compute Cloud User Guide.
", - "AssociateVpcCidrBlock": "Associates a CIDR block with your VPC. You can associate a secondary IPv4 CIDR block, an Amazon-provided IPv6 CIDR block, or an IPv6 CIDR block from an IPv6 address pool that you provisioned through bring your own IP addresses (BYOIP). The IPv6 CIDR block size is fixed at /56.
You must specify one of the following in the request: an IPv4 CIDR block, an IPv6 pool, or an Amazon-provided IPv6 CIDR block.
For more information about associating CIDR blocks with your VPC and applicable restrictions, see VPC and Subnet Sizing in the Amazon Virtual Private Cloud User Guide.
", + "AssociateVpcCidrBlock": "Associates a CIDR block with your VPC. You can associate a secondary IPv4 CIDR block, an Amazon-provided IPv6 CIDR block, or an IPv6 CIDR block from an IPv6 address pool that you provisioned through bring your own IP addresses (BYOIP). The IPv6 CIDR block size is fixed at /56.
You must specify one of the following in the request: an IPv4 CIDR block, an IPv6 pool, or an Amazon-provided IPv6 CIDR block.
For more information about associating CIDR blocks with your VPC and applicable restrictions, see VPC and subnet sizing in the Amazon Virtual Private Cloud User Guide.
", "AttachClassicLinkVpc": "Links an EC2-Classic instance to a ClassicLink-enabled VPC through one or more of the VPC's security groups. You cannot link an EC2-Classic instance to more than one VPC at a time. You can only link an instance that's in the running
state. An instance is automatically unlinked from a VPC when it's stopped - you can link it to the VPC again when you restart it.
After you've linked an instance, you cannot change the VPC security groups that are associated with it. To change the security groups, you must first unlink the instance, and then link it again.
Linking your instance to a VPC is sometimes referred to as attaching your instance.
", "AttachInternetGateway": "Attaches an internet gateway or a virtual private gateway to a VPC, enabling connectivity between the internet and the VPC. For more information about your VPC and internet gateway, see the Amazon Virtual Private Cloud User Guide.
", "AttachNetworkInterface": "Attaches a network interface to an instance.
", @@ -48,19 +48,19 @@ "CopyImage": "Initiates the copy of an AMI. You can copy an AMI from one Region to another, or from a Region to an AWS Outpost. You can't copy an AMI from an Outpost to a Region, from one Outpost to another, or within the same Outpost. To copy an AMI to another partition, see CreateStoreImageTask.
To copy an AMI from one Region to another, specify the source Region using the SourceRegion parameter, and specify the destination Region using its endpoint. Copies of encrypted backing snapshots for the AMI are encrypted. Copies of unencrypted backing snapshots remain unencrypted, unless you set Encrypted
during the copy operation. You cannot create an unencrypted copy of an encrypted backing snapshot.
To copy an AMI from a Region to an Outpost, specify the source Region using the SourceRegion parameter, and specify the ARN of the destination Outpost using DestinationOutpostArn. Backing snapshots copied to an Outpost are encrypted by default using the default encryption key for the Region, or a different key that you specify in the request using KmsKeyId. Outposts do not support unencrypted snapshots. For more information, Amazon EBS local snapshots on Outposts in the Amazon Elastic Compute Cloud User Guide.
For more information about the prerequisites and limits when copying an AMI, see Copying an AMI in the Amazon Elastic Compute Cloud User Guide.
", "CopySnapshot": "Copies a point-in-time snapshot of an EBS volume and stores it in Amazon S3. You can copy a snapshot within the same Region, from one Region to another, or from a Region to an Outpost. You can't copy a snapshot from an Outpost to a Region, from one Outpost to another, or within the same Outpost.
You can use the snapshot to create EBS volumes or Amazon Machine Images (AMIs).
When copying snapshots to a Region, copies of encrypted EBS snapshots remain encrypted. Copies of unencrypted snapshots remain unencrypted, unless you enable encryption for the snapshot copy operation. By default, encrypted snapshot copies use the default Key Management Service (KMS) KMS key; however, you can specify a different KMS key. To copy an encrypted snapshot that has been shared from another account, you must have permissions for the KMS key used to encrypt the snapshot.
Snapshots copied to an Outpost are encrypted by default using the default encryption key for the Region, or a different key that you specify in the request using KmsKeyId. Outposts do not support unencrypted snapshots. For more information, Amazon EBS local snapshots on Outposts in the Amazon Elastic Compute Cloud User Guide.
Snapshots created by copying another snapshot have an arbitrary volume ID that should not be used for any purpose.
For more information, see Copy an Amazon EBS snapshot in the Amazon Elastic Compute Cloud User Guide.
", "CreateCapacityReservation": "Creates a new Capacity Reservation with the specified attributes.
Capacity Reservations enable you to reserve capacity for your Amazon EC2 instances in a specific Availability Zone for any duration. This gives you the flexibility to selectively add capacity reservations and still get the Regional RI discounts for that usage. By creating Capacity Reservations, you ensure that you always have access to Amazon EC2 capacity when you need it, for as long as you need it. For more information, see Capacity Reservations in the Amazon EC2 User Guide.
Your request to create a Capacity Reservation could fail if Amazon EC2 does not have sufficient capacity to fulfill the request. If your request fails due to Amazon EC2 capacity constraints, either try again at a later time, try in a different Availability Zone, or request a smaller capacity reservation. If your application is flexible across instance types and sizes, try to create a Capacity Reservation with different instance attributes.
Your request could also fail if the requested quantity exceeds your On-Demand Instance limit for the selected instance type. If your request fails due to limit constraints, increase your On-Demand Instance limit for the required instance type and try again. For more information about increasing your instance limits, see Amazon EC2 Service Quotas in the Amazon EC2 User Guide.
", - "CreateCarrierGateway": "Creates a carrier gateway. For more information about carrier gateways, see Carrier gateways in the AWS Wavelength Developer Guide.
", + "CreateCarrierGateway": "Creates a carrier gateway. For more information about carrier gateways, see Carrier gateways in the Amazon Web Services Wavelength Developer Guide.
", "CreateClientVpnEndpoint": "Creates a Client VPN endpoint. A Client VPN endpoint is the resource you create and configure to enable and manage client VPN sessions. It is the destination endpoint at which all client VPN sessions are terminated.
", "CreateClientVpnRoute": "Adds a route to a network to a Client VPN endpoint. Each Client VPN endpoint has a route table that describes the available destination network routes. Each route in the route table specifies the path for traffic to specific resources or networks.
", "CreateCustomerGateway": "Provides information to AWS about your VPN customer gateway device. The customer gateway is the appliance at your end of the VPN connection. (The device on the AWS side of the VPN connection is the virtual private gateway.) You must provide the internet-routable IP address of the customer gateway's external interface. The IP address must be static and can be behind a device performing network address translation (NAT).
For devices that use Border Gateway Protocol (BGP), you can also provide the device's BGP Autonomous System Number (ASN). You can use an existing ASN assigned to your network. If you don't have an ASN already, you can use a private ASN (in the 64512 - 65534 range).
Amazon EC2 supports all 4-byte ASN numbers in the range of 1 - 2147483647, with the exception of the following:
7224 - reserved in the us-east-1
Region
9059 - reserved in the eu-west-1
Region
17943 - reserved in the ap-southeast-1
Region
10124 - reserved in the ap-northeast-1
Region
For more information, see AWS Site-to-Site VPN in the AWS Site-to-Site VPN User Guide.
To create more than one customer gateway with the same VPN type, IP address, and BGP ASN, specify a unique device name for each customer gateway. Identical requests return information about the existing customer gateway and do not create new customer gateways.
Creates a default subnet with a size /20
IPv4 CIDR block in the specified Availability Zone in your default VPC. You can have only one default subnet per Availability Zone. For more information, see Creating a Default Subnet in the Amazon Virtual Private Cloud User Guide.
Creates a default VPC with a size /16
IPv4 CIDR block and a default subnet in each Availability Zone. For more information about the components of a default VPC, see Default VPC and Default Subnets in the Amazon Virtual Private Cloud User Guide. You cannot specify the components of the default VPC yourself.
If you deleted your previous default VPC, you can create a default VPC. You cannot have more than one default VPC per Region.
If your account supports EC2-Classic, you cannot use this action to create a default VPC in a Region that supports EC2-Classic. If you want a default VPC in a Region that supports EC2-Classic, see \"I really want a default VPC for my existing EC2 account. Is that possible?\" in the Default VPCs FAQ.
", - "CreateDhcpOptions": "Creates a set of DHCP options for your VPC. After creating the set, you must associate it with the VPC, causing all existing and new instances that you launch in the VPC to use this set of DHCP options. The following are the individual DHCP options you can specify. For more information about the options, see RFC 2132.
domain-name-servers
- The IP addresses of up to four domain name servers, or AmazonProvidedDNS. The default DHCP option set specifies AmazonProvidedDNS. If specifying more than one domain name server, specify the IP addresses in a single parameter, separated by commas. To have your instance receive a custom DNS hostname as specified in domain-name
, you must set domain-name-servers
to a custom DNS server.
domain-name
- If you're using AmazonProvidedDNS in us-east-1
, specify ec2.internal
. If you're using AmazonProvidedDNS in another Region, specify region.compute.internal
(for example, ap-northeast-1.compute.internal
). Otherwise, specify a domain name (for example, ExampleCompany.com
). This value is used to complete unqualified DNS hostnames. Important: Some Linux operating systems accept multiple domain names separated by spaces. However, Windows and other Linux operating systems treat the value as a single domain, which results in unexpected behavior. If your DHCP options set is associated with a VPC that has instances with multiple operating systems, specify only one domain name.
ntp-servers
- The IP addresses of up to four Network Time Protocol (NTP) servers.
netbios-name-servers
- The IP addresses of up to four NetBIOS name servers.
netbios-node-type
- The NetBIOS node type (1, 2, 4, or 8). We recommend that you specify 2 (broadcast and multicast are not currently supported). For more information about these node types, see RFC 2132.
Your VPC automatically starts out with a set of DHCP options that includes only a DNS server that we provide (AmazonProvidedDNS). If you create a set of options, and if your VPC has an internet gateway, make sure to set the domain-name-servers
option either to AmazonProvidedDNS
or to a domain name server of your choice. For more information, see DHCP Options Sets in the Amazon Virtual Private Cloud User Guide.
Creates a default subnet with a size /20
IPv4 CIDR block in the specified Availability Zone in your default VPC. You can have only one default subnet per Availability Zone. For more information, see Creating a default subnet in the Amazon Virtual Private Cloud User Guide.
Creates a default VPC with a size /16
IPv4 CIDR block and a default subnet in each Availability Zone. For more information about the components of a default VPC, see Default VPC and default subnets in the Amazon Virtual Private Cloud User Guide. You cannot specify the components of the default VPC yourself.
If you deleted your previous default VPC, you can create a default VPC. You cannot have more than one default VPC per Region.
If your account supports EC2-Classic, you cannot use this action to create a default VPC in a Region that supports EC2-Classic. If you want a default VPC in a Region that supports EC2-Classic, see \"I really want a default VPC for my existing EC2 account. Is that possible?\" in the Default VPCs FAQ.
", + "CreateDhcpOptions": "Creates a set of DHCP options for your VPC. After creating the set, you must associate it with the VPC, causing all existing and new instances that you launch in the VPC to use this set of DHCP options. The following are the individual DHCP options you can specify. For more information about the options, see RFC 2132.
domain-name-servers
- The IP addresses of up to four domain name servers, or AmazonProvidedDNS. The default DHCP option set specifies AmazonProvidedDNS. If specifying more than one domain name server, specify the IP addresses in a single parameter, separated by commas. To have your instance receive a custom DNS hostname as specified in domain-name
, you must set domain-name-servers
to a custom DNS server.
domain-name
- If you're using AmazonProvidedDNS in us-east-1
, specify ec2.internal
. If you're using AmazonProvidedDNS in another Region, specify region.compute.internal
(for example, ap-northeast-1.compute.internal
). Otherwise, specify a domain name (for example, ExampleCompany.com
). This value is used to complete unqualified DNS hostnames. Important: Some Linux operating systems accept multiple domain names separated by spaces. However, Windows and other Linux operating systems treat the value as a single domain, which results in unexpected behavior. If your DHCP options set is associated with a VPC that has instances with multiple operating systems, specify only one domain name.
ntp-servers
- The IP addresses of up to four Network Time Protocol (NTP) servers.
netbios-name-servers
- The IP addresses of up to four NetBIOS name servers.
netbios-node-type
- The NetBIOS node type (1, 2, 4, or 8). We recommend that you specify 2 (broadcast and multicast are not currently supported). For more information about these node types, see RFC 2132.
Your VPC automatically starts out with a set of DHCP options that includes only a DNS server that we provide (AmazonProvidedDNS). If you create a set of options, and if your VPC has an internet gateway, make sure to set the domain-name-servers
option either to AmazonProvidedDNS
or to a domain name server of your choice. For more information, see DHCP options sets in the Amazon Virtual Private Cloud User Guide.
[IPv6 only] Creates an egress-only internet gateway for your VPC. An egress-only internet gateway is used to enable outbound communication over IPv6 from instances in your VPC to the internet, and prevents hosts outside of your VPC from initiating an IPv6 connection with your instance.
", "CreateFleet": "Launches an EC2 Fleet.
You can create a single EC2 Fleet that includes multiple launch specifications that vary by instance type, AMI, Availability Zone, or subnet.
For more information, see Launching an EC2 Fleet in the Amazon EC2 User Guide.
", - "CreateFlowLogs": "Creates one or more flow logs to capture information about IP traffic for a specific network interface, subnet, or VPC.
Flow log data for a monitored network interface is recorded as flow log records, which are log events consisting of fields that describe the traffic flow. For more information, see Flow Log Records in the Amazon Virtual Private Cloud User Guide.
When publishing to CloudWatch Logs, flow log records are published to a log group, and each network interface has a unique log stream in the log group. When publishing to Amazon S3, flow log records for all of the monitored network interfaces are published to a single log file object that is stored in the specified bucket.
For more information, see VPC Flow Logs in the Amazon Virtual Private Cloud User Guide.
", + "CreateFlowLogs": "Creates one or more flow logs to capture information about IP traffic for a specific network interface, subnet, or VPC.
Flow log data for a monitored network interface is recorded as flow log records, which are log events consisting of fields that describe the traffic flow. For more information, see Flow log records in the Amazon Virtual Private Cloud User Guide.
When publishing to CloudWatch Logs, flow log records are published to a log group, and each network interface has a unique log stream in the log group. When publishing to Amazon S3, flow log records for all of the monitored network interfaces are published to a single log file object that is stored in the specified bucket.
For more information, see VPC Flow Logs in the Amazon Virtual Private Cloud User Guide.
", "CreateFpgaImage": "Creates an Amazon FPGA Image (AFI) from the specified design checkpoint (DCP).
The create operation is asynchronous. To verify that the AFI is ready for use, check the output logs.
An AFI contains the FPGA bitstream that is ready to download to an FPGA. You can securely deploy an AFI on multiple FPGA-accelerated instances. For more information, see the AWS FPGA Hardware Development Kit.
", "CreateImage": "Creates an Amazon EBS-backed AMI from an Amazon EBS-backed instance that is either running or stopped.
If you customized your instance with instance store volumes or EBS volumes in addition to the root device volume, the new AMI contains block device mapping information for those volumes. When you launch an instance from this new AMI, the instance automatically launches with those additional volumes.
For more information, see Creating Amazon EBS-Backed Linux AMIs in the Amazon Elastic Compute Cloud User Guide.
", - "CreateInstanceEventWindow": "Creates an event window in which scheduled events for the associated Amazon EC2 instances can run.
You can define either a set of time ranges or a cron expression when creating the event window, but not both. All event window times are in UTC.
You can create up to 200 event windows per Amazon Web Services Region.
When you create the event window, targets (instance IDs, Dedicated Host IDs, or tags) are not yet associated with it. To ensure that the event window can be used, you must associate one or more targets with it by using the AssociateInstanceEventWindow API.
Event windows are applicable only for scheduled events that stop, reboot, or terminate instances.
Event windows are not applicable for:
Expedited scheduled events and network maintenance events.
Unscheduled maintenance such as AutoRecovery and unplanned reboots.
For more information, see Define event windows for scheduled events in the Amazon EC2 User Guide.
", + "CreateInstanceEventWindow": "Creates an event window in which scheduled events for the associated Amazon EC2 instances can run.
You can define either a set of time ranges or a cron expression when creating the event window, but not both. All event window times are in UTC.
You can create up to 200 event windows per Amazon Web Services Region.
When you create the event window, targets (instance IDs, Dedicated Host IDs, or tags) are not yet associated with it. To ensure that the event window can be used, you must associate one or more targets with it by using the AssociateInstanceEventWindow API.
Event windows are applicable only for scheduled events that stop, reboot, or terminate instances.
Event windows are not applicable for:
Expedited scheduled events and network maintenance events.
Unscheduled maintenance such as AutoRecovery and unplanned reboots.
For more information, see Define event windows for scheduled events in the Amazon EC2 User Guide.
", "CreateInstanceExportTask": "Exports a running or stopped instance to an Amazon S3 bucket.
For information about the supported operating systems, image formats, and known limitations for the types of instances you can export, see Exporting an instance as a VM Using VM Import/Export in the VM Import/Export User Guide.
", "CreateInternetGateway": "Creates an internet gateway for use with a VPC. After creating the internet gateway, you attach it to a VPC using AttachInternetGateway.
For more information about your VPC and internet gateway, see the Amazon Virtual Private Cloud User Guide.
", "CreateKeyPair": "Creates a 2048-bit RSA key pair with the specified name. Amazon EC2 stores the public key and displays the private key for you to save to a file. The private key is returned as an unencrypted PEM encoded PKCS#1 private key. If a key with the specified name already exists, Amazon EC2 returns an error.
You can have up to five thousand key pairs per Region.
The key pair returned to you is available only in the Region in which you create it. If you prefer, you can create your own key pair using a third-party tool and upload it to any Region using ImportKeyPair.
For more information, see Key Pairs in the Amazon Elastic Compute Cloud User Guide.
", @@ -69,7 +69,7 @@ "CreateLocalGatewayRoute": "Creates a static route for the specified local gateway route table.
", "CreateLocalGatewayRouteTableVpcAssociation": "Associates the specified VPC with the specified local gateway route table.
", "CreateManagedPrefixList": "Creates a managed prefix list. You can specify one or more entries for the prefix list. Each entry consists of a CIDR block and an optional description.
You must specify the maximum number of entries for the prefix list. The maximum number of entries cannot be changed later.
", - "CreateNatGateway": "Creates a NAT gateway in the specified subnet. This action creates a network interface in the specified subnet with a private IP address from the IP address range of the subnet. You can create either a public NAT gateway or a private NAT gateway.
With a public NAT gateway, internet-bound traffic from a private subnet can be routed to the NAT gateway, so that instances in a private subnet can connect to the internet.
With a private NAT gateway, private communication is routed across VPCs and on-premises networks through a transit gateway or virtual private gateway. Common use cases include running large workloads behind a small pool of allowlisted IPv4 addresses, preserving private IPv4 addresses, and communicating between overlapping networks.
For more information, see NAT Gateways in the Amazon Virtual Private Cloud User Guide.
", + "CreateNatGateway": "Creates a NAT gateway in the specified subnet. This action creates a network interface in the specified subnet with a private IP address from the IP address range of the subnet. You can create either a public NAT gateway or a private NAT gateway.
With a public NAT gateway, internet-bound traffic from a private subnet can be routed to the NAT gateway, so that instances in a private subnet can connect to the internet.
With a private NAT gateway, private communication is routed across VPCs and on-premises networks through a transit gateway or virtual private gateway. Common use cases include running large workloads behind a small pool of allowlisted IPv4 addresses, preserving private IPv4 addresses, and communicating between overlapping networks.
For more information, see NAT gateways in the Amazon Virtual Private Cloud User Guide.
", "CreateNetworkAcl": "Creates a network ACL in a VPC. Network ACLs provide an optional layer of security (in addition to security groups) for the instances in your VPC.
For more information, see Network ACLs in the Amazon Virtual Private Cloud User Guide.
", "CreateNetworkAclEntry": "Creates an entry (a rule) in a network ACL with the specified rule number. Each network ACL has a set of numbered ingress rules and a separate set of numbered egress rules. When determining whether a packet should be allowed in or out of a subnet associated with the ACL, we process the entries in the ACL according to the rule numbers, in ascending order. Each network ACL has a set of ingress rules and a separate set of egress rules.
We recommend that you leave room between the rule numbers (for example, 100, 110, 120, ...), and not number them one right after the other (for example, 101, 102, 103, ...). This makes it easier to add a rule between existing ones without having to renumber the rules.
After you add an entry, you can't modify it; you must either replace it, or create an entry and delete the old one.
For more information about network ACLs, see Network ACLs in the Amazon Virtual Private Cloud User Guide.
", "CreateNetworkInsightsPath": "Creates a path to analyze for reachability.
Reachability Analyzer enables you to analyze and debug network reachability between two resources in your virtual private cloud (VPC). For more information, see What is Reachability Analyzer.
", @@ -79,14 +79,15 @@ "CreateReplaceRootVolumeTask": "Creates a root volume replacement task for an Amazon EC2 instance. The root volume can either be restored to its initial launch state, or it can be restored using a specific snapshot.
For more information, see Replace a root volume in the Amazon Elastic Compute Cloud User Guide.
", "CreateReservedInstancesListing": "Creates a listing for Amazon EC2 Standard Reserved Instances to be sold in the Reserved Instance Marketplace. You can submit one Standard Reserved Instance listing at a time. To get a list of your Standard Reserved Instances, you can use the DescribeReservedInstances operation.
Only Standard Reserved Instances can be sold in the Reserved Instance Marketplace. Convertible Reserved Instances cannot be sold.
The Reserved Instance Marketplace matches sellers who want to resell Standard Reserved Instance capacity that they no longer need with buyers who want to purchase additional capacity. Reserved Instances bought and sold through the Reserved Instance Marketplace work like any other Reserved Instances.
To sell your Standard Reserved Instances, you must first register as a seller in the Reserved Instance Marketplace. After completing the registration process, you can create a Reserved Instance Marketplace listing of some or all of your Standard Reserved Instances, and specify the upfront price to receive for them. Your Standard Reserved Instance listings then become available for purchase. To view the details of your Standard Reserved Instance listing, you can use the DescribeReservedInstancesListings operation.
For more information, see Reserved Instance Marketplace in the Amazon EC2 User Guide.
", "CreateRestoreImageTask": "Starts a task that restores an AMI from an S3 object that was previously created by using CreateStoreImageTask.
To use this API, you must have the required permissions. For more information, see Permissions for storing and restoring AMIs using S3 in the Amazon Elastic Compute Cloud User Guide.
For more information, see Store and restore an AMI using S3 in the Amazon Elastic Compute Cloud User Guide.
", - "CreateRoute": "Creates a route in a route table within a VPC.
You must specify one of the following targets: internet gateway or virtual private gateway, NAT instance, NAT gateway, VPC peering connection, network interface, egress-only internet gateway, or transit gateway.
When determining how to route traffic, we use the route with the most specific match. For example, traffic is destined for the IPv4 address 192.0.2.3
, and the route table includes the following two IPv4 routes:
192.0.2.0/24
(goes to some target A)
192.0.2.0/28
(goes to some target B)
Both routes apply to the traffic destined for 192.0.2.3
. However, the second route in the list covers a smaller number of IP addresses and is therefore more specific, so we use that route to determine where to target the traffic.
For more information about route tables, see Route Tables in the Amazon Virtual Private Cloud User Guide.
", - "CreateRouteTable": "Creates a route table for the specified VPC. After you create a route table, you can add routes and associate the table with a subnet.
For more information, see Route Tables in the Amazon Virtual Private Cloud User Guide.
", + "CreateRoute": "Creates a route in a route table within a VPC.
You must specify one of the following targets: internet gateway or virtual private gateway, NAT instance, NAT gateway, VPC peering connection, network interface, egress-only internet gateway, or transit gateway.
When determining how to route traffic, we use the route with the most specific match. For example, traffic is destined for the IPv4 address 192.0.2.3
, and the route table includes the following two IPv4 routes:
192.0.2.0/24
(goes to some target A)
192.0.2.0/28
(goes to some target B)
Both routes apply to the traffic destined for 192.0.2.3
. However, the second route in the list covers a smaller number of IP addresses and is therefore more specific, so we use that route to determine where to target the traffic.
For more information about route tables, see Route tables in the Amazon Virtual Private Cloud User Guide.
", + "CreateRouteTable": "Creates a route table for the specified VPC. After you create a route table, you can add routes and associate the table with a subnet.
For more information, see Route tables in the Amazon Virtual Private Cloud User Guide.
", "CreateSecurityGroup": "Creates a security group.
A security group acts as a virtual firewall for your instance to control inbound and outbound traffic. For more information, see Amazon EC2 Security Groups in the Amazon Elastic Compute Cloud User Guide and Security Groups for Your VPC in the Amazon Virtual Private Cloud User Guide.
When you create a security group, you specify a friendly name of your choice. You can have a security group for use in EC2-Classic with the same name as a security group for use in a VPC. However, you can't have two security groups for use in EC2-Classic with the same name or two security groups for use in a VPC with the same name.
You have a default security group for use in EC2-Classic and a default security group for use in your VPC. If you don't specify a security group when you launch an instance, the instance is launched into the appropriate default security group. A default security group includes a default rule that grants instances unrestricted network access to each other.
You can add or remove rules from your security groups using AuthorizeSecurityGroupIngress, AuthorizeSecurityGroupEgress, RevokeSecurityGroupIngress, and RevokeSecurityGroupEgress.
For more information about VPC security group limits, see Amazon VPC Limits.
", "CreateSnapshot": "Creates a snapshot of an EBS volume and stores it in Amazon S3. You can use snapshots for backups, to make copies of EBS volumes, and to save data before shutting down an instance.
You can create snapshots of volumes in a Region and volumes on an Outpost. If you create a snapshot of a volume in a Region, the snapshot must be stored in the same Region as the volume. If you create a snapshot of a volume on an Outpost, the snapshot can be stored on the same Outpost as the volume, or in the Region for that Outpost.
When a snapshot is created, any Marketplace product codes that are associated with the source volume are propagated to the snapshot.
You can take a snapshot of an attached volume that is in use. However, snapshots only capture data that has been written to your Amazon EBS volume at the time the snapshot command is issued; this might exclude any data that has been cached by any applications or the operating system. If you can pause any file systems on the volume long enough to take a snapshot, your snapshot should be complete. However, if you cannot pause all file writes to the volume, you should unmount the volume from within the instance, issue the snapshot command, and then remount the volume to ensure a consistent and complete snapshot. You may remount and use your volume while the snapshot status is pending
.
To create a snapshot for Amazon EBS volumes that serve as root devices, you should stop the instance before taking the snapshot.
Snapshots that are taken from encrypted volumes are automatically encrypted. Volumes that are created from encrypted snapshots are also automatically encrypted. Your encrypted volumes and any associated snapshots always remain protected.
You can tag your snapshots during creation. For more information, see Tag your Amazon EC2 resources in the Amazon Elastic Compute Cloud User Guide.
For more information, see Amazon Elastic Block Store and Amazon EBS encryption in the Amazon Elastic Compute Cloud User Guide.
", "CreateSnapshots": "Creates crash-consistent snapshots of multiple EBS volumes and stores the data in S3. Volumes are chosen by specifying an instance. Any attached volumes will produce one snapshot each that is crash-consistent across the instance. Boot volumes can be excluded by changing the parameters.
You can create multi-volume snapshots of instances in a Region and instances on an Outpost. If you create snapshots from an instance in a Region, the snapshots must be stored in the same Region as the instance. If you create snapshots from an instance on an Outpost, the snapshots can be stored on the same Outpost as the instance, or in the Region for that Outpost.
", "CreateSpotDatafeedSubscription": "Creates a data feed for Spot Instances, enabling you to view Spot Instance usage logs. You can create one data feed per account. For more information, see Spot Instance data feed in the Amazon EC2 User Guide for Linux Instances.
", "CreateStoreImageTask": "Stores an AMI as a single object in an S3 bucket.
To use this API, you must have the required permissions. For more information, see Permissions for storing and restoring AMIs using S3 in the Amazon Elastic Compute Cloud User Guide.
For more information, see Store and restore an AMI using S3 in the Amazon Elastic Compute Cloud User Guide.
", - "CreateSubnet": "Creates a subnet in a specified VPC.
You must specify an IPv4 CIDR block for the subnet. After you create a subnet, you can't change its CIDR block. The allowed block size is between a /16 netmask (65,536 IP addresses) and /28 netmask (16 IP addresses). The CIDR block must not overlap with the CIDR block of an existing subnet in the VPC.
If you've associated an IPv6 CIDR block with your VPC, you can create a subnet with an IPv6 CIDR block that uses a /64 prefix length.
AWS reserves both the first four and the last IPv4 address in each subnet's CIDR block. They're not available for use.
If you add more than one subnet to a VPC, they're set up in a star topology with a logical router in the middle.
When you stop an instance in a subnet, it retains its private IPv4 address. It's therefore possible to have a subnet with no running instances (they're all stopped), but no remaining IP addresses available.
For more information about subnets, see Your VPC and Subnets in the Amazon Virtual Private Cloud User Guide.
", + "CreateSubnet": "Creates a subnet in a specified VPC.
You must specify an IPv4 CIDR block for the subnet. After you create a subnet, you can't change its CIDR block. The allowed block size is between a /16 netmask (65,536 IP addresses) and /28 netmask (16 IP addresses). The CIDR block must not overlap with the CIDR block of an existing subnet in the VPC.
If you've associated an IPv6 CIDR block with your VPC, you can create a subnet with an IPv6 CIDR block that uses a /64 prefix length.
Amazon Web Services reserves both the first four and the last IPv4 address in each subnet's CIDR block. They're not available for use.
If you add more than one subnet to a VPC, they're set up in a star topology with a logical router in the middle.
When you stop an instance in a subnet, it retains its private IPv4 address. It's therefore possible to have a subnet with no running instances (they're all stopped), but no remaining IP addresses available.
For more information about subnets, see Your VPC and subnets in the Amazon Virtual Private Cloud User Guide.
", + "CreateSubnetCidrReservation": "Creates a subnet CIDR reservation. For information about subnet CIDR reservations, see Subnet CIDR reservations in the Amazon Virtual Private Cloud User Guide.
", "CreateTags": "Adds or overwrites only the specified tags for the specified Amazon EC2 resource or resources. When you specify an existing tag key, the value is overwritten with the new value. Each resource can have a maximum of 50 tags. Each tag consists of a key and optional value. Tag keys must be unique per resource.
For more information about tags, see Tagging Your Resources in the Amazon Elastic Compute Cloud User Guide. For more information about creating IAM policies that control users' access to resources based on tags, see Supported Resource-Level Permissions for Amazon EC2 API Actions in the Amazon Elastic Compute Cloud User Guide.
", "CreateTrafficMirrorFilter": "Creates a Traffic Mirror filter.
A Traffic Mirror filter is a set of rules that defines the traffic to mirror.
By default, no traffic is mirrored. To mirror traffic, use CreateTrafficMirrorFilterRule to add Traffic Mirror rules to the filter. The rules you add define what traffic gets mirrored. You can also use ModifyTrafficMirrorFilterNetworkServices to mirror supported network services.
", "CreateTrafficMirrorFilterRule": "Creates a Traffic Mirror filter rule.
A Traffic Mirror rule defines the Traffic Mirror source traffic to mirror.
You need the Traffic Mirror filter ID when you create the rule.
", @@ -102,11 +103,11 @@ "CreateTransitGatewayRouteTable": "Creates a route table for the specified transit gateway.
", "CreateTransitGatewayVpcAttachment": "Attaches the specified VPC to the specified transit gateway.
If you attach a VPC with a CIDR range that overlaps the CIDR range of a VPC that is already attached, the new VPC CIDR range is not propagated to the default propagation route table.
To send VPC traffic to an attached transit gateway, add a route to the VPC route table using CreateRoute.
", "CreateVolume": "Creates an EBS volume that can be attached to an instance in the same Availability Zone.
You can create a new empty volume or restore a volume from an EBS snapshot. Any Marketplace product codes from the snapshot are propagated to the volume.
You can create encrypted volumes. Encrypted volumes must be attached to instances that support Amazon EBS encryption. Volumes that are created from encrypted snapshots are also automatically encrypted. For more information, see Amazon EBS encryption in the Amazon Elastic Compute Cloud User Guide.
You can tag your volumes during creation. For more information, see Tag your Amazon EC2 resources in the Amazon Elastic Compute Cloud User Guide.
For more information, see Create an Amazon EBS volume in the Amazon Elastic Compute Cloud User Guide.
", - "CreateVpc": "Creates a VPC with the specified IPv4 CIDR block. The smallest VPC you can create uses a /28 netmask (16 IPv4 addresses), and the largest uses a /16 netmask (65,536 IPv4 addresses). For more information about how large to make your VPC, see Your VPC and Subnets in the Amazon Virtual Private Cloud User Guide.
You can optionally request an IPv6 CIDR block for the VPC. You can request an Amazon-provided IPv6 CIDR block from Amazon's pool of IPv6 addresses, or an IPv6 CIDR block from an IPv6 address pool that you provisioned through bring your own IP addresses (BYOIP).
By default, each instance you launch in the VPC has the default DHCP options, which include only a default DNS server that we provide (AmazonProvidedDNS). For more information, see DHCP Options Sets in the Amazon Virtual Private Cloud User Guide.
You can specify the instance tenancy value for the VPC when you create it. You can't change this value for the VPC after you create it. For more information, see Dedicated Instances in the Amazon Elastic Compute Cloud User Guide.
", + "CreateVpc": "Creates a VPC with the specified IPv4 CIDR block. The smallest VPC you can create uses a /28 netmask (16 IPv4 addresses), and the largest uses a /16 netmask (65,536 IPv4 addresses). For more information about how large to make your VPC, see Your VPC and subnets in the Amazon Virtual Private Cloud User Guide.
You can optionally request an IPv6 CIDR block for the VPC. You can request an Amazon-provided IPv6 CIDR block from Amazon's pool of IPv6 addresses, or an IPv6 CIDR block from an IPv6 address pool that you provisioned through bring your own IP addresses (BYOIP).
By default, each instance you launch in the VPC has the default DHCP options, which include only a default DNS server that we provide (AmazonProvidedDNS). For more information, see DHCP options sets in the Amazon Virtual Private Cloud User Guide.
You can specify the instance tenancy value for the VPC when you create it. You can't change this value for the VPC after you create it. For more information, see Dedicated Instances in the Amazon Elastic Compute Cloud User Guide.
", "CreateVpcEndpoint": "Creates a VPC endpoint for a specified service. An endpoint enables you to create a private connection between your VPC and the service. The service may be provided by AWS, an AWS Marketplace Partner, or another AWS account. For more information, see VPC Endpoints in the Amazon Virtual Private Cloud User Guide.
A gateway
endpoint serves as a target for a route in your route table for traffic destined for the AWS service. You can specify an endpoint policy to attach to the endpoint, which will control access to the service from your VPC. You can also specify the VPC route tables that use the endpoint.
An interface
endpoint is a network interface in your subnet that serves as an endpoint for communicating with the specified service. You can specify the subnets in which to create an endpoint, and the security groups to associate with the endpoint network interface.
A GatewayLoadBalancer
endpoint is a network interface in your subnet that serves an endpoint for communicating with a Gateway Load Balancer that you've configured as a VPC endpoint service.
Use DescribeVpcEndpointServices to get a list of supported services.
", "CreateVpcEndpointConnectionNotification": "Creates a connection notification for a specified VPC endpoint or VPC endpoint service. A connection notification notifies you of specific endpoint events. You must create an SNS topic to receive notifications. For more information, see Create a Topic in the Amazon Simple Notification Service Developer Guide.
You can create a connection notification for interface endpoints only.
", "CreateVpcEndpointServiceConfiguration": "Creates a VPC endpoint service configuration to which service consumers (AWS accounts, IAM users, and IAM roles) can connect.
To create an endpoint service configuration, you must first create one of the following for your service:
A Network Load Balancer. Service consumers connect to your service using an interface endpoint.
A Gateway Load Balancer. Service consumers connect to your service using a Gateway Load Balancer endpoint.
For more information, see VPC Endpoint Services in the Amazon Virtual Private Cloud User Guide.
If you set the private DNS name, you must prove that you own the private DNS domain name. For more information, see VPC Endpoint Service Private DNS Name Verification in the Amazon Virtual Private Cloud User Guide.
", - "CreateVpcPeeringConnection": "Requests a VPC peering connection between two VPCs: a requester VPC that you own and an accepter VPC with which to create the connection. The accepter VPC can belong to another AWS account and can be in a different Region to the requester VPC. The requester VPC and accepter VPC cannot have overlapping CIDR blocks.
Limitations and rules apply to a VPC peering connection. For more information, see the limitations section in the VPC Peering Guide.
The owner of the accepter VPC must accept the peering request to activate the peering connection. The VPC peering connection request expires after 7 days, after which it cannot be accepted or rejected.
If you create a VPC peering connection request between VPCs with overlapping CIDR blocks, the VPC peering connection has a status of failed
.
Requests a VPC peering connection between two VPCs: a requester VPC that you own and an accepter VPC with which to create the connection. The accepter VPC can belong to another account and can be in a different Region to the requester VPC. The requester VPC and accepter VPC cannot have overlapping CIDR blocks.
Limitations and rules apply to a VPC peering connection. For more information, see the limitations section in the VPC Peering Guide.
The owner of the accepter VPC must accept the peering request to activate the peering connection. The VPC peering connection request expires after 7 days, after which it cannot be accepted or rejected.
If you create a VPC peering connection request between VPCs with overlapping CIDR blocks, the VPC peering connection has a status of failed
.
Creates a VPN connection between an existing virtual private gateway or transit gateway and a customer gateway. The supported connection type is ipsec.1
.
The response includes information that you need to give to your network administrator to configure your customer gateway.
We strongly recommend that you use HTTPS when calling this operation because the response contains sensitive cryptographic information for configuring your customer gateway device.
If you decide to shut down your VPN connection for any reason and later create a new VPN connection, you must reconfigure your customer gateway with the new information returned from this call.
This is an idempotent operation. If you perform the operation more than once, Amazon EC2 doesn't return an error.
For more information, see AWS Site-to-Site VPN in the AWS Site-to-Site VPN User Guide.
", "CreateVpnConnectionRoute": "Creates a static route associated with a VPN connection between an existing virtual private gateway and a VPN customer gateway. The static route allows traffic to be routed from the virtual private gateway to the VPN customer gateway.
For more information, see AWS Site-to-Site VPN in the AWS Site-to-Site VPN User Guide.
", "CreateVpnGateway": "Creates a virtual private gateway. A virtual private gateway is the endpoint on the VPC side of your VPN connection. You can create a virtual private gateway before creating the VPC itself.
For more information, see AWS Site-to-Site VPN in the AWS Site-to-Site VPN User Guide.
", @@ -119,7 +120,7 @@ "DeleteFleets": "Deletes the specified EC2 Fleet.
After you delete an EC2 Fleet, it launches no new instances.
You must specify whether a deleted EC2 Fleet should also terminate its instances. If you choose to terminate the instances, the EC2 Fleet enters the deleted_terminating
state. Otherwise, the EC2 Fleet enters the deleted_running
state, and the instances continue to run until they are interrupted or you terminate them manually.
For instant
fleets, EC2 Fleet must terminate the instances when the fleet is deleted. A deleted instant
fleet with running instances is not supported.
Restrictions
You can delete up to 25 instant
fleets in a single request. If you exceed this number, no instant
fleets are deleted and an error is returned. There is no restriction on the number of fleets of type maintain
or request
that can be deleted in a single request.
Up to 1000 instances can be terminated in a single request to delete instant
fleets.
For more information, see Deleting an EC2 Fleet in the Amazon EC2 User Guide.
", "DeleteFlowLogs": "Deletes one or more flow logs.
", "DeleteFpgaImage": "Deletes the specified Amazon FPGA Image (AFI).
", - "DeleteInstanceEventWindow": "Deletes the specified event window.
For more information, see Define event windows for scheduled events in the Amazon EC2 User Guide.
", + "DeleteInstanceEventWindow": "Deletes the specified event window.
For more information, see Define event windows for scheduled events in the Amazon EC2 User Guide.
", "DeleteInternetGateway": "Deletes the specified internet gateway. You must detach the internet gateway from the VPC before you can delete it.
", "DeleteKeyPair": "Deletes the specified key pair, by removing the public key from Amazon EC2.
", "DeleteLaunchTemplate": "Deletes a launch template. Deleting a launch template deletes all of its versions.
", @@ -142,6 +143,7 @@ "DeleteSnapshot": "Deletes the specified snapshot.
When you make periodic snapshots of a volume, the snapshots are incremental, and only the blocks on the device that have changed since your last snapshot are saved in the new snapshot. When you delete a snapshot, only the data not needed for any other snapshot is removed. So regardless of which prior snapshots have been deleted, all active snapshots will have access to all the information needed to restore the volume.
You cannot delete a snapshot of the root device of an EBS volume used by a registered AMI. You must first de-register the AMI before you can delete the snapshot.
For more information, see Delete an Amazon EBS snapshot in the Amazon Elastic Compute Cloud User Guide.
", "DeleteSpotDatafeedSubscription": "Deletes the data feed for Spot Instances.
", "DeleteSubnet": "Deletes the specified subnet. You must terminate all running instances in the subnet before you can delete the subnet.
", + "DeleteSubnetCidrReservation": "Deletes a subnet CIDR reservation.
", "DeleteTags": "Deletes the specified set of tags from the specified set of resources.
To list the current tags, use DescribeTags. For more information about tags, see Tagging Your Resources in the Amazon Elastic Compute Cloud User Guide.
", "DeleteTrafficMirrorFilter": "Deletes the specified Traffic Mirror filter.
You cannot delete a Traffic Mirror filter that is in use by a Traffic Mirror session.
", "DeleteTrafficMirrorFilterRule": "Deletes the specified Traffic Mirror rule.
", @@ -188,7 +190,7 @@ "DescribeCoipPools": "Describes the specified customer-owned address pools or all of your customer-owned address pools.
", "DescribeConversionTasks": "Describes the specified conversion tasks or all your conversion tasks. For more information, see the VM Import/Export User Guide.
For information about the import manifest referenced by this API action, see VM Import Manifest.
", "DescribeCustomerGateways": "Describes one or more of your VPN customer gateways.
For more information, see AWS Site-to-Site VPN in the AWS Site-to-Site VPN User Guide.
", - "DescribeDhcpOptions": "Describes one or more of your DHCP options sets.
For more information, see DHCP Options Sets in the Amazon Virtual Private Cloud User Guide.
", + "DescribeDhcpOptions": "Describes one or more of your DHCP options sets.
For more information, see DHCP options sets in the Amazon Virtual Private Cloud User Guide.
", "DescribeEgressOnlyInternetGateways": "Describes one or more of your egress-only internet gateways.
", "DescribeElasticGpus": "Describes the Elastic Graphics accelerator associated with your instances. For more information about Elastic Graphics, see Amazon Elastic Graphics.
", "DescribeExportImageTasks": "Describes the specified export image tasks or all of your export image tasks.
", @@ -213,7 +215,7 @@ "DescribeInstanceAttribute": "Describes the specified attribute of the specified instance. You can specify only one attribute at a time. Valid attribute values are: instanceType
| kernel
| ramdisk
| userData
| disableApiTermination
| instanceInitiatedShutdownBehavior
| rootDeviceName
| blockDeviceMapping
| productCodes
| sourceDestCheck
| groupSet
| ebsOptimized
| sriovNetSupport
Describes the credit option for CPU usage of the specified burstable performance instances. The credit options are standard
and unlimited
.
If you do not specify an instance ID, Amazon EC2 returns burstable performance instances with the unlimited
credit option, as well as instances that were previously configured as T2, T3, and T3a with the unlimited
credit option. For example, if you resize a T2 instance, while it is configured as unlimited
, to an M4 instance, Amazon EC2 returns the M4 instance.
If you specify one or more instance IDs, Amazon EC2 returns the credit option (standard
or unlimited
) of those instances. If you specify an instance ID that is not valid, such as an instance that is not a burstable performance instance, an error is returned.
Recently terminated instances might appear in the returned results. This interval is usually less than one hour.
If an Availability Zone is experiencing a service disruption and you specify instance IDs in the affected zone, or do not specify any instance IDs at all, the call fails. If you specify only instance IDs in an unaffected zone, the call works normally.
For more information, see Burstable performance instances in the Amazon EC2 User Guide.
", "DescribeInstanceEventNotificationAttributes": "Describes the tag keys that are registered to appear in scheduled event notifications for resources in the current Region.
", - "DescribeInstanceEventWindows": "Describes the specified event windows or all event windows.
If you specify event window IDs, the output includes information for only the specified event windows. If you specify filters, the output includes information for only those event windows that meet the filter criteria. If you do not specify event windows IDs or filters, the output includes information for all event windows, which can affect performance. We recommend that you use pagination to ensure that the operation returns quickly and successfully.
For more information, see Define event windows for scheduled events in the Amazon EC2 User Guide.
", + "DescribeInstanceEventWindows": "Describes the specified event windows or all event windows.
If you specify event window IDs, the output includes information for only the specified event windows. If you specify filters, the output includes information for only those event windows that meet the filter criteria. If you do not specify event windows IDs or filters, the output includes information for all event windows, which can affect performance. We recommend that you use pagination to ensure that the operation returns quickly and successfully.
For more information, see Define event windows for scheduled events in the Amazon EC2 User Guide.
", "DescribeInstanceStatus": "Describes the status of the specified instances or all of your instances. By default, only running instances are described, unless you specifically indicate to return the status of all instances.
Instance status includes the following components:
Status checks - Amazon EC2 performs status checks on running EC2 instances to identify hardware and software issues. For more information, see Status checks for your instances and Troubleshooting instances with failed status checks in the Amazon EC2 User Guide.
Scheduled events - Amazon EC2 can schedule events (such as reboot, stop, or terminate) for your instances related to hardware issues, software updates, or system maintenance. For more information, see Scheduled events for your instances in the Amazon EC2 User Guide.
Instance state - You can manage your instances from the moment you launch them through their termination. For more information, see Instance lifecycle in the Amazon EC2 User Guide.
Returns a list of all instance types offered. The results can be filtered by location (Region or Availability Zone). If no location is specified, the instance types offered in the current Region are returned.
", "DescribeInstanceTypes": "Describes the details of the instance types that are offered in a location. The results can be filtered by the attributes of the instance types.
", @@ -248,7 +250,7 @@ "DescribeReservedInstancesListings": "Describes your account's Reserved Instance listings in the Reserved Instance Marketplace.
The Reserved Instance Marketplace matches sellers who want to resell Reserved Instance capacity that they no longer need with buyers who want to purchase additional capacity. Reserved Instances bought and sold through the Reserved Instance Marketplace work like any other Reserved Instances.
As a seller, you choose to list some or all of your Reserved Instances, and you specify the upfront price to receive for them. Your Reserved Instances are then listed in the Reserved Instance Marketplace and are available for purchase.
As a buyer, you specify the configuration of the Reserved Instance to purchase, and the Marketplace matches what you're searching for with what's available. The Marketplace first sells the lowest priced Reserved Instances to you, and continues to sell available Reserved Instance listings to you until your demand is met. You are charged based on the total price of all of the listings that you purchase.
For more information, see Reserved Instance Marketplace in the Amazon EC2 User Guide.
", "DescribeReservedInstancesModifications": "Describes the modifications made to your Reserved Instances. If no parameter is specified, information about all your Reserved Instances modification requests is returned. If a modification ID is specified, only information about the specific modification is returned.
For more information, see Modifying Reserved Instances in the Amazon EC2 User Guide.
", "DescribeReservedInstancesOfferings": "Describes Reserved Instance offerings that are available for purchase. With Reserved Instances, you purchase the right to launch instances for a period of time. During that time period, you do not receive insufficient capacity errors, and you pay a lower usage rate than the rate charged for On-Demand instances for the actual time used.
If you have listed your own Reserved Instances for sale in the Reserved Instance Marketplace, they will be excluded from these results. This is to ensure that you do not purchase your own Reserved Instances.
For more information, see Reserved Instance Marketplace in the Amazon EC2 User Guide.
", - "DescribeRouteTables": "Describes one or more of your route tables.
Each subnet in your VPC must be associated with a route table. If a subnet is not explicitly associated with any route table, it is implicitly associated with the main route table. This command does not return the subnet ID for implicit associations.
For more information, see Route Tables in the Amazon Virtual Private Cloud User Guide.
", + "DescribeRouteTables": "Describes one or more of your route tables.
Each subnet in your VPC must be associated with a route table. If a subnet is not explicitly associated with any route table, it is implicitly associated with the main route table. This command does not return the subnet ID for implicit associations.
For more information, see Route tables in the Amazon Virtual Private Cloud User Guide.
", "DescribeScheduledInstanceAvailability": "Finds available schedules that meet the specified criteria.
You can search for an available schedule no more than 3 months in advance. You must meet the minimum required duration of 1,200 hours per year. For example, the minimum daily schedule is 4 hours, the minimum weekly schedule is 24 hours, and the minimum monthly schedule is 100 hours.
After you find a schedule that meets your needs, call PurchaseScheduledInstances to purchase Scheduled Instances with that schedule.
", "DescribeScheduledInstances": "Describes the specified Scheduled Instances or all your Scheduled Instances.
", "DescribeSecurityGroupReferences": "[VPC only] Describes the VPCs on the other side of a VPC peering connection that are referencing the security groups you've specified in this request.
", @@ -264,7 +266,7 @@ "DescribeSpotPriceHistory": "Describes the Spot price history. For more information, see Spot Instance pricing history in the Amazon EC2 User Guide for Linux Instances.
When you specify a start and end time, the operation returns the prices of the instance types within that time range. It also returns the last price change before the start time, which is the effective price as of the start time.
", "DescribeStaleSecurityGroups": "[VPC only] Describes the stale security group rules for security groups in a specified VPC. Rules are stale when they reference a deleted security group in a peer VPC, or a security group in a peer VPC for which the VPC peering connection has been deleted.
", "DescribeStoreImageTasks": "Describes the progress of the AMI store tasks. You can describe the store tasks for specified AMIs. If you don't specify the AMIs, you get a paginated list of store tasks from the last 31 days.
For each AMI task, the response indicates if the task is InProgress
, Completed
, or Failed
. For tasks InProgress
, the response shows the estimated progress as a percentage.
Tasks are listed in reverse chronological order. Currently, only tasks from the past 31 days can be viewed.
To use this API, you must have the required permissions. For more information, see Permissions for storing and restoring AMIs using S3 in the Amazon Elastic Compute Cloud User Guide.
For more information, see Store and restore an AMI using S3 in the Amazon Elastic Compute Cloud User Guide.
", - "DescribeSubnets": "Describes one or more of your subnets.
For more information, see Your VPC and Subnets in the Amazon Virtual Private Cloud User Guide.
", + "DescribeSubnets": "Describes one or more of your subnets.
For more information, see Your VPC and subnets in the Amazon Virtual Private Cloud User Guide.
", "DescribeTags": "Describes the specified tags for your EC2 resources.
For more information about tags, see Tagging Your Resources in the Amazon Elastic Compute Cloud User Guide.
", "DescribeTrafficMirrorFilters": "Describes one or more Traffic Mirror filters.
", "DescribeTrafficMirrorSessions": "Describes one or more Traffic Mirror sessions. By default, all Traffic Mirror sessions are described. Alternatively, you can filter the results.
", @@ -312,8 +314,8 @@ "DisassociateClientVpnTargetNetwork": "Disassociates a target network from the specified Client VPN endpoint. When you disassociate the last target network from a Client VPN, the following happens:
The route that was automatically added for the VPC is deleted
All active client connections are terminated
New client connections are disallowed
The Client VPN endpoint's status changes to pending-associate
Disassociates an IAM role from an Certificate Manager (ACM) certificate. Disassociating an IAM role from an ACM certificate removes the Amazon S3 object that contains the certificate, certificate chain, and encrypted private key from the Amazon S3 bucket. It also revokes the IAM role's permission to use the KMS key used to encrypt the private key. This effectively revokes the role's permission to use the certificate.
", "DisassociateIamInstanceProfile": "Disassociates an IAM instance profile from a running or stopped instance.
Use DescribeIamInstanceProfileAssociations to get the association ID.
", - "DisassociateInstanceEventWindow": "Disassociates one or more targets from an event window.
For more information, see Define event windows for scheduled events in the Amazon EC2 User Guide.
", - "DisassociateRouteTable": "Disassociates a subnet or gateway from a route table.
After you perform this action, the subnet no longer uses the routes in the route table. Instead, it uses the routes in the VPC's main route table. For more information about route tables, see Route Tables in the Amazon Virtual Private Cloud User Guide.
", + "DisassociateInstanceEventWindow": "Disassociates one or more targets from an event window.
For more information, see Define event windows for scheduled events in the Amazon EC2 User Guide.
", + "DisassociateRouteTable": "Disassociates a subnet or gateway from a route table.
After you perform this action, the subnet no longer uses the routes in the route table. Instead, it uses the routes in the VPC's main route table. For more information about route tables, see Route tables in the Amazon Virtual Private Cloud User Guide.
", "DisassociateSubnetCidrBlock": "Disassociates a CIDR block from a subnet. Currently, you can disassociate an IPv6 CIDR block only. You must detach or delete all gateways and resources that are associated with the CIDR block before you can disassociate it.
", "DisassociateTransitGatewayMulticastDomain": "Disassociates the specified subnets from the transit gateway multicast domain.
", "DisassociateTransitGatewayRouteTable": "Disassociates a resource attachment from a transit gateway route table.
", @@ -350,6 +352,7 @@ "GetPasswordData": "Retrieves the encrypted administrator password for a running Windows instance.
The Windows password is generated at boot by the EC2Config
service or EC2Launch
scripts (Windows Server 2016 and later). This usually only happens the first time an instance is launched. For more information, see EC2Config and EC2Launch in the Amazon EC2 User Guide.
For the EC2Config
service, the password is not generated for rebundled AMIs unless Ec2SetPassword
is enabled before bundling.
The password is encrypted using the key pair that you specified when you launched the instance. You must provide the corresponding key pair file.
When you launch an instance, password generation and encryption may take a few minutes. If you try to retrieve the password before it's available, the output returns an empty string. We recommend that you wait up to 15 minutes after launching an instance before trying to retrieve the generated password.
", "GetReservedInstancesExchangeQuote": "Returns a quote and exchange information for exchanging one or more specified Convertible Reserved Instances for a new Convertible Reserved Instance. If the exchange cannot be performed, the reason is returned in the response. Use AcceptReservedInstancesExchangeQuote to perform the exchange.
", "GetSerialConsoleAccessStatus": "Retrieves the access status of your account to the EC2 serial console of all instances. By default, access to the EC2 serial console is disabled for your account. For more information, see Manage account access to the EC2 serial console in the Amazon EC2 User Guide.
", + "GetSubnetCidrReservations": "Gets information about the subnet CIDR reservations.
", "GetTransitGatewayAttachmentPropagations": "Lists the route tables to which the specified resource attachment propagates routes.
", "GetTransitGatewayMulticastDomainAssociations": "Gets information about the associations for the transit gateway multicast domain.
", "GetTransitGatewayPrefixListReferences": "Gets information about the prefix list references in a specified transit gateway route table.
", @@ -377,7 +380,7 @@ "ModifyInstanceCapacityReservationAttributes": "Modifies the Capacity Reservation settings for a stopped instance. Use this action to configure an instance to target a specific Capacity Reservation, run in any open
Capacity Reservation with matching attributes, or run On-Demand Instance capacity.
Modifies the credit option for CPU usage on a running or stopped burstable performance instance. The credit options are standard
and unlimited
.
For more information, see Burstable performance instances in the Amazon EC2 User Guide.
", "ModifyInstanceEventStartTime": "Modifies the start time for a scheduled Amazon EC2 instance event.
", - "ModifyInstanceEventWindow": "Modifies the specified event window.
You can define either a set of time ranges or a cron expression when modifying the event window, but not both.
To modify the targets associated with the event window, use the AssociateInstanceEventWindow and DisassociateInstanceEventWindow API.
If Amazon Web Services has already scheduled an event, modifying an event window won't change the time of the scheduled event.
For more information, see Define event windows for scheduled events in the Amazon EC2 User Guide.
", + "ModifyInstanceEventWindow": "Modifies the specified event window.
You can define either a set of time ranges or a cron expression when modifying the event window, but not both.
To modify the targets associated with the event window, use the AssociateInstanceEventWindow and DisassociateInstanceEventWindow API.
If Amazon Web Services has already scheduled an event, modifying an event window won't change the time of the scheduled event.
For more information, see Define event windows for scheduled events in the Amazon EC2 User Guide.
", "ModifyInstanceMetadataOptions": "Modify the instance metadata parameters on a running or stopped instance. When you modify the parameters on a stopped instance, they are applied when the instance is started. When you modify the parameters on a running instance, the API responds with a state of “pending”. After the parameter modifications are successfully applied to the instance, the state of the modifications changes from “pending” to “applied” in subsequent describe-instances API calls. For more information, see Instance metadata and user data in the Amazon EC2 User Guide.
", "ModifyInstancePlacement": "Modifies the placement attributes for a specified instance. You can do the following:
Modify the affinity between an instance and a Dedicated Host. When affinity is set to host
and the instance is not associated with a specific Dedicated Host, the next time the instance is launched, it is automatically associated with the host on which it lands. If the instance is restarted or rebooted, this relationship persists.
Change the Dedicated Host with which an instance is associated.
Change the instance tenancy of an instance from host
to dedicated
, or from dedicated
to host
.
Move an instance to or from a placement group.
At least one attribute for affinity, host ID, tenancy, or placement group name must be specified in the request. Affinity and tenancy can be modified in the same request.
To modify the host ID, tenancy, placement group, or partition for an instance, the instance must be in the stopped
state.
Modifies a launch template. You can specify which version of the launch template to set as the default version. When launching an instance, the default version applies when a launch template version is not specified.
", @@ -401,7 +404,7 @@ "ModifyVpcEndpointConnectionNotification": "Modifies a connection notification for VPC endpoint or VPC endpoint service. You can change the SNS topic for the notification, or the events for which to be notified.
", "ModifyVpcEndpointServiceConfiguration": "Modifies the attributes of your VPC endpoint service configuration. You can change the Network Load Balancers or Gateway Load Balancers for your service, and you can specify whether acceptance is required for requests to connect to your endpoint service through an interface VPC endpoint.
If you set or modify the private DNS name, you must prove that you own the private DNS domain name. For more information, see VPC Endpoint Service Private DNS Name Verification in the Amazon Virtual Private Cloud User Guide.
", "ModifyVpcEndpointServicePermissions": "Modifies the permissions for your VPC endpoint service. You can add or remove permissions for service consumers (IAM users, IAM roles, and AWS accounts) to connect to your endpoint service.
If you grant permissions to all principals, the service is public. Any users who know the name of a public service can send a request to attach an endpoint. If the service does not require manual approval, attachments are automatically approved.
", - "ModifyVpcPeeringConnectionOptions": "Modifies the VPC peering connection options on one side of a VPC peering connection. You can do the following:
Enable/disable communication over the peering connection between an EC2-Classic instance that's linked to your VPC (using ClassicLink) and instances in the peer VPC.
Enable/disable communication over the peering connection between instances in your VPC and an EC2-Classic instance that's linked to the peer VPC.
Enable/disable the ability to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC.
If the peered VPCs are in the same AWS account, you can enable DNS resolution for queries from the local VPC. This ensures that queries from the local VPC resolve to private IP addresses in the peer VPC. This option is not available if the peered VPCs are in different AWS accounts or different Regions. For peered VPCs in different AWS accounts, each AWS account owner must initiate a separate request to modify the peering connection options. For inter-region peering connections, you must use the Region for the requester VPC to modify the requester VPC peering options and the Region for the accepter VPC to modify the accepter VPC peering options. To verify which VPCs are the accepter and the requester for a VPC peering connection, use the DescribeVpcPeeringConnections command.
", + "ModifyVpcPeeringConnectionOptions": "Modifies the VPC peering connection options on one side of a VPC peering connection. You can do the following:
Enable/disable communication over the peering connection between an EC2-Classic instance that's linked to your VPC (using ClassicLink) and instances in the peer VPC.
Enable/disable communication over the peering connection between instances in your VPC and an EC2-Classic instance that's linked to the peer VPC.
Enable/disable the ability to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC.
If the peered VPCs are in the same account, you can enable DNS resolution for queries from the local VPC. This ensures that queries from the local VPC resolve to private IP addresses in the peer VPC. This option is not available if the peered VPCs are in different different accounts or different Regions. For peered VPCs in different accounts, each account owner must initiate a separate request to modify the peering connection options. For inter-region peering connections, you must use the Region for the requester VPC to modify the requester VPC peering options and the Region for the accepter VPC to modify the accepter VPC peering options. To verify which VPCs are the accepter and the requester for a VPC peering connection, use the DescribeVpcPeeringConnections command.
", "ModifyVpcTenancy": "Modifies the instance tenancy attribute of the specified VPC. You can change the instance tenancy attribute of a VPC to default
only. You cannot change the instance tenancy attribute to dedicated
.
After you modify the tenancy of the VPC, any new instances that you launch into the VPC have a tenancy of default
, unless you specify otherwise during launch. The tenancy of any existing instances in the VPC is not affected.
For more information, see Dedicated Instances in the Amazon Elastic Compute Cloud User Guide.
", "ModifyVpnConnection": "Modifies the customer gateway or the target gateway of an AWS Site-to-Site VPN connection. To modify the target gateway, the following migration options are available:
An existing virtual private gateway to a new virtual private gateway
An existing virtual private gateway to a transit gateway
An existing transit gateway to a new transit gateway
An existing transit gateway to a virtual private gateway
Before you perform the migration to the new gateway, you must configure the new gateway. Use CreateVpnGateway to create a virtual private gateway, or CreateTransitGateway to create a transit gateway.
This step is required when you migrate from a virtual private gateway with static routes to a transit gateway.
You must delete the static routes before you migrate to the new gateway.
Keep a copy of the static route before you delete it. You will need to add back these routes to the transit gateway after the VPN connection migration is complete.
After you migrate to the new gateway, you might need to modify your VPC route table. Use CreateRoute and DeleteRoute to make the changes described in VPN Gateway Target Modification Required VPC Route Table Updates in the AWS Site-to-Site VPN User Guide.
When the new gateway is a transit gateway, modify the transit gateway route table to allow traffic between the VPC and the AWS Site-to-Site VPN connection. Use CreateTransitGatewayRoute to add the routes.
If you deleted VPN static routes, you must add the static routes to the transit gateway route table.
After you perform this operation, the AWS VPN endpoint's IP addresses on the AWS side and the tunnel options remain intact. Your AWS Site-to-Site VPN connection will be temporarily unavailable for a brief period while we provision the new endpoints.
", "ModifyVpnConnectionOptions": "Modifies the connection options for your Site-to-Site VPN connection.
When you modify the VPN connection options, the VPN endpoint IP addresses on the AWS side do not change, and the tunnel options do not change. Your VPN connection will be temporarily unavailable for a brief period while the VPN connection is updated.
", @@ -428,8 +431,8 @@ "ReplaceIamInstanceProfileAssociation": "Replaces an IAM instance profile for the specified running instance. You can use this action to change the IAM instance profile that's associated with an instance without having to disassociate the existing IAM instance profile first.
Use DescribeIamInstanceProfileAssociations to get the association ID.
", "ReplaceNetworkAclAssociation": "Changes which network ACL a subnet is associated with. By default when you create a subnet, it's automatically associated with the default network ACL. For more information, see Network ACLs in the Amazon Virtual Private Cloud User Guide.
This is an idempotent operation.
", "ReplaceNetworkAclEntry": "Replaces an entry (rule) in a network ACL. For more information, see Network ACLs in the Amazon Virtual Private Cloud User Guide.
", - "ReplaceRoute": "Replaces an existing route within a route table in a VPC. You must provide only one of the following: internet gateway, virtual private gateway, NAT instance, NAT gateway, VPC peering connection, network interface, egress-only internet gateway, or transit gateway.
For more information, see Route Tables in the Amazon Virtual Private Cloud User Guide.
", - "ReplaceRouteTableAssociation": "Changes the route table associated with a given subnet, internet gateway, or virtual private gateway in a VPC. After the operation completes, the subnet or gateway uses the routes in the new route table. For more information about route tables, see Route Tables in the Amazon Virtual Private Cloud User Guide.
You can also use this operation to change which table is the main route table in the VPC. Specify the main route table's association ID and the route table ID of the new main route table.
", + "ReplaceRoute": "Replaces an existing route within a route table in a VPC. You must provide only one of the following: internet gateway, virtual private gateway, NAT instance, NAT gateway, VPC peering connection, network interface, egress-only internet gateway, or transit gateway.
For more information, see Route tables in the Amazon Virtual Private Cloud User Guide.
", + "ReplaceRouteTableAssociation": "Changes the route table associated with a given subnet, internet gateway, or virtual private gateway in a VPC. After the operation completes, the subnet or gateway uses the routes in the new route table. For more information about route tables, see Route tables in the Amazon Virtual Private Cloud User Guide.
You can also use this operation to change which table is the main route table in the VPC. Specify the main route table's association ID and the route table ID of the new main route table.
", "ReplaceTransitGatewayRoute": "Replaces the specified route in the specified transit gateway route table.
", "ReportInstanceStatus": "Submits feedback about the status of an instance. The instance must be in the running
state. If your experience with the instance differs from the instance status returned by DescribeInstanceStatus, use ReportInstanceStatus to report your experience with the instance. Amazon EC2 collects this information to improve the accuracy of status checks.
Use of this action does not change the value returned by DescribeInstanceStatus.
", "RequestSpotFleet": "Creates a Spot Fleet request.
The Spot Fleet request specifies the total target capacity and the On-Demand target capacity. Amazon EC2 calculates the difference between the total capacity and On-Demand capacity, and launches the difference as Spot capacity.
You can submit a single request that includes multiple launch specifications that vary by instance type, AMI, Availability Zone, or subnet.
By default, the Spot Fleet requests Spot Instances in the Spot Instance pool where the price per unit is the lowest. Each launch specification can include its own instance weighting that reflects the value of the instance type to your application workload.
Alternatively, you can specify that the Spot Fleet distribute the target capacity across the Spot pools included in its launch specifications. By ensuring that the Spot Instances in your Spot Fleet are in different Spot pools, you can improve the availability of your fleet.
You can specify tags for the Spot Fleet request and instances launched by the fleet. You cannot tag other resource types in a Spot Fleet request because only the spot-fleet-request
and instance
resource types are supported.
For more information, see Spot Fleet requests in the Amazon EC2 User Guide for Linux Instances.
", @@ -458,8 +461,8 @@ "StopInstances": "Stops an Amazon EBS-backed instance.
You can use the Stop action to hibernate an instance if the instance is enabled for hibernation and it meets the hibernation prerequisites. For more information, see Hibernate your instance in the Amazon EC2 User Guide.
We don't charge usage for a stopped instance, or data transfer fees; however, your root partition Amazon EBS volume remains and continues to persist your data, and you are charged for Amazon EBS volume usage. Every time you start your instance, Amazon EC2 charges a one-minute minimum for instance usage, and thereafter charges per second for instance usage.
You can't stop or hibernate instance store-backed instances. You can't use the Stop action to hibernate Spot Instances, but you can specify that Amazon EC2 should hibernate Spot Instances when they are interrupted. For more information, see Hibernating interrupted Spot Instances in the Amazon EC2 User Guide.
When you stop or hibernate an instance, we shut it down. You can restart your instance at any time. Before stopping or hibernating an instance, make sure it is in a state from which it can be restarted. Stopping an instance does not preserve data stored in RAM, but hibernating an instance does preserve data stored in RAM. If an instance cannot hibernate successfully, a normal shutdown occurs.
Stopping and hibernating an instance is different to rebooting or terminating it. For example, when you stop or hibernate an instance, the root device and any other devices attached to the instance persist. When you terminate an instance, the root device and any other devices attached during the instance launch are automatically deleted. For more information about the differences between rebooting, stopping, hibernating, and terminating instances, see Instance lifecycle in the Amazon EC2 User Guide.
When you stop an instance, we attempt to shut it down forcibly after a short while. If your instance appears stuck in the stopping state after a period of time, there may be an issue with the underlying host computer. For more information, see Troubleshooting stopping your instance in the Amazon EC2 User Guide.
", "TerminateClientVpnConnections": "Terminates active Client VPN endpoint connections. This action can be used to terminate a specific client connection, or up to five connections established by a specific user.
", "TerminateInstances": "Shuts down the specified instances. This operation is idempotent; if you terminate an instance more than once, each call succeeds.
If you specify multiple instances and the request fails (for example, because of a single incorrect instance ID), none of the instances are terminated.
If you terminate multiple instances across multiple Availability Zones, and one or more of the specified instances are enabled for termination protection, the request fails with the following results:
The specified instances that are in the same Availability Zone as the protected instance are not terminated.
The specified instances that are in different Availability Zones, where no other specified instances are protected, are successfully terminated.
For example, say you have the following instances:
Instance A: us-east-1a
; Not protected
Instance B: us-east-1a
; Not protected
Instance C: us-east-1b
; Protected
Instance D: us-east-1b
; not protected
If you attempt to terminate all of these instances in the same request, the request reports failure with the following results:
Instance A and Instance B are successfully terminated because none of the specified instances in us-east-1a
are enabled for termination protection.
Instance C and Instance D fail to terminate because at least one of the specified instances in us-east-1b
(Instance C) is enabled for termination protection.
Terminated instances remain visible after termination (for approximately one hour).
By default, Amazon EC2 deletes all EBS volumes that were attached when the instance launched. Volumes attached after instance launch continue running.
You can stop, start, and terminate EBS-backed instances. You can only terminate instance store-backed instances. What happens to an instance differs if you stop it or terminate it. For example, when you stop an instance, the root device and any other devices attached to the instance persist. When you terminate an instance, any attached EBS volumes with the DeleteOnTermination
block device mapping parameter set to true
are automatically deleted. For more information about the differences between stopping and terminating instances, see Instance lifecycle in the Amazon EC2 User Guide.
For more information about troubleshooting, see Troubleshooting terminating your instance in the Amazon EC2 User Guide.
", - "UnassignIpv6Addresses": "Unassigns one or more IPv6 addresses from a network interface.
", - "UnassignPrivateIpAddresses": "Unassigns one or more secondary private IP addresses from a network interface.
", + "UnassignIpv6Addresses": "Unassigns one or more IPv6 addresses IPv4 Prefix Delegation prefixes from a network interface.
", + "UnassignPrivateIpAddresses": "Unassigns one or more secondary private IP addresses, or IPv4 Prefix Delegation prefixes from a network interface.
", "UnmonitorInstances": "Disables detailed monitoring for a running instance. For more information, see Monitoring your instances and volumes in the Amazon EC2 User Guide.
", "UpdateSecurityGroupRuleDescriptionsEgress": "[VPC only] Updates the description of an egress (outbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously. You can remove a description for a security group rule by omitting the description parameter in the request.
", "UpdateSecurityGroupRuleDescriptionsIngress": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously. You can remove a description for a security group rule by omitting the description parameter in the request.
", @@ -866,7 +869,7 @@ "ArnList": { "base": null, "refs": { - "NetworkInsightsAnalysis$FilterInArns": "The Amazon Resource Names (ARN) of the AWS resources that the path must traverse.
", + "NetworkInsightsAnalysis$FilterInArns": "The Amazon Resource Names (ARN) of the Amazon Web Services resources that the path must traverse.
", "StartNetworkInsightsAnalysisRequest$FilterInArns": "The Amazon Resource Names (ARN) of the resources that the path must traverse.
" } }, @@ -1496,6 +1499,7 @@ "CreateSnapshotsRequest$DryRun": "Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
If true
, the exchange is valid. If false
, the exchange cannot be completed.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
If true
, access to the EC2 serial console of all instances is enabled for your account. If false
, access to the EC2 serial console of all instances is disabled for your account.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation
. Otherwise, it is UnauthorizedOperation
.
Indicates whether the EBS volume is deleted on instance termination.
", "LaunchTemplateEbsBlockDeviceRequest$Encrypted": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.
", "LaunchTemplateEbsBlockDeviceRequest$DeleteOnTermination": "Indicates whether the EBS volume is deleted on instance termination.
", - "LaunchTemplateEnclaveOptions$Enabled": "If this parameter is set to true
, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.
To enable the instance for AWS Nitro Enclaves, set this parameter to true
.
If this parameter is set to true
, the instance is enabled for Amazon Web Services Nitro Enclaves; otherwise, it is not enabled for Amazon Web Services Nitro Enclaves.
To enable the instance for Amazon Web Services Nitro Enclaves, set this parameter to true
.
If this parameter is set to true
, the instance is enabled for hibernation; otherwise, it is not enabled for hibernation.
If you set this parameter to true
, the instance is enabled for hibernation.
Default: false
Indicates whether to associate a Carrier IP address with eth0 for a new network interface.
Use this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface. For more information about Carrier IP addresses, see Carrier IP addresses in the AWS Wavelength Developer Guide.
", + "LaunchTemplateInstanceNetworkInterfaceSpecification$AssociateCarrierIpAddress": "Indicates whether to associate a Carrier IP address with eth0 for a new network interface.
Use this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface. For more information about Carrier IP addresses, see Carrier IP addresses in the Wavelength Developer Guide.
", "LaunchTemplateInstanceNetworkInterfaceSpecification$AssociatePublicIpAddress": "Indicates whether to associate a public IPv4 address with eth0 for a new network interface.
", "LaunchTemplateInstanceNetworkInterfaceSpecification$DeleteOnTermination": "Indicates whether the network interface is deleted when the instance is terminated.
", - "LaunchTemplateInstanceNetworkInterfaceSpecificationRequest$AssociateCarrierIpAddress": "Associates a Carrier IP address with eth0 for a new network interface.
Use this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface. For more information about Carrier IP addresses, see Carrier IP addresses in the AWS Wavelength Developer Guide.
", + "LaunchTemplateInstanceNetworkInterfaceSpecificationRequest$AssociateCarrierIpAddress": "Associates a Carrier IP address with eth0 for a new network interface.
Use this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface. For more information about Carrier IP addresses, see Carrier IP addresses in the Wavelength Developer Guide.
", "LaunchTemplateInstanceNetworkInterfaceSpecificationRequest$AssociatePublicIpAddress": "Associates a public IPv4 address with eth0 for a new network interface.
", "LaunchTemplateInstanceNetworkInterfaceSpecificationRequest$DeleteOnTermination": "Indicates whether the network interface is deleted when the instance is terminated.
", "LaunchTemplateVersion$DefaultVersion": "Indicates whether the version is the default version.
", @@ -3323,6 +3329,16 @@ "refs": { } }, + "CreateSubnetCidrReservationRequest": { + "base": null, + "refs": { + } + }, + "CreateSubnetCidrReservationResult": { + "base": null, + "refs": { + } + }, "CreateSubnetRequest": { "base": null, "refs": { @@ -4151,6 +4167,16 @@ "refs": { } }, + "DeleteSubnetCidrReservationRequest": { + "base": null, + "refs": { + } + }, + "DeleteSubnetCidrReservationResult": { + "base": null, + "refs": { + } + }, "DeleteSubnetRequest": { "base": null, "refs": { @@ -6990,7 +7016,7 @@ "DescribeAvailabilityZonesRequest$Filters": "The filters.
group-name
- For Availability Zones, use the Region name. For Local Zones, use the name of the group associated with the Local Zone (for example, us-west-2-lax-1
) For Wavelength Zones, use the name of the group associated with the Wavelength Zone (for example, us-east-1-wl1-bos-wlz-1
).
message
- The Zone message.
opt-in-status
- The opt-in status (opted-in
, and not-opted-in
| opt-in-not-required
).
parent-zoneID
- The ID of the zone that handles some of the Local Zone and Wavelength Zone control plane operations, such as API calls.
parent-zoneName
- The ID of the zone that handles some of the Local Zone and Wavelength Zone control plane operations, such as API calls.
region-name
- The name of the Region for the Zone (for example, us-east-1
).
state
- The state of the Availability Zone, the Local Zone, or the Wavelength Zone (available
| information
| impaired
| unavailable
).
zone-id
- The ID of the Availability Zone (for example, use1-az1
), the Local Zone (for example, usw2-lax1-az1
), or the Wavelength Zone (for example, us-east-1-wl1-bos-wlz-1
).
zone-type
- The type of zone, for example, local-zone
.
zone-name
- The name of the Availability Zone (for example, us-east-1a
), the Local Zone (for example, us-west-2-lax-1a
), or the Wavelength Zone (for example, us-east-1-wl1-bos-wlz-1
).
zone-type
- The type of zone, for example, local-zone
.
The filters.
bundle-id
- The ID of the bundle task.
error-code
- If the task failed, the error code returned.
error-message
- If the task failed, the error message returned.
instance-id
- The ID of the instance.
progress
- The level of task completion, as a percentage (for example, 20%).
s3-bucket
- The Amazon S3 bucket to store the AMI.
s3-prefix
- The beginning of the AMI name.
start-time
- The time the task started (for example, 2013-09-15T17:15:20.000Z).
state
- The state of the task (pending
| waiting-for-shutdown
| bundling
| storing
| cancelling
| complete
| failed
).
update-time
- The time of the most recent update for the task.
One or more filters.
instance-type
- The type of instance for which the Capacity Reservation reserves capacity.
owner-id
- The ID of the account that owns the Capacity Reservation.
availability-zone-id
- The Availability Zone ID of the Capacity Reservation.
instance-platform
- The type of operating system for which the Capacity Reservation reserves capacity.
availability-zone
- The Availability Zone ID of the Capacity Reservation.
tenancy
- Indicates the tenancy of the Capacity Reservation. A Capacity Reservation can have one of the following tenancy settings:
default
- The Capacity Reservation is created on hardware that is shared with other accounts.
dedicated
- The Capacity Reservation is created on single-tenant hardware that is dedicated to a single account.
outpost-arn
- The Amazon Resource Name (ARN) of the Outpost on which the Capacity Reservation was created.
state
- The current state of the Capacity Reservation. A Capacity Reservation can be in one of the following states:
active
- The Capacity Reservation is active and the capacity is available for your use.
expired
- The Capacity Reservation expired automatically at the date and time specified in your request. The reserved capacity is no longer available for your use.
cancelled
- The Capacity Reservation was cancelled. The reserved capacity is no longer available for your use.
pending
- The Capacity Reservation request was successful but the capacity provisioning is still pending.
failed
- The Capacity Reservation request has failed. A request might fail due to invalid request parameters, capacity constraints, or instance limit constraints. Failed requests are retained for 60 minutes.
start-date
- The date and time at which the Capacity Reservation was started.
end-date
- The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. The Capacity Reservation's state changes to expired when it reaches its end date and time.
end-date-type
- Indicates the way in which the Capacity Reservation ends. A Capacity Reservation can have one of the following end types:
unlimited
- The Capacity Reservation remains active until you explicitly cancel it.
limited
- The Capacity Reservation expires automatically at a specified date and time.
instance-match-criteria
- Indicates the type of instance launches that the Capacity Reservation accepts. The options include:
open
- The Capacity Reservation accepts all instances that have matching attributes (instance type, platform, and Availability Zone). Instances that have matching attributes launch into the Capacity Reservation automatically without specifying any additional parameters.
targeted
- The Capacity Reservation only accepts instances that have matching attributes (instance type, platform, and Availability Zone), and explicitly target the Capacity Reservation. This ensures that only permitted instances can use the reserved capacity.
One or more filters.
carrier-gateway-id
- The ID of the carrier gateway.
state
- The state of the carrier gateway (pending
| failed
| available
| deleting
| deleted
).
owner-id
- The AWS account ID of the owner of the carrier gateway.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id
- The ID of the VPC associated with the carrier gateway.
One or more filters.
carrier-gateway-id
- The ID of the carrier gateway.
state
- The state of the carrier gateway (pending
| failed
| available
| deleting
| deleted
).
owner-id
- The account ID of the owner of the carrier gateway.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id
- The ID of the VPC associated with the carrier gateway.
One or more filters.
group-id
- The ID of a VPC security group that's associated with the instance.
instance-id
- The ID of the instance.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id
- The ID of the VPC to which the instance is linked.
vpc-id
- The ID of the VPC that the instance is linked to.
One or more filters. Filter names and values are case-sensitive.
description
- The description of the authorization rule.
destination-cidr
- The CIDR of the network to which the authorization rule applies.
group-id
- The ID of the Active Directory group to which the authorization rule grants access.
One or more filters. Filter names and values are case-sensitive.
connection-id
- The ID of the connection.
username
- For Active Directory client authentication, the user name of the client who established the client connection.
One or more filters. Filter names and values are case-sensitive.
association-id
- The ID of the association.
target-network-id
- The ID of the subnet specified as the target network.
vpc-id
- The ID of the VPC in which the target network is located.
The filters. The following are the possible values:
coip-pool.pool-id
coip-pool.local-gateway-route-table-id
One or more filters.
bgp-asn
- The customer gateway's Border Gateway Protocol (BGP) Autonomous System Number (ASN).
customer-gateway-id
- The ID of the customer gateway.
ip-address
- The IP address of the customer gateway's Internet-routable external interface.
state
- The state of the customer gateway (pending
| available
| deleting
| deleted
).
type
- The type of customer gateway. Currently, the only supported type is ipsec.1
.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
One or more filters.
dhcp-options-id
- The ID of a DHCP options set.
key
- The key for one of the options (for example, domain-name
).
value
- The value for one of the options.
owner-id
- The ID of the AWS account that owns the DHCP options set.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
One or more filters.
dhcp-options-id
- The ID of a DHCP options set.
key
- The key for one of the options (for example, domain-name
).
value
- The value for one of the options.
owner-id
- The ID of the account that owns the DHCP options set.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
One or more filters.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
The filters.
availability-zone
- The Availability Zone in which the Elastic Graphics accelerator resides.
elastic-gpu-health
- The status of the Elastic Graphics accelerator (OK
| IMPAIRED
).
elastic-gpu-state
- The state of the Elastic Graphics accelerator (ATTACHED
).
elastic-gpu-type
- The type of Elastic Graphics accelerator; for example, eg1.medium
.
instance-id
- The ID of the instance to which the Elastic Graphics accelerator is associated.
Filter tasks using the task-state
filter and one of the following values: active
, completed
, deleting
, or deleted
.
One or more filters. Filter names and values are case-sensitive.
location
- This depends on the location type. For example, if the location type is region
(default), the location is the Region code (for example, us-east-2
.)
instance-type
- The instance type. For example, c5.2xlarge
.
One or more filters. Filter names and values are case-sensitive.
auto-recovery-supported
- Indicates whether auto recovery is supported (true
| false
).
bare-metal
- Indicates whether it is a bare metal instance type (true
| false
).
burstable-performance-supported
- Indicates whether it is a burstable performance instance type (true
| false
).
current-generation
- Indicates whether this instance type is the latest generation instance type of an instance family (true
| false
).
ebs-info.ebs-optimized-info.baseline-bandwidth-in-mbps
- The baseline bandwidth performance for an EBS-optimized instance type, in Mbps.
ebs-info.ebs-optimized-info.baseline-iops
- The baseline input/output storage operations per second for an EBS-optimized instance type.
ebs-info.ebs-optimized-info.baseline-throughput-in-mbps
- The baseline throughput performance for an EBS-optimized instance type, in MB/s.
ebs-info.ebs-optimized-info.maximum-bandwidth-in-mbps
- The maximum bandwidth performance for an EBS-optimized instance type, in Mbps.
ebs-info.ebs-optimized-info.maximum-iops
- The maximum input/output storage operations per second for an EBS-optimized instance type.
ebs-info.ebs-optimized-info.maximum-throughput-in-mbps
- The maximum throughput performance for an EBS-optimized instance type, in MB/s.
ebs-info.ebs-optimized-support
- Indicates whether the instance type is EBS-optimized (supported
| unsupported
| default
).
ebs-info.encryption-support
- Indicates whether EBS encryption is supported (supported
| unsupported
).
ebs-info.nvme-support
- Indicates whether non-volatile memory express (NVMe) is supported for EBS volumes (required
| supported
| unsupported
).
free-tier-eligible
- Indicates whether the instance type is eligible to use in the free tier (true
| false
).
hibernation-supported
- Indicates whether On-Demand hibernation is supported (true
| false
).
hypervisor
- The hypervisor (nitro
| xen
).
instance-storage-info.disk.count
- The number of local disks.
instance-storage-info.disk.size-in-gb
- The storage size of each instance storage disk, in GB.
instance-storage-info.disk.type
- The storage technology for the local instance storage disks (hdd
| ssd
).
instance-storage-info.nvme-support
- Indicates whether non-volatile memory express (NVMe) is supported for instance store (required
| supported
) | unsupported
).
instance-storage-info.total-size-in-gb
- The total amount of storage available from all local instance storage, in GB.
instance-storage-supported
- Indicates whether the instance type has local instance storage (true
| false
).
instance-type
- The instance type (for example c5.2xlarge
or c5*).
memory-info.size-in-mib
- The memory size.
network-info.efa-info.maximum-efa-interfaces
- The maximum number of Elastic Fabric Adapters (EFAs) per instance.
network-info.efa-supported
- Indicates whether the instance type supports Elastic Fabric Adapter (EFA) (true
| false
).
network-info.ena-support
- Indicates whether Elastic Network Adapter (ENA) is supported or required (required
| supported
| unsupported
).
network-info.ipv4-addresses-per-interface
- The maximum number of private IPv4 addresses per network interface.
network-info.ipv6-addresses-per-interface
- The maximum number of private IPv6 addresses per network interface.
network-info.ipv6-supported
- Indicates whether the instance type supports IPv6 (true
| false
).
network-info.maximum-network-interfaces
- The maximum number of network interfaces per instance.
network-info.network-performance
- The network performance (for example, \"25 Gigabit\").
processor-info.supported-architecture
- The CPU architecture (arm64
| i386
| x86_64
).
processor-info.sustained-clock-speed-in-ghz
- The CPU clock speed, in GHz.
supported-boot-mode
- The boot mode (legacy-bios
| uefi
).
supported-root-device-type
- The root device type (ebs
| instance-store
).
supported-usage-class
- The usage class (on-demand
| spot
).
supported-virtualization-type
- The virtualization type (hvm
| paravirtual
).
vcpu-info.default-cores
- The default number of cores for the instance type.
vcpu-info.default-threads-per-core
- The default number of threads per core for the instance type.
vcpu-info.default-vcpus
- The default number of vCPUs for the instance type.
vcpu-info.valid-cores
- The number of cores that can be configured for the instance type.
vcpu-info.valid-threads-per-core
- The number of threads per core that can be configured for the instance type. For example, \"1\" or \"1,2\".
The filters.
affinity
- The affinity setting for an instance running on a Dedicated Host (default
| host
).
architecture
- The instance architecture (i386
| x86_64
| arm64
).
availability-zone
- The Availability Zone of the instance.
block-device-mapping.attach-time
- The attach time for an EBS volume mapped to the instance, for example, 2010-09-15T17:15:20.000Z
.
block-device-mapping.delete-on-termination
- A Boolean that indicates whether the EBS volume is deleted on instance termination.
block-device-mapping.device-name
- The device name specified in the block device mapping (for example, /dev/sdh
or xvdh
).
block-device-mapping.status
- The status for the EBS volume (attaching
| attached
| detaching
| detached
).
block-device-mapping.volume-id
- The volume ID of the EBS volume.
client-token
- The idempotency token you provided when you launched the instance.
dns-name
- The public DNS name of the instance.
group-id
- The ID of the security group for the instance. EC2-Classic only.
group-name
- The name of the security group for the instance. EC2-Classic only.
hibernation-options.configured
- A Boolean that indicates whether the instance is enabled for hibernation. A value of true
means that the instance is enabled for hibernation.
host-id
- The ID of the Dedicated Host on which the instance is running, if applicable.
hypervisor
- The hypervisor type of the instance (ovm
| xen
). The value xen
is used for both Xen and Nitro hypervisors.
iam-instance-profile.arn
- The instance profile associated with the instance. Specified as an ARN.
image-id
- The ID of the image used to launch the instance.
instance-id
- The ID of the instance.
instance-lifecycle
- Indicates whether this is a Spot Instance or a Scheduled Instance (spot
| scheduled
).
instance-state-code
- The state of the instance, as a 16-bit unsigned integer. The high byte is used for internal purposes and should be ignored. The low byte is set based on the state represented. The valid values are: 0 (pending), 16 (running), 32 (shutting-down), 48 (terminated), 64 (stopping), and 80 (stopped).
instance-state-name
- The state of the instance (pending
| running
| shutting-down
| terminated
| stopping
| stopped
).
instance-type
- The type of instance (for example, t2.micro
).
instance.group-id
- The ID of the security group for the instance.
instance.group-name
- The name of the security group for the instance.
ip-address
- The public IPv4 address of the instance.
kernel-id
- The kernel ID.
key-name
- The name of the key pair used when the instance was launched.
launch-index
- When launching multiple instances, this is the index for the instance in the launch group (for example, 0, 1, 2, and so on).
launch-time
- The time when the instance was launched.
metadata-options.http-tokens
- The metadata request authorization state (optional
| required
)
metadata-options.http-put-response-hop-limit
- The http metadata request put response hop limit (integer, possible values 1
to 64
)
metadata-options.http-endpoint
- Enable or disable metadata access on http endpoint (enabled
| disabled
)
monitoring-state
- Indicates whether detailed monitoring is enabled (disabled
| enabled
).
network-interface.addresses.private-ip-address
- The private IPv4 address associated with the network interface.
network-interface.addresses.primary
- Specifies whether the IPv4 address of the network interface is the primary private IPv4 address.
network-interface.addresses.association.public-ip
- The ID of the association of an Elastic IP address (IPv4) with a network interface.
network-interface.addresses.association.ip-owner-id
- The owner ID of the private IPv4 address associated with the network interface.
network-interface.association.public-ip
- The address of the Elastic IP address (IPv4) bound to the network interface.
network-interface.association.ip-owner-id
- The owner of the Elastic IP address (IPv4) associated with the network interface.
network-interface.association.allocation-id
- The allocation ID returned when you allocated the Elastic IP address (IPv4) for your network interface.
network-interface.association.association-id
- The association ID returned when the network interface was associated with an IPv4 address.
network-interface.attachment.attachment-id
- The ID of the interface attachment.
network-interface.attachment.instance-id
- The ID of the instance to which the network interface is attached.
network-interface.attachment.instance-owner-id
- The owner ID of the instance to which the network interface is attached.
network-interface.attachment.device-index
- The device index to which the network interface is attached.
network-interface.attachment.status
- The status of the attachment (attaching
| attached
| detaching
| detached
).
network-interface.attachment.attach-time
- The time that the network interface was attached to an instance.
network-interface.attachment.delete-on-termination
- Specifies whether the attachment is deleted when an instance is terminated.
network-interface.availability-zone
- The Availability Zone for the network interface.
network-interface.description
- The description of the network interface.
network-interface.group-id
- The ID of a security group associated with the network interface.
network-interface.group-name
- The name of a security group associated with the network interface.
network-interface.ipv6-addresses.ipv6-address
- The IPv6 address associated with the network interface.
network-interface.mac-address
- The MAC address of the network interface.
network-interface.network-interface-id
- The ID of the network interface.
network-interface.owner-id
- The ID of the owner of the network interface.
network-interface.private-dns-name
- The private DNS name of the network interface.
network-interface.requester-id
- The requester ID for the network interface.
network-interface.requester-managed
- Indicates whether the network interface is being managed by Amazon Web Services.
network-interface.status
- The status of the network interface (available
) | in-use
).
network-interface.source-dest-check
- Whether the network interface performs source/destination checking. A value of true
means that checking is enabled, and false
means that checking is disabled. The value must be false
for the network interface to perform network address translation (NAT) in your VPC.
network-interface.subnet-id
- The ID of the subnet for the network interface.
network-interface.vpc-id
- The ID of the VPC for the network interface.
outpost-arn
- The Amazon Resource Name (ARN) of the Outpost.
owner-id
- The account ID of the instance owner.
placement-group-name
- The name of the placement group for the instance.
placement-partition-number
- The partition in which the instance is located.
platform
- The platform. To list only Windows instances, use windows
.
private-dns-name
- The private IPv4 DNS name of the instance.
private-ip-address
- The private IPv4 address of the instance.
product-code
- The product code associated with the AMI used to launch the instance.
product-code.type
- The type of product code (devpay
| marketplace
).
ramdisk-id
- The RAM disk ID.
reason
- The reason for the current state of the instance (for example, shows \"User Initiated [date]\" when you stop or terminate the instance). Similar to the state-reason-code filter.
requester-id
- The ID of the entity that launched the instance on your behalf (for example, Management Console, Auto Scaling, and so on).
reservation-id
- The ID of the instance's reservation. A reservation ID is created any time you launch an instance. A reservation ID has a one-to-one relationship with an instance launch request, but can be associated with more than one instance if you launch multiple instances using the same launch request. For example, if you launch one instance, you get one reservation ID. If you launch ten instances using the same launch request, you also get one reservation ID.
root-device-name
- The device name of the root device volume (for example, /dev/sda1
).
root-device-type
- The type of the root device volume (ebs
| instance-store
).
source-dest-check
- Indicates whether the instance performs source/destination checking. A value of true
means that checking is enabled, and false
means that checking is disabled. The value must be false
for the instance to perform network address translation (NAT) in your VPC.
spot-instance-request-id
- The ID of the Spot Instance request.
state-reason-code
- The reason code for the state change.
state-reason-message
- A message that describes the state change.
subnet-id
- The ID of the subnet for the instance.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources that have a tag with a specific key, regardless of the tag value.
tenancy
- The tenancy of an instance (dedicated
| default
| host
).
virtualization-type
- The virtualization type of the instance (paravirtual
| hvm
).
vpc-id
- The ID of the VPC that the instance is running in.
One or more filters.
attachment.state
- The current state of the attachment between the gateway and the VPC (available
). Present only if a VPC is attached.
attachment.vpc-id
- The ID of an attached VPC.
internet-gateway-id
- The ID of the Internet gateway.
owner-id
- The ID of the AWS account that owns the internet gateway.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
One or more filters.
attachment.state
- The current state of the attachment between the gateway and the VPC (available
). Present only if a VPC is attached.
attachment.vpc-id
- The ID of an attached VPC.
internet-gateway-id
- The ID of the Internet gateway.
owner-id
- The ID of the account that owns the internet gateway.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
One or more filters.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
The filters.
key-pair-id
- The ID of the key pair.
fingerprint
- The fingerprint of the key pair.
key-name
- The name of the key pair.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
One or more filters.
create-time
- The time the launch template version was created.
ebs-optimized
- A boolean that indicates whether the instance is optimized for Amazon EBS I/O.
iam-instance-profile
- The ARN of the IAM instance profile.
image-id
- The ID of the AMI.
instance-type
- The instance type.
is-default-version
- A boolean that indicates whether the launch template version is the default version.
kernel-id
- The kernel ID.
ram-disk-id
- The RAM disk ID.
One or more filters.
owner-id
- The ID of the prefix list owner.
prefix-list-id
- The ID of the prefix list.
prefix-list-name
- The name of the prefix list.
One or more filters.
moving-status
- The status of the Elastic IP address (MovingToVpc
| RestoringToClassic
).
One or more filters.
nat-gateway-id
- The ID of the NAT gateway.
state
- The state of the NAT gateway (pending
| failed
| available
| deleting
| deleted
).
subnet-id
- The ID of the subnet in which the NAT gateway resides.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id
- The ID of the VPC in which the NAT gateway resides.
One or more filters.
association.association-id
- The ID of an association ID for the ACL.
association.network-acl-id
- The ID of the network ACL involved in the association.
association.subnet-id
- The ID of the subnet involved in the association.
default
- Indicates whether the ACL is the default network ACL for the VPC.
entry.cidr
- The IPv4 CIDR range specified in the entry.
entry.icmp.code
- The ICMP code specified in the entry, if any.
entry.icmp.type
- The ICMP type specified in the entry, if any.
entry.ipv6-cidr
- The IPv6 CIDR range specified in the entry.
entry.port-range.from
- The start of the port range specified in the entry.
entry.port-range.to
- The end of the port range specified in the entry.
entry.protocol
- The protocol specified in the entry (tcp
| udp
| icmp
or a protocol number).
entry.rule-action
- Allows or denies the matching traffic (allow
| deny
).
entry.rule-number
- The number of an entry (in other words, rule) in the set of ACL entries.
network-acl-id
- The ID of the network ACL.
owner-id
- The ID of the AWS account that owns the network ACL.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id
- The ID of the VPC for the network ACL.
One or more filters.
association.association-id
- The ID of an association ID for the ACL.
association.network-acl-id
- The ID of the network ACL involved in the association.
association.subnet-id
- The ID of the subnet involved in the association.
default
- Indicates whether the ACL is the default network ACL for the VPC.
entry.cidr
- The IPv4 CIDR range specified in the entry.
entry.icmp.code
- The ICMP code specified in the entry, if any.
entry.icmp.type
- The ICMP type specified in the entry, if any.
entry.ipv6-cidr
- The IPv6 CIDR range specified in the entry.
entry.port-range.from
- The start of the port range specified in the entry.
entry.port-range.to
- The end of the port range specified in the entry.
entry.protocol
- The protocol specified in the entry (tcp
| udp
| icmp
or a protocol number).
entry.rule-action
- Allows or denies the matching traffic (allow
| deny
).
entry.rule-number
- The number of an entry (in other words, rule) in the set of ACL entries.
network-acl-id
- The ID of the network ACL.
owner-id
- The ID of the account that owns the network ACL.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id
- The ID of the VPC for the network ACL.
The filters. The following are possible values:
PathFound - A Boolean value that indicates whether a feasible path is found.
Status - The status of the analysis (running | succeeded | failed).
The filters. The following are possible values:
Destination - The ID of the resource.
DestinationPort - The destination port.
Name - The path name.
Protocol - The protocol.
Source - The ID of the resource.
One or more filters.
network-interface-permission.network-interface-permission-id
- The ID of the permission.
network-interface-permission.network-interface-id
- The ID of the network interface.
network-interface-permission.aws-account-id
- The account ID.
network-interface-permission.aws-service
- The Amazon Web Service.
network-interface-permission.permission
- The type of permission (INSTANCE-ATTACH
| EIP-ASSOCIATE
).
One or more filters.
client-token
- The idempotency token for the modification request.
create-date
- The time when the modification request was created.
effective-date
- The time when the modification becomes effective.
modification-result.reserved-instances-id
- The ID for the Reserved Instances created as part of the modification request. This ID is only available when the status of the modification is fulfilled
.
modification-result.target-configuration.availability-zone
- The Availability Zone for the new Reserved Instances.
modification-result.target-configuration.instance-count
- The number of new Reserved Instances.
modification-result.target-configuration.instance-type
- The instance type of the new Reserved Instances.
modification-result.target-configuration.platform
- The network platform of the new Reserved Instances (EC2-Classic
| EC2-VPC
).
reserved-instances-id
- The ID of the Reserved Instances modified.
reserved-instances-modification-id
- The ID of the modification request.
status
- The status of the Reserved Instances modification request (processing
| fulfilled
| failed
).
status-message
- The reason for the status.
update-date
- The time when the modification request was last updated.
One or more filters.
availability-zone
- The Availability Zone where the Reserved Instance can be used.
duration
- The duration of the Reserved Instance (for example, one year or three years), in seconds (31536000
| 94608000
).
fixed-price
- The purchase price of the Reserved Instance (for example, 9800.0).
instance-type
- The instance type that is covered by the reservation.
marketplace
- Set to true
to show only Reserved Instance Marketplace offerings. When this filter is not used, which is the default behavior, all offerings from both Amazon Web Services and the Reserved Instance Marketplace are listed.
product-description
- The Reserved Instance product platform description. Instances that include (Amazon VPC)
in the product platform description will only be displayed to EC2-Classic account holders and are for use with Amazon VPC. (Linux/UNIX
| Linux/UNIX (Amazon VPC)
| SUSE Linux
| SUSE Linux (Amazon VPC)
| Red Hat Enterprise Linux
| Red Hat Enterprise Linux (Amazon VPC)
| Red Hat Enterprise Linux with HA (Amazon VPC)
| Windows
| Windows (Amazon VPC)
| Windows with SQL Server Standard
| Windows with SQL Server Standard (Amazon VPC)
| Windows with SQL Server Web
| Windows with SQL Server Web (Amazon VPC)
| Windows with SQL Server Enterprise
| Windows with SQL Server Enterprise (Amazon VPC)
)
reserved-instances-offering-id
- The Reserved Instances offering ID.
scope
- The scope of the Reserved Instance (Availability Zone
or Region
).
usage-price
- The usage price of the Reserved Instance, per hour (for example, 0.84).
One or more filters.
availability-zone
- The Availability Zone where the Reserved Instance can be used.
duration
- The duration of the Reserved Instance (one year or three years), in seconds (31536000
| 94608000
).
end
- The time when the Reserved Instance expires (for example, 2015-08-07T11:54:42.000Z).
fixed-price
- The purchase price of the Reserved Instance (for example, 9800.0).
instance-type
- The instance type that is covered by the reservation.
scope
- The scope of the Reserved Instance (Region
or Availability Zone
).
product-description
- The Reserved Instance product platform description. Instances that include (Amazon VPC)
in the product platform description will only be displayed to EC2-Classic account holders and are for use with Amazon VPC (Linux/UNIX
| Linux/UNIX (Amazon VPC)
| SUSE Linux
| SUSE Linux (Amazon VPC)
| Red Hat Enterprise Linux
| Red Hat Enterprise Linux (Amazon VPC)
| Red Hat Enterprise Linux with HA (Amazon VPC)
| Windows
| Windows (Amazon VPC)
| Windows with SQL Server Standard
| Windows with SQL Server Standard (Amazon VPC)
| Windows with SQL Server Web
| Windows with SQL Server Web (Amazon VPC)
| Windows with SQL Server Enterprise
| Windows with SQL Server Enterprise (Amazon VPC)
).
reserved-instances-id
- The ID of the Reserved Instance.
start
- The time at which the Reserved Instance purchase request was placed (for example, 2014-08-07T11:54:42.000Z).
state
- The state of the Reserved Instance (payment-pending
| active
| payment-failed
| retired
).
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
usage-price
- The usage price of the Reserved Instance, per hour (for example, 0.84).
One or more filters.
association.route-table-association-id
- The ID of an association ID for the route table.
association.route-table-id
- The ID of the route table involved in the association.
association.subnet-id
- The ID of the subnet involved in the association.
association.main
- Indicates whether the route table is the main route table for the VPC (true
| false
). Route tables that do not have an association ID are not returned in the response.
owner-id
- The ID of the AWS account that owns the route table.
route-table-id
- The ID of the route table.
route.destination-cidr-block
- The IPv4 CIDR range specified in a route in the table.
route.destination-ipv6-cidr-block
- The IPv6 CIDR range specified in a route in the route table.
route.destination-prefix-list-id
- The ID (prefix) of the AWS service specified in a route in the table.
route.egress-only-internet-gateway-id
- The ID of an egress-only Internet gateway specified in a route in the route table.
route.gateway-id
- The ID of a gateway specified in a route in the table.
route.instance-id
- The ID of an instance specified in a route in the table.
route.nat-gateway-id
- The ID of a NAT gateway.
route.transit-gateway-id
- The ID of a transit gateway.
route.origin
- Describes how the route was created. CreateRouteTable
indicates that the route was automatically created when the route table was created; CreateRoute
indicates that the route was manually added to the route table; EnableVgwRoutePropagation
indicates that the route was propagated by route propagation.
route.state
- The state of a route in the route table (active
| blackhole
). The blackhole state indicates that the route's target isn't available (for example, the specified gateway isn't attached to the VPC, the specified NAT instance has been terminated, and so on).
route.vpc-peering-connection-id
- The ID of a VPC peering connection specified in a route in the table.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id
- The ID of the VPC for the route table.
One or more filters.
association.route-table-association-id
- The ID of an association ID for the route table.
association.route-table-id
- The ID of the route table involved in the association.
association.subnet-id
- The ID of the subnet involved in the association.
association.main
- Indicates whether the route table is the main route table for the VPC (true
| false
). Route tables that do not have an association ID are not returned in the response.
owner-id
- The ID of the account that owns the route table.
route-table-id
- The ID of the route table.
route.destination-cidr-block
- The IPv4 CIDR range specified in a route in the table.
route.destination-ipv6-cidr-block
- The IPv6 CIDR range specified in a route in the route table.
route.destination-prefix-list-id
- The ID (prefix) of the Amazon Web Service specified in a route in the table.
route.egress-only-internet-gateway-id
- The ID of an egress-only Internet gateway specified in a route in the route table.
route.gateway-id
- The ID of a gateway specified in a route in the table.
route.instance-id
- The ID of an instance specified in a route in the table.
route.nat-gateway-id
- The ID of a NAT gateway.
route.transit-gateway-id
- The ID of a transit gateway.
route.origin
- Describes how the route was created. CreateRouteTable
indicates that the route was automatically created when the route table was created; CreateRoute
indicates that the route was manually added to the route table; EnableVgwRoutePropagation
indicates that the route was propagated by route propagation.
route.state
- The state of a route in the route table (active
| blackhole
). The blackhole state indicates that the route's target isn't available (for example, the specified gateway isn't attached to the VPC, the specified NAT instance has been terminated, and so on).
route.vpc-peering-connection-id
- The ID of a VPC peering connection specified in a route in the table.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id
- The ID of the VPC for the route table.
The filters.
availability-zone
- The Availability Zone (for example, us-west-2a
).
instance-type
- The instance type (for example, c4.large
).
network-platform
- The network platform (EC2-Classic
or EC2-VPC
).
platform
- The platform (Linux/UNIX
or Windows
).
The filters.
availability-zone
- The Availability Zone (for example, us-west-2a
).
instance-type
- The instance type (for example, c4.large
).
network-platform
- The network platform (EC2-Classic
or EC2-VPC
).
platform
- The platform (Linux/UNIX
or Windows
).
One or more filters.
group-id
- The ID of the security group.
security-group-rule-id
- The ID of the security group rule.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
One or more filters.
availability-zone-group
- The Availability Zone group.
create-time
- The time stamp when the Spot Instance request was created.
fault-code
- The fault code related to the request.
fault-message
- The fault message related to the request.
instance-id
- The ID of the instance that fulfilled the request.
launch-group
- The Spot Instance launch group.
launch.block-device-mapping.delete-on-termination
- Indicates whether the EBS volume is deleted on instance termination.
launch.block-device-mapping.device-name
- The device name for the volume in the block device mapping (for example, /dev/sdh
or xvdh
).
launch.block-device-mapping.snapshot-id
- The ID of the snapshot for the EBS volume.
launch.block-device-mapping.volume-size
- The size of the EBS volume, in GiB.
launch.block-device-mapping.volume-type
- The type of EBS volume: gp2
for General Purpose SSD, io1
or io2
for Provisioned IOPS SSD, st1
for Throughput Optimized HDD, sc1
for Cold HDD, or standard
for Magnetic.
launch.group-id
- The ID of the security group for the instance.
launch.group-name
- The name of the security group for the instance.
launch.image-id
- The ID of the AMI.
launch.instance-type
- The type of instance (for example, m3.medium
).
launch.kernel-id
- The kernel ID.
launch.key-name
- The name of the key pair the instance launched with.
launch.monitoring-enabled
- Whether detailed monitoring is enabled for the Spot Instance.
launch.ramdisk-id
- The RAM disk ID.
launched-availability-zone
- The Availability Zone in which the request is launched.
network-interface.addresses.primary
- Indicates whether the IP address is the primary private IP address.
network-interface.delete-on-termination
- Indicates whether the network interface is deleted when the instance is terminated.
network-interface.description
- A description of the network interface.
network-interface.device-index
- The index of the device for the network interface attachment on the instance.
network-interface.group-id
- The ID of the security group associated with the network interface.
network-interface.network-interface-id
- The ID of the network interface.
network-interface.private-ip-address
- The primary private IP address of the network interface.
network-interface.subnet-id
- The ID of the subnet for the instance.
product-description
- The product description associated with the instance (Linux/UNIX
| Windows
).
spot-instance-request-id
- The Spot Instance request ID.
spot-price
- The maximum hourly price for any Spot Instance launched to fulfill the request.
state
- The state of the Spot Instance request (open
| active
| closed
| cancelled
| failed
). Spot request status information can help you track your Amazon EC2 Spot Instance requests. For more information, see Spot request status in the Amazon EC2 User Guide for Linux Instances.
status-code
- The short code describing the most recent evaluation of your Spot Instance request.
status-message
- The message explaining the status of the Spot Instance request.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
type
- The type of Spot Instance request (one-time
| persistent
).
valid-from
- The start date of the request.
valid-until
- The end date of the request.
One or more filters.
availability-zone
- The Availability Zone for which prices should be returned.
instance-type
- The type of instance (for example, m3.medium
).
product-description
- The product description for the Spot price (Linux/UNIX
| Red Hat Enterprise Linux
| SUSE Linux
| Windows
| Linux/UNIX (Amazon VPC)
| Red Hat Enterprise Linux (Amazon VPC)
| SUSE Linux (Amazon VPC)
| Windows (Amazon VPC)
).
spot-price
- The Spot price. The value must match exactly (or use wildcards; greater than or less than comparison is not supported).
timestamp
- The time stamp of the Spot price history, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). You can use wildcards (* and ?). Greater than or less than comparison is not supported.
The filters.
task-state
- Returns tasks in a certain state (InProgress
| Completed
| Failed
)
bucket
- Returns task information for tasks that targeted a specific bucket. For the filter value, specify the bucket name.
One or more filters.
availability-zone
- The Availability Zone for the subnet. You can also use availabilityZone
as the filter name.
availability-zone-id
- The ID of the Availability Zone for the subnet. You can also use availabilityZoneId
as the filter name.
available-ip-address-count
- The number of IPv4 addresses in the subnet that are available.
cidr-block
- The IPv4 CIDR block of the subnet. The CIDR block you specify must exactly match the subnet's CIDR block for information to be returned for the subnet. You can also use cidr
or cidrBlock
as the filter names.
default-for-az
- Indicates whether this is the default subnet for the Availability Zone. You can also use defaultForAz
as the filter name.
ipv6-cidr-block-association.ipv6-cidr-block
- An IPv6 CIDR block associated with the subnet.
ipv6-cidr-block-association.association-id
- An association ID for an IPv6 CIDR block associated with the subnet.
ipv6-cidr-block-association.state
- The state of an IPv6 CIDR block associated with the subnet.
outpost-arn
- The Amazon Resource Name (ARN) of the Outpost.
owner-id
- The ID of the AWS account that owns the subnet.
state
- The state of the subnet (pending
| available
).
subnet-arn
- The Amazon Resource Name (ARN) of the subnet.
subnet-id
- The ID of the subnet.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id
- The ID of the VPC for the subnet.
One or more filters.
availability-zone
- The Availability Zone for the subnet. You can also use availabilityZone
as the filter name.
availability-zone-id
- The ID of the Availability Zone for the subnet. You can also use availabilityZoneId
as the filter name.
available-ip-address-count
- The number of IPv4 addresses in the subnet that are available.
cidr-block
- The IPv4 CIDR block of the subnet. The CIDR block you specify must exactly match the subnet's CIDR block for information to be returned for the subnet. You can also use cidr
or cidrBlock
as the filter names.
default-for-az
- Indicates whether this is the default subnet for the Availability Zone. You can also use defaultForAz
as the filter name.
ipv6-cidr-block-association.ipv6-cidr-block
- An IPv6 CIDR block associated with the subnet.
ipv6-cidr-block-association.association-id
- An association ID for an IPv6 CIDR block associated with the subnet.
ipv6-cidr-block-association.state
- The state of an IPv6 CIDR block associated with the subnet.
outpost-arn
- The Amazon Resource Name (ARN) of the Outpost.
owner-id
- The ID of the account that owns the subnet.
state
- The state of the subnet (pending
| available
).
subnet-arn
- The Amazon Resource Name (ARN) of the subnet.
subnet-id
- The ID of the subnet.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id
- The ID of the VPC for the subnet.
The filters.
key
- The tag key.
resource-id
- The ID of the resource.
resource-type
- The resource type (customer-gateway
| dedicated-host
| dhcp-options
| elastic-ip
| fleet
| fpga-image
| host-reservation
| image
| instance
| internet-gateway
| key-pair
| launch-template
| natgateway
| network-acl
| network-interface
| placement-group
| reserved-instances
| route-table
| security-group
| snapshot
| spot-instances-request
| subnet
| volume
| vpc
| vpc-endpoint
| vpc-endpoint-service
| vpc-peering-connection
| vpn-connection
| vpn-gateway
).
tag
:<key> - The key/value combination of the tag. For example, specify \"tag:Owner\" for the filter name and \"TeamA\" for the filter value to find resources with the tag \"Owner=TeamA\".
value
- The tag value.
One or more filters. The possible values are:
description
: The Traffic Mirror filter description.
traffic-mirror-filter-id
: The ID of the Traffic Mirror filter.
One or more filters. The possible values are:
description
: The Traffic Mirror session description.
network-interface-id
: The ID of the Traffic Mirror session network interface.
owner-id
: The ID of the account that owns the Traffic Mirror session.
packet-length
: The assigned number of packets to mirror.
session-number
: The assigned session number.
traffic-mirror-filter-id
: The ID of the Traffic Mirror filter.
traffic-mirror-session-id
: The ID of the Traffic Mirror session.
traffic-mirror-target-id
: The ID of the Traffic Mirror target.
virtual-network-id
: The virtual network ID of the Traffic Mirror session.
One or more filters.
principal
- The ARN of the principal.
principal-type
- The principal type (All
| Service
| OrganizationUnit
| Account
| User
| Role
).
One or more filters.
service-name
- The name of the service.
service-type
- The type of service (Interface
| Gateway
).
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
One or more filters.
service-name
- The name of the service.
vpc-id
- The ID of the VPC in which the endpoint resides.
vpc-endpoint-id
- The ID of the endpoint.
vpc-endpoint-state
- The state of the endpoint (pendingAcceptance
| pending
| available
| deleting
| deleted
| rejected
| failed
).
vpc-endpoint-type
- The type of VPC endpoint (Interface
| Gateway
| GatewayLoadBalancer
).
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
One or more filters.
accepter-vpc-info.cidr-block
- The IPv4 CIDR block of the accepter VPC.
accepter-vpc-info.owner-id
- The AWS account ID of the owner of the accepter VPC.
accepter-vpc-info.vpc-id
- The ID of the accepter VPC.
expiration-time
- The expiration date and time for the VPC peering connection.
requester-vpc-info.cidr-block
- The IPv4 CIDR block of the requester's VPC.
requester-vpc-info.owner-id
- The AWS account ID of the owner of the requester VPC.
requester-vpc-info.vpc-id
- The ID of the requester VPC.
status-code
- The status of the VPC peering connection (pending-acceptance
| failed
| expired
| provisioning
| active
| deleting
| deleted
| rejected
).
status-message
- A message that provides more information about the status of the VPC peering connection, if applicable.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-peering-connection-id
- The ID of the VPC peering connection.
One or more filters.
cidr
- The primary IPv4 CIDR block of the VPC. The CIDR block you specify must exactly match the VPC's CIDR block for information to be returned for the VPC. Must contain the slash followed by one or two digits (for example, /28
).
cidr-block-association.cidr-block
- An IPv4 CIDR block associated with the VPC.
cidr-block-association.association-id
- The association ID for an IPv4 CIDR block associated with the VPC.
cidr-block-association.state
- The state of an IPv4 CIDR block associated with the VPC.
dhcp-options-id
- The ID of a set of DHCP options.
ipv6-cidr-block-association.ipv6-cidr-block
- An IPv6 CIDR block associated with the VPC.
ipv6-cidr-block-association.ipv6-pool
- The ID of the IPv6 address pool from which the IPv6 CIDR block is allocated.
ipv6-cidr-block-association.association-id
- The association ID for an IPv6 CIDR block associated with the VPC.
ipv6-cidr-block-association.state
- The state of an IPv6 CIDR block associated with the VPC.
isDefault
- Indicates whether the VPC is the default VPC.
owner-id
- The ID of the AWS account that owns the VPC.
state
- The state of the VPC (pending
| available
).
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id
- The ID of the VPC.
One or more filters.
accepter-vpc-info.cidr-block
- The IPv4 CIDR block of the accepter VPC.
accepter-vpc-info.owner-id
- The ID of the account that owns the accepter VPC.
accepter-vpc-info.vpc-id
- The ID of the accepter VPC.
expiration-time
- The expiration date and time for the VPC peering connection.
requester-vpc-info.cidr-block
- The IPv4 CIDR block of the requester's VPC.
requester-vpc-info.owner-id
- The ID of the account that owns the requester VPC.
requester-vpc-info.vpc-id
- The ID of the requester VPC.
status-code
- The status of the VPC peering connection (pending-acceptance
| failed
| expired
| provisioning
| active
| deleting
| deleted
| rejected
).
status-message
- A message that provides more information about the status of the VPC peering connection, if applicable.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-peering-connection-id
- The ID of the VPC peering connection.
One or more filters.
cidr
- The primary IPv4 CIDR block of the VPC. The CIDR block you specify must exactly match the VPC's CIDR block for information to be returned for the VPC. Must contain the slash followed by one or two digits (for example, /28
).
cidr-block-association.cidr-block
- An IPv4 CIDR block associated with the VPC.
cidr-block-association.association-id
- The association ID for an IPv4 CIDR block associated with the VPC.
cidr-block-association.state
- The state of an IPv4 CIDR block associated with the VPC.
dhcp-options-id
- The ID of a set of DHCP options.
ipv6-cidr-block-association.ipv6-cidr-block
- An IPv6 CIDR block associated with the VPC.
ipv6-cidr-block-association.ipv6-pool
- The ID of the IPv6 address pool from which the IPv6 CIDR block is allocated.
ipv6-cidr-block-association.association-id
- The association ID for an IPv6 CIDR block associated with the VPC.
ipv6-cidr-block-association.state
- The state of an IPv6 CIDR block associated with the VPC.
is-default
- Indicates whether the VPC is the default VPC.
owner-id
- The ID of the account that owns the VPC.
state
- The state of the VPC (pending
| available
).
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id
- The ID of the VPC.
One or more filters.
customer-gateway-configuration
- The configuration information for the customer gateway.
customer-gateway-id
- The ID of a customer gateway associated with the VPN connection.
state
- The state of the VPN connection (pending
| available
| deleting
| deleted
).
option.static-routes-only
- Indicates whether the connection has static routes only. Used for devices that do not support Border Gateway Protocol (BGP).
route.destination-cidr-block
- The destination CIDR block. This corresponds to the subnet used in a customer data center.
bgp-asn
- The BGP Autonomous System Number (ASN) associated with a BGP device.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
type
- The type of VPN connection. Currently the only supported type is ipsec.1
.
vpn-connection-id
- The ID of the VPN connection.
vpn-gateway-id
- The ID of a virtual private gateway associated with the VPN connection.
transit-gateway-id
- The ID of a transit gateway associated with the VPN connection.
One or more filters.
amazon-side-asn
- The Autonomous System Number (ASN) for the Amazon side of the gateway.
attachment.state
- The current state of the attachment between the gateway and the VPC (attaching
| attached
| detaching
| detached
).
attachment.vpc-id
- The ID of an attached VPC.
availability-zone
- The Availability Zone for the virtual private gateway (if applicable).
state
- The state of the virtual private gateway (pending
| available
| deleting
| deleted
).
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
type
- The type of virtual private gateway. Currently the only supported type is ipsec.1
.
vpn-gateway-id
- The ID of the virtual private gateway.
One or more filters. The possible values are:
attachment.transit-gateway-attachment-id
- The id of the transit gateway attachment.
attachment.resource-id
- The resource id of the transit gateway attachment.
route-search.exact-match
- The exact match of the specified filter.
route-search.longest-prefix-match
- The longest prefix that matches the route.
route-search.subnet-of-match
- The routes with a subnet that match the specified CIDR filter.
route-search.supernet-of-match
- The routes with a CIDR that encompass the CIDR filter. For example, if you have 10.0.1.0/29 and 10.0.1.0/31 routes in your route table and you specify supernet-of-match as 10.0.1.0/30, then the result returns 10.0.1.0/29.
state
- The state of the route (active
| blackhole
).
transit-gateway-route-destination-cidr-block
- The CIDR range.
type
- The type of route (propagated
| static
).
The filters. The following are the possible values:
coip-address-usage.allocation-id
coip-address-usage.aws-account-id
coip-address-usage.aws-service
coip-address-usage.co-ip
One or more filters.
reservationType
- The type of reservation (prefix
| explicit
).
subnet-id
- The ID of the subnet.
tag
:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner
and the value TeamA
, specify tag:Owner
for the filter name and TeamA
for the filter value.
tag-key
- The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
One or more filters. The possible values are:
transit-gateway-route-table-id
- The ID of the transit gateway route table.
One or more filters. The possible values are:
resource-id
- The ID of the resource.
resource-type
- The type of resource. The valid value is: vpc
.
state
- The state of the subnet association. Valid values are associated
| associating
| disassociated
| disassociating
.
subnet-id
- The ID of the subnet.
transit-gateway-attachment-id
- The id of the transit gateway attachment.
One or more filters. The possible values are:
attachment.resource-id
- The ID of the resource for the attachment.
attachment.resource-type
- The type of resource for the attachment. Valid values are vpc
| vpn
| direct-connect-gateway
| peering
.
attachment.transit-gateway-attachment-id
- The ID of the attachment.
is-blackhole
- Whether traffic matching the route is blocked (true
| false
).
prefix-list-id
- The ID of the prefix list.
prefix-list-owner-id
- The ID of the owner of the prefix list.
state
- The state of the prefix list reference (pending
| available
| modifying
| deleting
).
The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned nextToken
value.
The behavior when a Spot Instance is interrupted. The default is terminate
.
Information about an IPv4 delegated prefix.
", + "refs": { + "InstanceIpv4PrefixList$member": null + } + }, + "InstanceIpv4PrefixList": { + "base": null, + "refs": { + "InstanceNetworkInterface$Ipv4Prefixes": "The IPv4 delegated prefixes that are assigned to the network interface.
" + } + }, "InstanceIpv6Address": { "base": "Describes an IPv6 address.
", "refs": { @@ -8648,6 +8703,18 @@ "InstanceIpv6AddressListRequest$member": null } }, + "InstanceIpv6Prefix": { + "base": "Information about an IPv6 delegated prefix.
", + "refs": { + "InstanceIpv6PrefixList$member": null + } + }, + "InstanceIpv6PrefixList": { + "base": null, + "refs": { + "InstanceNetworkInterface$Ipv6Prefixes": "The IPv6 delegated prefixes that are assigned to the network interface.
" + } + }, "InstanceLifecycle": { "base": null, "refs": { @@ -8962,7 +9029,9 @@ "AllocateHostsRequest$Quantity": "The number of Dedicated Hosts to allocate to your account with these parameters.
", "AnalysisAclRule$RuleNumber": "The rule number.
", "AssignIpv6AddressesRequest$Ipv6AddressCount": "The number of additional IPv6 addresses to assign to the network interface. The specified number of IPv6 addresses are assigned in addition to the existing IPv6 addresses that are already assigned to the network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying specific IPv6 addresses.
", + "AssignIpv6AddressesRequest$Ipv6PrefixCount": "The number of IPv6 Prefix Delegation prefixes that AWS automatically assigns to the network interface. You cannot use this option if you use the Ipv6Prefixes
option.
The number of secondary IP addresses to assign to the network interface. You can't specify this parameter when also specifying private IP addresses.
", + "AssignPrivateIpAddressesRequest$Ipv4PrefixCount": "The number of IPv4 Prefix Delegation prefixes that AWS automatically assigns to the network interface. You cannot use this option if you use the Ipv4 Prefixes
option.
The ID of the VLAN. This applies to the VLAN protocol.
", "AssociateTrunkInterfaceRequest$GreKey": "The application key. This applies to the GRE protocol.
", "AttachNetworkInterfaceRequest$DeviceIndex": "The index of the device for the network interface attachment.
", @@ -8988,6 +9057,8 @@ "CreateNetworkAclEntryRequest$RuleNumber": "The rule number for the entry (for example, 100). ACL entries are processed in ascending order by rule number.
Constraints: Positive integer from 1 to 32766. The range 32767 to 65535 is reserved for internal use.
", "CreateNetworkInterfaceRequest$Ipv6AddressCount": "The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying specific IPv6 addresses. If your subnet has the AssignIpv6AddressOnCreation
attribute set to true
, you can specify 0
to override this setting.
The number of secondary private IPv4 addresses to assign to a network interface. When you specify a number of secondary IPv4 addresses, Amazon EC2 selects these IP addresses within the subnet's IPv4 CIDR range. You can't specify this option and specify more than one private IP address using privateIpAddresses
.
The number of IP addresses you can assign to a network interface varies by instance type. For more information, see IP Addresses Per ENI Per Instance Type in the Amazon Virtual Private Cloud User Guide.
", + "CreateNetworkInterfaceRequest$Ipv4PrefixCount": "The number of IPv4 Prefix Delegation prefixes that AWS automatically assigns to the network interface. You cannot use this option if you use the Ipv4 Prefixes
option.
The number of IPv6 Prefix Delegation prefixes that AWS automatically assigns to the network interface. You cannot use this option if you use the Ipv6Prefixes
option.
The number of partitions. Valid only when Strategy is set to partition
.
The number of instances that are a part of a Reserved Instance account to be listed in the Reserved Instance Marketplace. This number should be less than or equal to the instance count associated with the Reserved Instance ID specified in this call.
", "CreateTrafficMirrorFilterRuleRequest$RuleNumber": "The number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.
", @@ -9059,6 +9130,8 @@ "InstanceNetworkInterfaceSpecification$Ipv6AddressCount": "A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.
", "InstanceNetworkInterfaceSpecification$SecondaryPrivateIpAddressCount": "The number of secondary private IPv4 addresses. You can't specify this option and specify more than one private IP address using the private IP addresses option. You cannot specify this option if you're launching more than one instance in a RunInstances request.
", "InstanceNetworkInterfaceSpecification$NetworkCardIndex": "The index of the network card. Some instance types support multiple network cards. The primary network interface must be assigned to network card index 0. The default is network card index 0.
", + "InstanceNetworkInterfaceSpecification$Ipv4PrefixCount": "The number of IPv4 delegated prefixes to be automatically assigned to the network interface. You cannot use this option if you use the Ipv4Prefix
option.
The number of IPv6 delegated prefixes to be automatically assigned to the network interface. You cannot use this option if you use the Ipv6Prefix
option.
The state of the instance as a 16-bit unsigned integer.
The high byte is all of the bits between 2^8 and (2^16)-1, which equals decimal values between 256 and 65,535. These numerical values are used for internal purposes and should be ignored.
The low byte is all of the bits between 2^0 and (2^8)-1, which equals decimal values between 0 and 255.
The valid values for instance-state-code will all be in the range of the low byte and they are:
0
: pending
16
: running
32
: shutting-down
48
: terminated
64
: stopping
80
: stopped
You can ignore the high byte value by zeroing out all of the bits above 2^8 or 256 in decimal.
", "InstanceUsage$UsedInstanceCount": "The number of instances the account currently has in the Capacity Reservation.
", "IpPermission$FromPort": "The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1
indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.
The number of IPv6 addresses for the network interface.
", "LaunchTemplateInstanceNetworkInterfaceSpecification$SecondaryPrivateIpAddressCount": "The number of secondary private IPv4 addresses for the network interface.
", "LaunchTemplateInstanceNetworkInterfaceSpecification$NetworkCardIndex": "The index of the network card.
", + "LaunchTemplateInstanceNetworkInterfaceSpecification$Ipv4PrefixCount": "The number of IPv4 delegated prefixes that AWS automatically assigned to the network interface.
", + "LaunchTemplateInstanceNetworkInterfaceSpecification$Ipv6PrefixCount": "The number of IPv6 delegated prefixes that AWS automatically assigned to the network interface.
", "LaunchTemplateInstanceNetworkInterfaceSpecificationRequest$DeviceIndex": "The device index for the network interface attachment.
", "LaunchTemplateInstanceNetworkInterfaceSpecificationRequest$Ipv6AddressCount": "The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying specific IPv6 addresses.
", "LaunchTemplateInstanceNetworkInterfaceSpecificationRequest$SecondaryPrivateIpAddressCount": "The number of secondary private IPv4 addresses to assign to a network interface.
", "LaunchTemplateInstanceNetworkInterfaceSpecificationRequest$NetworkCardIndex": "The index of the network card. Some instance types support multiple network cards. The primary network interface must be assigned to network card index 0. The default is network card index 0.
", + "LaunchTemplateInstanceNetworkInterfaceSpecificationRequest$Ipv4PrefixCount": "The number of IPv4 delegated prefixes to be automatically assigned to the network interface. You cannot use this option if you use the Ipv4Prefix
option.
The number of IPv6 delegated prefixes to be automatically assigned to the network interface. You cannot use this option if you use the Ipv6Prefix
option.
The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition
.
The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition
.
The required duration for the Spot Instances (also known as Spot blocks), in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).
", @@ -9291,12 +9368,12 @@ "base": null, "refs": { "AnalysisLoadBalancerTarget$Address": "The IP address.
", - "CreateNetworkInsightsPathRequest$SourceIp": "The IP address of the AWS resource that is the source of the path.
", - "CreateNetworkInsightsPathRequest$DestinationIp": "The IP address of the AWS resource that is the destination of the path.
", + "CreateNetworkInsightsPathRequest$SourceIp": "The IP address of the Amazon Web Services resource that is the source of the path.
", + "CreateNetworkInsightsPathRequest$DestinationIp": "The IP address of the Amazon Web Services resource that is the destination of the path.
", "Explanation$Address": "The IPv4 address, in CIDR notation.
", "IpAddressList$member": null, - "NetworkInsightsPath$SourceIp": "The IP address of the AWS resource that is the source of the path.
", - "NetworkInsightsPath$DestinationIp": "The IP address of the AWS resource that is the destination of the path.
" + "NetworkInsightsPath$SourceIp": "The IP address of the Amazon Web Services resource that is the source of the path.
", + "NetworkInsightsPath$DestinationIp": "The IP address of the Amazon Web Services resource that is the destination of the path.
" } }, "IpAddressList": { @@ -9328,6 +9405,17 @@ "UpdateSecurityGroupRuleDescriptionsIngressRequest$IpPermissions": "The IP permissions for the security group rule. You must specify either IP permissions or a description.
" } }, + "IpPrefixList": { + "base": null, + "refs": { + "AssignIpv6AddressesRequest$Ipv6Prefixes": "One or more IPv6 Prefix Delegation prefixes assigned to the network interface. You cannot use this option if you use the Ipv6PrefixCount
option.
The IPv6 Prefix Delegation prefixes that are assigned to the network interface.
", + "AssignPrivateIpAddressesRequest$Ipv4Prefixes": "One or more IPv4 Prefix Delegation prefixes assigned to the network interface. You cannot use this option if you use the Ipv4PrefixCount
option.
One or moreIPv6 Prefix Delegation prefixes to unassign from the network interface.
", + "UnassignIpv6AddressesResult$UnassignedIpv6Prefixes": "The IPv4 Prefix Delegation prefixes that have been unassigned from the network interface.
", + "UnassignPrivateIpAddressesRequest$Ipv4Prefixes": "The IPv4 Prefix Delegation prefixes to unassign from the network interface.
" + } + }, "IpRange": { "base": "Describes an IPv4 range.
", "refs": { @@ -9353,6 +9441,45 @@ "PublicIpv4PoolIdStringList$member": null } }, + "Ipv4PrefixList": { + "base": null, + "refs": { + "CreateNetworkInterfaceRequest$Ipv4Prefixes": "One or moreIPv4 Prefix Delegation prefixes assigned to the network interface. You cannot use this option if you use the Ipv4PrefixCount
option.
One or more IPv4 delegated prefixes to be assigned to the network interface. You cannot use this option if you use the Ipv4PrefixCount
option.
One or more IPv4 delegated prefixes to be assigned to the network interface. You cannot use this option if you use the Ipv4PrefixCount
option.
One or more IPv4 delegated prefixes assigned to the network interface.
" + } + }, + "Ipv4PrefixSpecification": { + "base": "Describes an IPv4 Prefix Delegation.
", + "refs": { + "Ipv4PrefixesList$member": null + } + }, + "Ipv4PrefixSpecificationRequest": { + "base": "Describes the IPv4 Prefix Delegation option for a network interface.
", + "refs": { + "Ipv4PrefixList$member": null + } + }, + "Ipv4PrefixSpecificationResponse": { + "base": "Information about the IPv4 delegated prefixes assigned to a network interface.
", + "refs": { + "Ipv4PrefixListResponse$member": null + } + }, + "Ipv4PrefixesList": { + "base": null, + "refs": { + "AssignPrivateIpAddressesResult$AssignedIpv4Prefixes": "The IPv4 Prefix Delegation prefixes that are assigned to the network interface.
", + "NetworkInterface$Ipv4Prefixes": "The IPv4 Prefix Delegation prefixes that are assigned to the network interface.
" + } + }, "Ipv6Address": { "base": null, "refs": { @@ -9432,6 +9559,44 @@ "DescribeIpv6PoolsResult$Ipv6Pools": "Information about the IPv6 address pools.
" } }, + "Ipv6PrefixList": { + "base": null, + "refs": { + "CreateNetworkInterfaceRequest$Ipv6Prefixes": "One or moreIPv6 Prefix Delegation prefixes assigned to the network interface. You cannot use this option if you use the Ipv6PrefixCount
option.
One or more IPv6 delegated prefixes to be assigned to the network interface. You cannot use this option if you use the Ipv6PrefixCount
option.
One or more IPv6 delegated prefixes to be assigned to the network interface. You cannot use this option if you use the Ipv6PrefixCount
option.
One or more IPv6 delegated prefixes assigned to the network interface.
" + } + }, + "Ipv6PrefixSpecification": { + "base": "Describes the IPv6 Prefix Delegation.
", + "refs": { + "Ipv6PrefixesList$member": null + } + }, + "Ipv6PrefixSpecificationRequest": { + "base": "Describes the IPv4 Prefix Delegation option for a network interface.
", + "refs": { + "Ipv6PrefixList$member": null + } + }, + "Ipv6PrefixSpecificationResponse": { + "base": "Information about the IPv6 delegated prefixes assigned to a network interface.
", + "refs": { + "Ipv6PrefixListResponse$member": null + } + }, + "Ipv6PrefixesList": { + "base": null, + "refs": { + "NetworkInterface$Ipv6Prefixes": "The IPv6 Prefix Delegation prefixes that are assigned to the network interface.
" + } + }, "Ipv6Range": { "base": "[EC2-VPC only] Describes an IPv6 range.
", "refs": { @@ -9518,8 +9683,8 @@ "ImportImageRequest$KmsKeyId": "An identifier for the symmetric AWS Key Management Service (AWS KMS) customer master key (CMK) to use when creating the encrypted AMI. This parameter is only required if you want to use a non-default CMK; if this parameter is not specified, the default CMK for EBS is used. If a KmsKeyId
is specified, the Encrypted
flag must also be set.
The CMK identifier may be provided in any of the following formats:
Key ID
Key alias. The alias ARN contains the arn:aws:kms
namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the alias
namespace, and then the CMK alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.
ARN using key ID. The ID ARN contains the arn:aws:kms
namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the key
namespace, and then the CMK ID. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef.
ARN using key alias. The alias ARN contains the arn:aws:kms
namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the alias
namespace, and then the CMK alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.
AWS parses KmsKeyId
asynchronously, meaning that the action you call may appear to complete even though you provided an invalid identifier. This action will eventually report failure.
The specified CMK must exist in the Region that the AMI is being copied to.
Amazon EBS does not support asymmetric CMKs.
", "ImportImageResult$KmsKeyId": "The identifier for the symmetric AWS Key Management Service (AWS KMS) customer master key (CMK) that was used to create the encrypted AMI.
", "ImportSnapshotRequest$KmsKeyId": "An identifier for the symmetric AWS Key Management Service (AWS KMS) customer master key (CMK) to use when creating the encrypted snapshot. This parameter is only required if you want to use a non-default CMK; if this parameter is not specified, the default CMK for EBS is used. If a KmsKeyId
is specified, the Encrypted
flag must also be set.
The CMK identifier may be provided in any of the following formats:
Key ID
Key alias. The alias ARN contains the arn:aws:kms
namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the alias
namespace, and then the CMK alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.
ARN using key ID. The ID ARN contains the arn:aws:kms
namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the key
namespace, and then the CMK ID. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef.
ARN using key alias. The alias ARN contains the arn:aws:kms
namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the alias
namespace, and then the CMK alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.
AWS parses KmsKeyId
asynchronously, meaning that the action you call may appear to complete even though you provided an invalid identifier. This action will eventually report failure.
The specified CMK must exist in the Region that the snapshot is being copied to.
Amazon EBS does not support asymmetric CMKs.
", - "LaunchTemplateEbsBlockDevice$KmsKeyId": "The ARN of the AWS Key Management Service (AWS KMS) CMK used for encryption.
", - "LaunchTemplateEbsBlockDeviceRequest$KmsKeyId": "The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.
", + "LaunchTemplateEbsBlockDevice$KmsKeyId": "The ARN of the Key Management Service (KMS) CMK used for encryption.
", + "LaunchTemplateEbsBlockDeviceRequest$KmsKeyId": "The ARN of the symmetric Key Management Service (KMS) CMK used for encryption.
", "ModifyEbsDefaultKmsKeyIdRequest$KmsKeyId": "The identifier of the Key Management Service (KMS) KMS key to use for Amazon EBS encryption. If this parameter is not specified, your KMS key for Amazon EBS is used. If KmsKeyId
is specified, the encrypted state must be true
.
You can specify the KMS key using any of the following:
Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.
Key alias. For example, alias/ExampleAlias.
Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab.
Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.
Amazon Web Services authenticates the KMS key asynchronously. Therefore, if you specify an ID, alias, or ARN that is not valid, the action can appear to complete, but eventually fails.
Amazon EBS does not support asymmetric KMS keys.
" } }, @@ -9631,7 +9796,7 @@ "LaunchTemplateCpuOptions": { "base": "The CPU options for the instance.
", "refs": { - "ResponseLaunchTemplateData$CpuOptions": "The CPU options for the instance. For more information, see Optimizing CPU Options in the Amazon Elastic Compute Cloud User Guide.
" + "ResponseLaunchTemplateData$CpuOptions": "The CPU options for the instance. For more information, see Optimizing CPU options in the Amazon Elastic Compute Cloud User Guide.
" } }, "LaunchTemplateCpuOptionsRequest": { @@ -9683,15 +9848,15 @@ } }, "LaunchTemplateEnclaveOptions": { - "base": "Indicates whether the instance is enabled for AWS Nitro Enclaves.
", + "base": "Indicates whether the instance is enabled for Amazon Web Services Nitro Enclaves.
", "refs": { - "ResponseLaunchTemplateData$EnclaveOptions": "Indicates whether the instance is enabled for AWS Nitro Enclaves.
" + "ResponseLaunchTemplateData$EnclaveOptions": "Indicates whether the instance is enabled for Amazon Web Services Nitro Enclaves.
" } }, "LaunchTemplateEnclaveOptionsRequest": { - "base": "Indicates whether the instance is enabled for AWS Nitro Enclaves. For more information, see What is AWS Nitro Enclaves? in the AWS Nitro Enclaves User Guide.
", + "base": "Indicates whether the instance is enabled for Amazon Web Services Nitro Enclaves. For more information, see What is Amazon Web Services Nitro Enclaves? in the Amazon Web Services Nitro Enclaves User Guide.
", "refs": { - "RequestLaunchTemplateData$EnclaveOptions": "Indicates whether the instance is enabled for AWS Nitro Enclaves. For more information, see What is AWS Nitro Enclaves? in the AWS Nitro Enclaves User Guide.
You can't enable AWS Nitro Enclaves and hibernation on the same instance.
" + "RequestLaunchTemplateData$EnclaveOptions": "Indicates whether the instance is enabled for Amazon Web Services Nitro Enclaves. For more information, see What is Amazon Web Services Nitro Enclaves? in the Amazon Web Services Nitro Enclaves User Guide.
You can't enable Amazon Web Services Nitro Enclaves and hibernation on the same instance.
" } }, "LaunchTemplateErrorCode": { @@ -9703,13 +9868,13 @@ "LaunchTemplateHibernationOptions": { "base": "Indicates whether an instance is configured for hibernation.
", "refs": { - "ResponseLaunchTemplateData$HibernationOptions": "Indicates whether an instance is configured for hibernation. For more information, see Hibernate Your Instance in the Amazon Elastic Compute Cloud User Guide.
" + "ResponseLaunchTemplateData$HibernationOptions": "Indicates whether an instance is configured for hibernation. For more information, see Hibernate your instance in the Amazon Elastic Compute Cloud User Guide.
" } }, "LaunchTemplateHibernationOptionsRequest": { "base": "Indicates whether the instance is configured for hibernation. This parameter is valid only if the instance meets the hibernation prerequisites.
", "refs": { - "RequestLaunchTemplateData$HibernationOptions": "Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the hibernation prerequisites. For more information, see Hibernate Your Instance in the Amazon Elastic Compute Cloud User Guide.
" + "RequestLaunchTemplateData$HibernationOptions": "Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the hibernation prerequisites. For more information, see Hibernate your instance in the Amazon Elastic Compute Cloud User Guide.
" } }, "LaunchTemplateHttpTokensState": { @@ -9772,13 +9937,13 @@ "LaunchTemplateInstanceMetadataOptions": { "base": "The metadata options for the instance. For more information, see Instance Metadata and User Data in the Amazon Elastic Compute Cloud User Guide.
", "refs": { - "ResponseLaunchTemplateData$MetadataOptions": "The metadata options for the instance. For more information, see Instance Metadata and User Data in the Amazon Elastic Compute Cloud User Guide.
" + "ResponseLaunchTemplateData$MetadataOptions": "The metadata options for the instance. For more information, see Instance metadata and user data in the Amazon Elastic Compute Cloud User Guide.
" } }, "LaunchTemplateInstanceMetadataOptionsRequest": { "base": "The metadata options for the instance. For more information, see Instance Metadata and User Data in the Amazon Elastic Compute Cloud User Guide.
", "refs": { - "RequestLaunchTemplateData$MetadataOptions": "The metadata options for the instance. For more information, see Instance Metadata and User Data in the Amazon Elastic Compute Cloud User Guide.
" + "RequestLaunchTemplateData$MetadataOptions": "The metadata options for the instance. For more information, see Instance metadata and user data in the Amazon Elastic Compute Cloud User Guide.
" } }, "LaunchTemplateInstanceMetadataOptionsState": { @@ -13944,7 +14109,7 @@ "AnalysisLoadBalancerTarget$AvailabilityZone": "The Availability Zone.
", "AnalysisPacketHeader$Protocol": "The protocol.
", "AnalysisRouteTableRoute$DestinationCidr": "The destination IPv4 address, in CIDR notation.
", - "AnalysisRouteTableRoute$DestinationPrefixListId": "The prefix of the AWS service.
", + "AnalysisRouteTableRoute$DestinationPrefixListId": "The prefix of the Amazon Web Service.
", "AnalysisRouteTableRoute$EgressOnlyInternetGatewayId": "The ID of an egress-only internet gateway.
", "AnalysisRouteTableRoute$GatewayId": "The ID of the gateway, such as an internet gateway or virtual private gateway.
", "AnalysisRouteTableRoute$InstanceId": "The ID of the instance, such as a NAT instance.
", @@ -14045,7 +14210,7 @@ "CapacityReservationTarget$CapacityReservationResourceGroupArn": "The ARN of the Capacity Reservation resource group in which to run the instance.
", "CapacityReservationTargetResponse$CapacityReservationId": "The ID of the targeted Capacity Reservation.
", "CapacityReservationTargetResponse$CapacityReservationResourceGroupArn": "The ARN of the targeted Capacity Reservation group.
", - "CarrierGateway$OwnerId": "The AWS account ID of the owner of the carrier gateway.
", + "CarrierGateway$OwnerId": "The account ID of the owner of the carrier gateway.
", "CertificateAuthentication$ClientRootCertificateChain": "The ARN of the client certificate.
", "CertificateAuthenticationRequest$ClientRootCertificateChainArn": "The ARN of the client certificate. The certificate must be signed by a certificate authority (CA) and it must be provisioned in AWS Certificate Manager (ACM).
", "CidrAuthorizationContext$Message": "The plain-text authorization message for the prefix and account.
", @@ -14131,7 +14296,7 @@ "CreateCapacityReservationRequest$InstanceType": "The instance type for which to reserve capacity. For more information, see Instance types in the Amazon EC2 User Guide.
", "CreateCapacityReservationRequest$AvailabilityZone": "The Availability Zone in which to create the Capacity Reservation.
", "CreateCapacityReservationRequest$AvailabilityZoneId": "The ID of the Availability Zone in which to create the Capacity Reservation.
", - "CreateCarrierGatewayRequest$ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to Ensure Idempotency.
", + "CreateCarrierGatewayRequest$ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to ensure idempotency.
", "CreateClientVpnEndpointRequest$ClientCidrBlock": "The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. The CIDR block should be /22 or greater.
", "CreateClientVpnEndpointRequest$ServerCertificateArn": "The ARN of the server certificate. For more information, see the AWS Certificate Manager User Guide.
", "CreateClientVpnEndpointRequest$Description": "A brief description of the Client VPN endpoint.
", @@ -14145,17 +14310,17 @@ "CreateCustomerGatewayRequest$CertificateArn": "The Amazon Resource Name (ARN) for the customer gateway certificate.
", "CreateCustomerGatewayRequest$DeviceName": "A name for the customer gateway device.
Length Constraints: Up to 255 characters.
", "CreateDefaultSubnetRequest$AvailabilityZone": "The Availability Zone in which to create the default subnet.
", - "CreateEgressOnlyInternetGatewayRequest$ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to Ensure Idempotency.
", + "CreateEgressOnlyInternetGatewayRequest$ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to ensure idempotency.
", "CreateEgressOnlyInternetGatewayResult$ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.
", "CreateFleetError$ErrorCode": "The error code that indicates why the instance could not be launched. For more information about error codes, see Error Codes.
", "CreateFleetError$ErrorMessage": "The error message that describes why the instance could not be launched. For more information about error messages, see Error Codes.
", "CreateFleetRequest$ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see Ensuring Idempotency.
", "CreateFleetRequest$Context": "Reserved.
", - "CreateFlowLogsRequest$ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to Ensure Idempotency.
", + "CreateFlowLogsRequest$ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to ensure idempotency.
", "CreateFlowLogsRequest$DeliverLogsPermissionArn": "The ARN for the IAM role that permits Amazon EC2 to publish flow logs to a CloudWatch Logs log group in your account.
If you specify LogDestinationType
as s3
, do not specify DeliverLogsPermissionArn
or LogGroupName
.
The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs.
If you specify LogDestinationType
as s3
, do not specify DeliverLogsPermissionArn
or LogGroupName
.
Specifies the destination to which the flow log data is to be published. Flow log data can be published to a CloudWatch Logs log group or an Amazon S3 bucket. The value specified for this parameter depends on the value specified for LogDestinationType
.
If LogDestinationType
is not specified or cloud-watch-logs
, specify the Amazon Resource Name (ARN) of the CloudWatch Logs log group. For example, to publish to a log group called my-logs
, specify arn:aws:logs:us-east-1:123456789012:log-group:my-logs
. Alternatively, use LogGroupName
instead.
If LogDestinationType is s3
, specify the ARN of the Amazon S3 bucket. You can also specify a subfolder in the bucket. To specify a subfolder in the bucket, use the following ARN format: bucket_ARN/subfolder_name/
. For example, to specify a subfolder named my-logs
in a bucket named my-bucket
, use the following ARN: arn:aws:s3:::my-bucket/my-logs/
. You cannot use AWSLogs
as a subfolder name. This is a reserved term.
The fields to include in the flow log record, in the order in which they should appear. For a list of available fields, see Flow Log Records. If you omit this parameter, the flow log is created using the default format. If you specify this parameter, you must specify at least one field.
Specify the fields using the ${field-id}
format, separated by spaces. For the AWS CLI, use single quotation marks (' ') to surround the parameter value.
The fields to include in the flow log record, in the order in which they should appear. For a list of available fields, see Flow log records. If you omit this parameter, the flow log is created using the default format. If you specify this parameter, you must specify at least one field.
Specify the fields using the ${field-id}
format, separated by spaces. For the CLI, use single quotation marks (' ') to surround the parameter value.
Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.
", "CreateFpgaImageRequest$Description": "A description for the AFI.
", "CreateFpgaImageRequest$Name": "A name for the AFI.
", @@ -14175,14 +14340,14 @@ "CreateManagedPrefixListRequest$PrefixListName": "A name for the prefix list.
Constraints: Up to 255 characters in length. The name cannot start with com.amazonaws
.
The IP address type.
Valid Values: IPv4
| IPv6
Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see Ensuring Idempotency.
Constraints: Up to 255 UTF-8 characters in length.
", - "CreateNatGatewayRequest$ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to Ensure Idempotency.
Constraint: Maximum 64 ASCII characters.
", + "CreateNatGatewayRequest$ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to ensure idempotency.
Constraint: Maximum 64 ASCII characters.
", "CreateNatGatewayResult$ClientToken": "Unique, case-sensitive identifier to ensure the idempotency of the request. Only returned if a client token was provided in the request.
", "CreateNetworkAclEntryRequest$CidrBlock": "The IPv4 network range to allow or deny, in CIDR notation (for example 172.16.0.0/24
). We modify the specified CIDR block to its canonical form; for example, if you specify 100.68.0.18/18
, we modify it to 100.68.0.0/18
.
The IPv6 network range to allow or deny, in CIDR notation (for example 2001:db8:1234:1a00::/64
).
The protocol number. A value of \"-1\" means all protocols. If you specify \"-1\" or a protocol number other than \"6\" (TCP), \"17\" (UDP), or \"1\" (ICMP), traffic on all ports is allowed, regardless of any ports or ICMP types or codes that you specify. If you specify protocol \"58\" (ICMPv6) and specify an IPv4 CIDR block, traffic for all ICMP types and codes allowed, regardless of any that you specify. If you specify protocol \"58\" (ICMPv6) and specify an IPv6 CIDR block, you must specify an ICMP type and code.
", - "CreateNetworkInsightsPathRequest$Source": "The AWS resource that is the source of the path.
", - "CreateNetworkInsightsPathRequest$Destination": "The AWS resource that is the destination of the path.
", - "CreateNetworkInsightsPathRequest$ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to Ensure Idempotency.
", + "CreateNetworkInsightsPathRequest$Source": "The Amazon Web Services resource that is the source of the path.
", + "CreateNetworkInsightsPathRequest$Destination": "The Amazon Web Services resource that is the destination of the path.
", + "CreateNetworkInsightsPathRequest$ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to ensure idempotency.
", "CreateNetworkInterfacePermissionRequest$AwsAccountId": "The account ID.
", "CreateNetworkInterfacePermissionRequest$AwsService": "The Amazon Web Service. Currently not supported.
", "CreateNetworkInterfaceRequest$Description": "A description for the network interface.
", @@ -14209,11 +14374,13 @@ "CreateSpotDatafeedSubscriptionRequest$Prefix": "The prefix for the data feed file names.
", "CreateStoreImageTaskRequest$Bucket": "The name of the S3 bucket in which the AMI object will be stored. The bucket must be in the Region in which the request is being made. The AMI object appears in the bucket only after the upload task has completed.
", "CreateStoreImageTaskResult$ObjectKey": "The name of the stored AMI object in the S3 bucket.
", - "CreateSubnetRequest$AvailabilityZone": "The Availability Zone or Local Zone for the subnet.
Default: AWS selects one for you. If you create more than one subnet in your VPC, we do not necessarily select a different zone for each subnet.
To create a subnet in a Local Zone, set this value to the Local Zone ID, for example us-west-2-lax-1a
. For information about the Regions that support Local Zones, see Available Regions in the Amazon Elastic Compute Cloud User Guide.
To create a subnet in an Outpost, set this value to the Availability Zone for the Outpost and specify the Outpost ARN.
", + "CreateSubnetCidrReservationRequest$Cidr": "The IPv4 or IPV6 CIDR range to reserve.
", + "CreateSubnetCidrReservationRequest$Description": "The description to assign to the subnet CIDR reservation.
", + "CreateSubnetRequest$AvailabilityZone": "The Availability Zone or Local Zone for the subnet.
Default: Amazon Web Services selects one for you. If you create more than one subnet in your VPC, we do not necessarily select a different zone for each subnet.
To create a subnet in a Local Zone, set this value to the Local Zone ID, for example us-west-2-lax-1a
. For information about the Regions that support Local Zones, see Available Regions in the Amazon Elastic Compute Cloud User Guide.
To create a subnet in an Outpost, set this value to the Availability Zone for the Outpost and specify the Outpost ARN.
", "CreateSubnetRequest$AvailabilityZoneId": "The AZ ID or the Local Zone ID of the subnet.
", - "CreateSubnetRequest$CidrBlock": "The IPv4 network range for the subnet, in CIDR notation. For example, 10.0.0.0/24
. We modify the specified CIDR block to its canonical form; for example, if you specify 100.68.0.18/18
, we modify it to 100.68.0.0/18
.
The IPv6 network range for the subnet, in CIDR notation. The subnet size must use a /64 prefix length.
", "CreateSubnetRequest$OutpostArn": "The Amazon Resource Name (ARN) of the Outpost. If you specify an Outpost ARN, you must also specify the Availability Zone of the Outpost subnet.
", + "CreateSubnetRequest$CidrBlock": "The IPv4 network range for the subnet, in CIDR notation. For example, 10.0.0.0/24
. We modify the specified CIDR block to its canonical form; for example, if you specify 100.68.0.18/18
, we modify it to 100.68.0.0/18
.
The description of the Traffic Mirror filter.
", "CreateTrafficMirrorFilterRequest$ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to Ensure Idempotency.
", "CreateTrafficMirrorFilterResult$ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to Ensure Idempotency.
", @@ -14249,7 +14416,7 @@ "CreateVpcEndpointServiceConfigurationRequest$PrivateDnsName": "(Interface endpoint configuration) The private DNS name to assign to the VPC endpoint service.
", "CreateVpcEndpointServiceConfigurationRequest$ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to Ensure Idempotency.
", "CreateVpcEndpointServiceConfigurationResult$ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.
", - "CreateVpcPeeringConnectionRequest$PeerOwnerId": "The AWS account ID of the owner of the accepter VPC.
Default: Your AWS account ID
", + "CreateVpcPeeringConnectionRequest$PeerOwnerId": "The account ID of the owner of the accepter VPC.
Default: Your account ID
", "CreateVpcPeeringConnectionRequest$PeerVpcId": "The ID of the VPC with which you are creating the VPC peering connection. You must specify this parameter in the request.
", "CreateVpcPeeringConnectionRequest$PeerRegion": "The Region code for the accepter VPC, if the accepter VPC is located in a Region other than the Region in which you make the request.
Default: The Region in which you make the request.
", "CreateVpcRequest$CidrBlock": "The IPv4 network range for the VPC, in CIDR notation. For example, 10.0.0.0/16
. We modify the specified CIDR block to its canonical form; for example, if you specify 100.68.0.18/18
, we modify it to 100.68.0.0/18
.
The device name.
", "DhcpConfiguration$Key": "The name of a DHCP option.
", "DhcpOptions$DhcpOptionsId": "The ID of the set of DHCP options.
", - "DhcpOptions$OwnerId": "The ID of the AWS account that owns the DHCP options set.
", + "DhcpOptions$OwnerId": "The ID of the account that owns the DHCP options set.
", "DirectoryServiceAuthentication$DirectoryId": "The ID of the Active Directory used for authentication.
", "DirectoryServiceAuthenticationRequest$DirectoryId": "The ID of the Active Directory to be used for authentication.
", "DisableFastSnapshotRestoreErrorItem$SnapshotId": "The ID of the snapshot.
", @@ -14616,6 +14783,8 @@ "GetReservedInstancesExchangeQuoteResult$CurrencyCode": "The currency of the transaction.
", "GetReservedInstancesExchangeQuoteResult$PaymentDue": "The total true upfront charge for the exchange.
", "GetReservedInstancesExchangeQuoteResult$ValidationFailureReason": "Describes the reason why the exchange cannot be completed.
", + "GetSubnetCidrReservationsRequest$NextToken": "The token for the next page of results.
", + "GetSubnetCidrReservationsResult$NextToken": "The token to use to retrieve the next page of results. This value is null
when there are no more results to return.
The token for the next page of results.
", "GetTransitGatewayAttachmentPropagationsResult$NextToken": "The token to use to retrieve the next page of results. This value is null
when there are no more results to return.
The token for the next page of results.
", @@ -14762,8 +14931,10 @@ "InstanceEventWindow$Name": "The name of the event window.
", "InstanceExportDetails$InstanceId": "The ID of the resource being exported.
", "InstanceFamilyCreditSpecification$CpuCredits": "The default credit option for CPU usage of the instance family. Valid values are standard
and unlimited
.
One or more IPv4 delegated prefixes assigned to the network interface.
", "InstanceIpv6Address$Ipv6Address": "The IPv6 address.
", "InstanceIpv6AddressRequest$Ipv6Address": "The IPv6 address.
", + "InstanceIpv6Prefix$Ipv6Prefix": "One or more IPv6 delegated prefixes assigned to the network interface.
", "InstanceMonitoring$InstanceId": "The ID of the instance.
", "InstanceNetworkInterface$Description": "The description.
", "InstanceNetworkInterface$MacAddress": "The MAC address.
", @@ -14794,18 +14965,25 @@ "InstanceTagKeySet$member": null, "InstanceUsage$AccountId": "The ID of the account that is making use of the Capacity Reservation.
", "InternetGateway$InternetGatewayId": "The ID of the internet gateway.
", - "InternetGateway$OwnerId": "The ID of the AWS account that owns the internet gateway.
", + "InternetGateway$OwnerId": "The ID of the account that owns the internet gateway.
", "InternetGatewayAttachment$VpcId": "The ID of the VPC.
", "IpPermission$IpProtocol": "The IP protocol name (tcp
, udp
, icmp
, icmpv6
) or number (see Protocol Numbers).
[VPC only] Use -1
to specify all protocols. When authorizing security group rules, specifying -1
or a protocol number other than tcp
, udp
, icmp
, or icmpv6
allows traffic on all ports, regardless of any port range you specify. For tcp
, udp
, and icmp
, you must specify a port range. For icmpv6
, the port range is optional; if you omit the port range, traffic for all types and codes is allowed.
The IPv4 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv4 address, use the /32 prefix length.
", "IpRange$Description": "A description for the security group rule that references this IPv4 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
", "IpRanges$member": null, + "Ipv4PrefixSpecification$Ipv4Prefix": "The IPv4 Prefix Delegation prefix. For information, see Prefix Delegation in the Amazon Elastic Compute Cloud User Guide.
", + "Ipv4PrefixSpecificationRequest$Ipv4Prefix": "The IPv4 Prefix Delegation prefix. For information, see Prefix Delegation in the Amazon Elastic Compute Cloud User Guide.
", + "Ipv4PrefixSpecificationResponse$Ipv4Prefix": "One or more IPv4 delegated prefixes assigned to the network interface.
", "Ipv6AddressList$member": null, "Ipv6CidrAssociation$Ipv6Cidr": "The IPv6 CIDR block.
", "Ipv6CidrAssociation$AssociatedResource": "The resource that's associated with the IPv6 CIDR block.
", "Ipv6CidrBlock$Ipv6CidrBlock": "The IPv6 CIDR block.
", "Ipv6Pool$PoolId": "The ID of the address pool.
", "Ipv6Pool$Description": "The description for the address pool.
", + "Ipv6PrefixSpecification$Ipv6Prefix": "The IPv6 Prefix Delegation prefix.
", + "Ipv6PrefixSpecificationRequest$Ipv6Prefix": "The IPv6 Prefix Delegation prefix.
", + "Ipv6PrefixSpecificationResponse$Ipv6Prefix": "One or more IPv6 delegated prefixes assigned to the network interface.
", "Ipv6Range$CidrIpv6": "The IPv6 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv6 address, use the /128 prefix length.
", "Ipv6Range$Description": "A description for the security group rule that references this IPv6 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
", "KeyPair$KeyFingerprint": "The SHA-1 digest of the DER encoded private key.
", @@ -14957,7 +15135,7 @@ "NatGatewayAddress$PublicIp": "[Public NAT gateway only] The Elastic IP address associated with the NAT gateway.
", "NetworkAcl$NetworkAclId": "The ID of the network ACL.
", "NetworkAcl$VpcId": "The ID of the VPC for the network ACL.
", - "NetworkAcl$OwnerId": "The ID of the AWS account that owns the network ACL.
", + "NetworkAcl$OwnerId": "The ID of the account that owns the network ACL.
", "NetworkAclAssociation$NetworkAclAssociationId": "The ID of the association between a network ACL and a subnet.
", "NetworkAclAssociation$NetworkAclId": "The ID of the network ACL.
", "NetworkAclAssociation$SubnetId": "The ID of the subnet.
", @@ -14965,8 +15143,8 @@ "NetworkAclEntry$Ipv6CidrBlock": "The IPv6 network range to allow or deny, in CIDR notation.
", "NetworkAclEntry$Protocol": "The protocol number. A value of \"-1\" means all protocols.
", "NetworkInsightsAnalysis$StatusMessage": "The status message, if the status is failed
.
The AWS resource that is the source of the path.
", - "NetworkInsightsPath$Destination": "The AWS resource that is the destination of the path.
", + "NetworkInsightsPath$Source": "The Amazon Web Services resource that is the source of the path.
", + "NetworkInsightsPath$Destination": "The Amazon Web Services resource that is the destination of the path.
", "NetworkInterface$AvailabilityZone": "The Availability Zone.
", "NetworkInterface$Description": "A description.
", "NetworkInterface$MacAddress": "The MAC address.
", @@ -15164,11 +15342,11 @@ "RevokeSecurityGroupIngressRequest$SourceSecurityGroupOwnerId": "[EC2-Classic] The Amazon Web Services account ID of the source security group, if the source security group is in a different account. You can't specify this parameter in combination with the following parameters: the CIDR IP address range, the IP protocol, the start of the port range, and the end of the port range. To revoke a specific rule for an IP protocol and port range, use a set of IP permissions instead.
", "Route$DestinationCidrBlock": "The IPv4 CIDR block used for the destination match.
", "Route$DestinationIpv6CidrBlock": "The IPv6 CIDR block used for the destination match.
", - "Route$DestinationPrefixListId": "The prefix of the AWS service.
", + "Route$DestinationPrefixListId": "The prefix of the Amazon Web Service.
", "Route$EgressOnlyInternetGatewayId": "The ID of the egress-only internet gateway.
", "Route$GatewayId": "The ID of a gateway attached to your VPC.
", "Route$InstanceId": "The ID of a NAT instance in your VPC.
", - "Route$InstanceOwnerId": "The AWS account ID of the owner of the instance.
", + "Route$InstanceOwnerId": "The ID of account that owns the instance.
", "Route$NatGatewayId": "The ID of a NAT gateway.
", "Route$TransitGatewayId": "The ID of a transit gateway.
", "Route$LocalGatewayId": "The ID of the local gateway.
", @@ -15176,7 +15354,7 @@ "Route$VpcPeeringConnectionId": "The ID of a VPC peering connection.
", "RouteTable$RouteTableId": "The ID of the route table.
", "RouteTable$VpcId": "The ID of the VPC.
", - "RouteTable$OwnerId": "The ID of the AWS account that owns the route table.
", + "RouteTable$OwnerId": "The ID of the account that owns the route table.
", "RouteTableAssociation$RouteTableAssociationId": "The ID of the association.
", "RouteTableAssociation$RouteTableId": "The ID of the route table.
", "RouteTableAssociation$SubnetId": "The ID of the subnet. A subnet ID is not returned for an implicit association.
", @@ -15330,7 +15508,7 @@ "StaleSecurityGroup$GroupName": "The name of the security group.
", "StaleSecurityGroup$VpcId": "The ID of the VPC for the security group.
", "StartInstancesRequest$AdditionalInfo": "Reserved.
", - "StartNetworkInsightsAnalysisRequest$ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to Ensure Idempotency.
", + "StartNetworkInsightsAnalysisRequest$ClientToken": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to ensure idempotency.
", "StateReason$Code": "The reason code for the state change.
", "StateReason$Message": "The message for the state change.
Server.InsufficientInstanceCapacity
: There was insufficient capacity available to satisfy the launch request.
Server.InternalError
: An internal error caused the instance to terminate during launch.
Server.ScheduledStop
: The instance was stopped due to a scheduled retirement.
Server.SpotInstanceShutdown
: The instance was stopped because the number of Spot requests with a maximum price equal to or higher than the Spot price exceeded available capacity or because of an increase in the Spot price.
Server.SpotInstanceTermination
: The instance was terminated because the number of Spot requests with a maximum price equal to or higher than the Spot price exceeded available capacity or because of an increase in the Spot price.
Client.InstanceInitiatedShutdown
: The instance was shut down using the shutdown -h
command from the instance.
Client.InstanceTerminated
: The instance was terminated or rebooted during AMI creation.
Client.InternalError
: A client error caused the instance to terminate during launch.
Client.InvalidSnapshot.NotFound
: The specified snapshot was not found.
Client.UserInitiatedHibernate
: Hibernation was initiated on the instance.
Client.UserInitiatedShutdown
: The instance was shut down using the Amazon EC2 API.
Client.VolumeLimitExceeded
: The limit on the number of EBS volumes or total storage was exceeded. Decrease usage or request an increase in your account limits.
The name of the S3 bucket.
", @@ -15346,11 +15524,14 @@ "Subnet$CidrBlock": "The IPv4 CIDR block assigned to the subnet.
", "Subnet$SubnetId": "The ID of the subnet.
", "Subnet$VpcId": "The ID of the VPC the subnet is in.
", - "Subnet$OwnerId": "The ID of the AWS account that owns the subnet.
", + "Subnet$OwnerId": "The ID of the account that owns the subnet.
", "Subnet$SubnetArn": "The Amazon Resource Name (ARN) of the subnet.
", "Subnet$OutpostArn": "The Amazon Resource Name (ARN) of the Outpost.
", "SubnetAssociation$SubnetId": "The ID of the subnet.
", "SubnetCidrBlockState$StatusMessage": "A message about the status of the CIDR block, if applicable.
", + "SubnetCidrReservation$Cidr": "The CIDR that has been reserved.
", + "SubnetCidrReservation$OwnerId": "The ID of the account that owns the subnet CIDR reservation.
", + "SubnetCidrReservation$Description": "The description assigned to the subnet CIDR reservation.
", "SubnetIpv6CidrBlockAssociation$Ipv6CidrBlock": "The IPv6 CIDR block.
", "SuccessfulInstanceCreditSpecificationItem$InstanceId": "The ID of the instance.
", "SuccessfulQueuedPurchaseDeletion$ReservedInstancesId": "The ID of the Reserved Instance.
", @@ -15511,7 +15692,7 @@ "Vpc$CidrBlock": "The primary IPv4 CIDR block for the VPC.
", "Vpc$DhcpOptionsId": "The ID of the set of DHCP options you've associated with the VPC.
", "Vpc$VpcId": "The ID of the VPC.
", - "Vpc$OwnerId": "The ID of the AWS account that owns the VPC.
", + "Vpc$OwnerId": "The ID of the account that owns the VPC.
", "VpcAttachment$VpcId": "The ID of the VPC.
", "VpcCidrBlockAssociation$AssociationId": "The association ID for the IPv4 CIDR block.
", "VpcCidrBlockAssociation$CidrBlock": "The IPv4 CIDR block.
", @@ -15532,7 +15713,7 @@ "VpcPeeringConnection$VpcPeeringConnectionId": "The ID of the VPC peering connection.
", "VpcPeeringConnectionStateReason$Message": "A message that provides more information about the status, if applicable.
", "VpcPeeringConnectionVpcInfo$CidrBlock": "The IPv4 CIDR block for the VPC.
", - "VpcPeeringConnectionVpcInfo$OwnerId": "The AWS account ID of the VPC owner.
", + "VpcPeeringConnectionVpcInfo$OwnerId": "The ID of the account that owns the VPC.
", "VpcPeeringConnectionVpcInfo$VpcId": "The ID of the VPC.
", "VpcPeeringConnectionVpcInfo$Region": "The Region in which the VPC is located.
", "VpnConnection$CustomerGatewayConfiguration": "The configuration information for the VPN connection's customer gateway (in the native XML format). This element is always present in the CreateVpnConnection response; however, it's present in the DescribeVpnConnections response only if the VPN connection is in the pending
or available
state.
The state of a CIDR block.
" } }, + "SubnetCidrReservation": { + "base": "Describes a subnet CIDR reservation.
", + "refs": { + "CreateSubnetCidrReservationResult$SubnetCidrReservation": "Information about the created subnet CIDR reservation.
", + "DeleteSubnetCidrReservationResult$DeletedSubnetCidrReservation": "Information about the deleted subnet CIDR reservation.
", + "SubnetCidrReservationList$member": null + } + }, + "SubnetCidrReservationId": { + "base": null, + "refs": { + "DeleteSubnetCidrReservationRequest$SubnetCidrReservationId": "The ID of the subnet CIDR reservation.
", + "SubnetCidrReservation$SubnetCidrReservationId": "The ID of the subnet CIDR reservation.
" + } + }, + "SubnetCidrReservationList": { + "base": null, + "refs": { + "GetSubnetCidrReservationsResult$SubnetIpv4CidrReservations": "Information about the IPv4 subnet CIDR reservations.
", + "GetSubnetCidrReservationsResult$SubnetIpv6CidrReservations": "Information about the IPv6 subnet CIDR reservations.
" + } + }, + "SubnetCidrReservationType": { + "base": null, + "refs": { + "CreateSubnetCidrReservationRequest$ReservationType": "The type of reservation.
The following are valid values:
prefix
: The Amazon EC2 Prefix Delegation feature assigns the IP addresses to network interfaces that are associated with an instance. For information about Prefix Delegation, see Prefix Delegation for Amazon EC2 network interfaces in the Amazon Elastic Compute Cloud User Guide.
explicit
: You manually assign the IP addresses to resources that reside in your subnet.
The type of reservation.
" + } + }, "SubnetId": { "base": null, "refs": { @@ -15617,9 +15827,11 @@ "CreateClientVpnRouteRequest$TargetVpcSubnetId": "The ID of the subnet through which you want to route traffic. The specified subnet must be an existing target network of the Client VPN endpoint.
Alternatively, if you're adding a route for the local network, specify local
.
The subnet in which to create the NAT gateway.
", "CreateNetworkInterfaceRequest$SubnetId": "The ID of the subnet to associate with the network interface.
", + "CreateSubnetCidrReservationRequest$SubnetId": "The ID of the subnet.
", "DeleteClientVpnRouteRequest$TargetVpcSubnetId": "The ID of the target subnet used by the route.
", "DeleteSubnetRequest$SubnetId": "The ID of the subnet.
", "FleetLaunchTemplateOverridesRequest$SubnetId": "The IDs of the subnets in which to launch the instances. Separate multiple subnet IDs using commas (for example, subnet-1234abcdeexample1, subnet-0987cdef6example2
). A request of type instant
can have only one subnet ID.
The ID of the subnet.
", "ImportInstanceLaunchSpecification$SubnetId": "[EC2-VPC] The ID of the subnet in which to launch the instance.
", "LaunchTemplateInstanceNetworkInterfaceSpecification$SubnetId": "The ID of the subnet for the network interface.
", "LaunchTemplateInstanceNetworkInterfaceSpecificationRequest$SubnetId": "The ID of the subnet for the network interface.
", @@ -15628,6 +15840,7 @@ "RunInstancesRequest$SubnetId": "[EC2-VPC] The ID of the subnet to launch the instance into.
If you specify a network interface, you must specify any subnets as part of the network interface.
", "ScheduledInstancesLaunchSpecification$SubnetId": "The ID of the subnet in which to launch the instances.
", "ScheduledInstancesNetworkInterface$SubnetId": "The ID of the subnet.
", + "SubnetCidrReservation$SubnetId": "The ID of the subnet.
", "SubnetIdStringList$member": null, "TransitGatewaySubnetIdList$member": null, "VpcEndpointSubnetIdList$member": null @@ -15785,6 +15998,7 @@ "SpotFleetTagSpecification$Tags": "The tags.
", "SpotInstanceRequest$Tags": "Any tags assigned to the resource.
", "Subnet$Tags": "Any tags assigned to the subnet.
", + "SubnetCidrReservation$Tags": "The tags assigned to the subnet CIDR reservation.
", "TagSpecification$Tags": "The tags to apply to the resource.
", "TrafficMirrorFilter$Tags": "The tags assigned to the Traffic Mirror filter.
", "TrafficMirrorSession$Tags": "The tags assigned to the Traffic Mirror session.
", @@ -15849,6 +16063,7 @@ "CreateSecurityGroupRequest$TagSpecifications": "The tags to assign to the security group.
", "CreateSnapshotRequest$TagSpecifications": "The tags to apply to the snapshot during creation.
", "CreateSnapshotsRequest$TagSpecifications": "Tags to apply to every snapshot specified by the instance.
", + "CreateSubnetCidrReservationRequest$TagSpecifications": "The tags to assign to the subnet CIDR reservation.
", "CreateSubnetRequest$TagSpecifications": "The tags to assign to the subnet.
", "CreateTrafficMirrorFilterRequest$TagSpecifications": "The tags to assign to a Traffic Mirror filter.
", "CreateTrafficMirrorSessionRequest$TagSpecifications": "The tags to assign to a Traffic Mirror session.
", @@ -16950,7 +17165,7 @@ } }, "UnsuccessfulItemError": { - "base": "Information about the error that occurred. For more information about errors, see Error Codes.
", + "base": "Information about the error that occurred. For more information about errors, see Error codes.
", "refs": { "UnsuccessfulItem$Error": "Information about the error.
" } diff --git a/models/apis/elasticloadbalancingv2/2015-12-01/docs-2.json b/models/apis/elasticloadbalancingv2/2015-12-01/docs-2.json index ce270e837b..764b68c258 100644 --- a/models/apis/elasticloadbalancingv2/2015-12-01/docs-2.json +++ b/models/apis/elasticloadbalancingv2/2015-12-01/docs-2.json @@ -901,7 +901,7 @@ "LoadBalancerAttributeKey": { "base": null, "refs": { - "LoadBalancerAttribute$Key": "The name of the attribute.
The following attribute is supported by all load balancers:
deletion_protection.enabled
- Indicates whether deletion protection is enabled. The value is true
or false
. The default is false
.
The following attributes are supported by both Application Load Balancers and Network Load Balancers:
access_logs.s3.enabled
- Indicates whether access logs are enabled. The value is true
or false
. The default is false
.
access_logs.s3.bucket
- The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.
access_logs.s3.prefix
- The prefix for the location in the S3 bucket for the access logs.
The following attributes are supported by only Application Load Balancers:
idle_timeout.timeout_seconds
- The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds.
routing.http.desync_mitigation_mode
- Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are monitor
, defensive
, and strictest
. The default is defensive
.
routing.http.drop_invalid_header_fields.enabled
- Indicates whether HTTP headers with invalid header fields are removed by the load balancer (true
) or routed to targets (false
). The default is false
.
Indicates whether the two headers (x-amzn-tls-version
and x-amzn-tls-cipher-suite
), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. The x-amzn-tls-version
header has information about the TLS protocol version negotiated with the client, and the x-amzn-tls-cipher-suite
header has information about the cipher suite negotiated with the client. Both headers are in OpenSSL format. The possible values for the attribute are true
and false
. The default is false
.
routing.http2.enabled
- Indicates whether HTTP/2 is enabled. The value is true
or false
. The default is true
. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens.
waf.fail_open.enabled
- Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to Amazon Web Services WAF. The value is true
or false
. The default is false
.
The following attribute is supported by Network Load Balancers and Gateway Load Balancers:
load_balancing.cross_zone.enabled
- Indicates whether cross-zone load balancing is enabled. The value is true
or false
. The default is false
.
The name of the attribute.
The following attribute is supported by all load balancers:
deletion_protection.enabled
- Indicates whether deletion protection is enabled. The value is true
or false
. The default is false
.
The following attributes are supported by both Application Load Balancers and Network Load Balancers:
access_logs.s3.enabled
- Indicates whether access logs are enabled. The value is true
or false
. The default is false
.
access_logs.s3.bucket
- The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.
access_logs.s3.prefix
- The prefix for the location in the S3 bucket for the access logs.
The following attributes are supported by only Application Load Balancers:
idle_timeout.timeout_seconds
- The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds.
routing.http.desync_mitigation_mode
- Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are monitor
, defensive
, and strictest
. The default is defensive
.
routing.http.drop_invalid_header_fields.enabled
- Indicates whether HTTP headers with invalid header fields are removed by the load balancer (true
) or routed to targets (false
). The default is false
.
routing.http.x_amzn_tls_version_and_cipher_suite.enabled
- Indicates whether the two headers (x-amzn-tls-version
and x-amzn-tls-cipher-suite
), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. The x-amzn-tls-version
header has information about the TLS protocol version negotiated with the client, and the x-amzn-tls-cipher-suite
header has information about the cipher suite negotiated with the client. Both headers are in OpenSSL format. The possible values for the attribute are true
and false
. The default is false
.
routing.http2.enabled
- Indicates whether HTTP/2 is enabled. The value is true
or false
. The default is true
. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens.
waf.fail_open.enabled
- Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to Amazon Web Services WAF. The value is true
or false
. The default is false
.
The following attribute is supported by Network Load Balancers and Gateway Load Balancers:
load_balancing.cross_zone.enabled
- Indicates whether cross-zone load balancing is enabled. The value is true
or false
. The default is false
.
The protocol the load balancer uses when performing health checks on targets. For Application Load Balancers, the default is HTTP. For Network Load Balancers and Gateway Load Balancers, the default is TCP. The TCP protocol is not supported for health checks if the protocol of the target group is HTTP or HTTPS. The GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks.
", "Listener$Protocol": "The protocol for connections from clients to the load balancer.
", "ModifyListenerInput$Protocol": "The protocol for connections from clients to the load balancer. Application Load Balancers support the HTTP and HTTPS protocols. Network Load Balancers support the TCP, TLS, UDP, and TCP_UDP protocols. You can’t change the protocol to UDP or TCP_UDP if dual-stack mode is enabled. You cannot specify a protocol for a Gateway Load Balancer.
", - "ModifyTargetGroupInput$HealthCheckProtocol": "The protocol the load balancer uses when performing health checks on targets. The TCP protocol is supported for health checks only if the protocol of the target group is TCP, TLS, UDP, or TCP_UDP. The GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks.
With Network Load Balancers, you can't modify this setting.
", + "ModifyTargetGroupInput$HealthCheckProtocol": "The protocol the load balancer uses when performing health checks on targets. For Application Load Balancers, the default is HTTP. For Network Load Balancers and Gateway Load Balancers, the default is TCP. The TCP protocol is not supported for health checks if the protocol of the target group is HTTP or HTTPS. It is supported for health checks only if the protocol of the target group is TCP, TLS, UDP, or TCP_UDP. The GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks.
With Network Load Balancers, you can't modify this setting.
", "TargetGroup$Protocol": "The protocol to use for routing traffic to the targets.
", "TargetGroup$HealthCheckProtocol": "The protocol to use to connect with the target. The GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks.
" } diff --git a/models/apis/medialive/2017-10-14/api-2.json b/models/apis/medialive/2017-10-14/api-2.json index a830d93f15..5680ea2a43 100644 --- a/models/apis/medialive/2017-10-14/api-2.json +++ b/models/apis/medialive/2017-10-14/api-2.json @@ -2529,6 +2529,23 @@ "USE_CONFIGURED" ] }, + "AudioHlsRenditionSelection": { + "type": "structure", + "members": { + "GroupId": { + "shape": "__stringMin1", + "locationName": "groupId" + }, + "Name": { + "shape": "__stringMin1", + "locationName": "name" + } + }, + "required": [ + "Name", + "GroupId" + ] + }, "AudioLanguageSelection": { "type": "structure", "members": { @@ -2650,6 +2667,10 @@ "AudioSelectorSettings": { "type": "structure", "members": { + "AudioHlsRenditionSelection": { + "shape": "AudioHlsRenditionSelection", + "locationName": "audioHlsRenditionSelection" + }, "AudioLanguageSelection": { "shape": "AudioLanguageSelection", "locationName": "audioLanguageSelection" @@ -12673,8 +12694,19 @@ "WebvttDestinationSettings": { "type": "structure", "members": { + "StyleControl": { + "shape": "WebvttDestinationStyleControl", + "locationName": "styleControl" + } } }, + "WebvttDestinationStyleControl": { + "type": "string", + "enum": [ + "NO_STYLE_DATA", + "PASSTHROUGH" + ] + }, "__boolean": { "type": "boolean" }, diff --git a/models/apis/medialive/2017-10-14/docs-2.json b/models/apis/medialive/2017-10-14/docs-2.json index d168779ceb..b6b6973536 100644 --- a/models/apis/medialive/2017-10-14/docs-2.json +++ b/models/apis/medialive/2017-10-14/docs-2.json @@ -241,6 +241,12 @@ "AudioDescription$LanguageCodeControl": "Choosing followInput will cause the ISO 639 language code of the output to follow the ISO 639 language code of the input. The languageCode will be used when useConfigured is set, or when followInput is selected but there is no ISO 639 language code specified by the input." } }, + "AudioHlsRenditionSelection": { + "base": "Audio Hls Rendition Selection", + "refs": { + "AudioSelectorSettings$AudioHlsRenditionSelection": null + } + }, "AudioLanguageSelection": { "base": "Audio Language Selection", "refs": { @@ -3322,6 +3328,12 @@ "CaptionDestinationSettings$WebvttDestinationSettings": null } }, + "WebvttDestinationStyleControl": { + "base": "Webvtt Destination Style Control", + "refs": { + "WebvttDestinationSettings$StyleControl": "Controls whether the color and position of the source captions is passed through to the WebVTT output captions. PASSTHROUGH - Valid only if the source captions are EMBEDDED or TELETEXT. NO_STYLE_DATA - Don't pass through the style. The output captions will not contain any font styling information." + } + }, "__boolean": { "base": null, "refs": { @@ -4462,6 +4474,8 @@ "__stringMin1": { "base": null, "refs": { + "AudioHlsRenditionSelection$GroupId": "Specifies the GROUP-ID in the #EXT-X-MEDIA tag of the target HLS audio rendition.", + "AudioHlsRenditionSelection$Name": "Specifies the NAME in the #EXT-X-MEDIA tag of the target HLS audio rendition.", "AudioSelector$Name": "The name of this AudioSelector. AudioDescriptions will use this name to uniquely identify this Selector. Selector names should be unique per input.", "CaptionLanguageMapping$LanguageDescription": "Textual description of language", "CaptionSelector$Name": "Name identifier for a caption selector. This name is used to associate this caption selector with one or more caption descriptions. Names must be unique within an event.", diff --git a/models/apis/qldb/2019-01-02/api-2.json b/models/apis/qldb/2019-01-02/api-2.json index ba98fbbb9d..191674c7a6 100644 --- a/models/apis/qldb/2019-01-02/api-2.json +++ b/models/apis/qldb/2019-01-02/api-2.json @@ -313,7 +313,8 @@ "Name":{"shape":"LedgerName"}, "Tags":{"shape":"Tags"}, "PermissionsMode":{"shape":"PermissionsMode"}, - "DeletionProtection":{"shape":"DeletionProtection"} + "DeletionProtection":{"shape":"DeletionProtection"}, + "KmsKey":{"shape":"KmsKey"} } }, "CreateLedgerResponse":{ @@ -324,7 +325,8 @@ "State":{"shape":"LedgerState"}, "CreationDateTime":{"shape":"Timestamp"}, "PermissionsMode":{"shape":"PermissionsMode"}, - "DeletionProtection":{"shape":"DeletionProtection"} + "DeletionProtection":{"shape":"DeletionProtection"}, + "KmsKeyArn":{"shape":"Arn"} } }, "DeleteLedgerRequest":{ @@ -409,7 +411,8 @@ "State":{"shape":"LedgerState"}, "CreationDateTime":{"shape":"Timestamp"}, "PermissionsMode":{"shape":"PermissionsMode"}, - "DeletionProtection":{"shape":"DeletionProtection"} + "DeletionProtection":{"shape":"DeletionProtection"}, + "EncryptionDescription":{"shape":"LedgerEncryptionDescription"} } }, "Digest":{ @@ -417,6 +420,14 @@ "max":32, "min":32 }, + "EncryptionStatus":{ + "type":"string", + "enum":[ + "ENABLED", + "UPDATING", + "KMS_KEY_INACCESSIBLE" + ] + }, "ErrorCause":{ "type":"string", "enum":[ @@ -611,6 +622,22 @@ "AggregationEnabled":{"shape":"Boolean"} } }, + "KmsKey":{ + "type":"string", + "max":1600 + }, + "LedgerEncryptionDescription":{ + "type":"structure", + "required":[ + "KmsKeyArn", + "EncryptionStatus" + ], + "members":{ + "KmsKeyArn":{"shape":"Arn"}, + "EncryptionStatus":{"shape":"EncryptionStatus"}, + "InaccessibleKmsKeyDateTime":{"shape":"Timestamp"} + } + }, "LedgerList":{ "type":"list", "member":{"shape":"LedgerSummary"} @@ -1016,7 +1043,8 @@ "location":"uri", "locationName":"name" }, - "DeletionProtection":{"shape":"DeletionProtection"} + "DeletionProtection":{"shape":"DeletionProtection"}, + "KmsKey":{"shape":"KmsKey"} } }, "UpdateLedgerResponse":{ @@ -1026,7 +1054,8 @@ "Arn":{"shape":"Arn"}, "State":{"shape":"LedgerState"}, "CreationDateTime":{"shape":"Timestamp"}, - "DeletionProtection":{"shape":"DeletionProtection"} + "DeletionProtection":{"shape":"DeletionProtection"}, + "EncryptionDescription":{"shape":"LedgerEncryptionDescription"} } }, "ValueHolder":{ diff --git a/models/apis/qldb/2019-01-02/docs-2.json b/models/apis/qldb/2019-01-02/docs-2.json index be8aecef78..52d462a161 100644 --- a/models/apis/qldb/2019-01-02/docs-2.json +++ b/models/apis/qldb/2019-01-02/docs-2.json @@ -3,19 +3,19 @@ "service": "The control plane for Amazon QLDB
", "operations": { "CancelJournalKinesisStream": "Ends a given Amazon QLDB journal stream. Before a stream can be canceled, its current status must be ACTIVE
.
You can't restart a stream after you cancel it. Canceled QLDB stream resources are subject to a 7-day retention period, so they are automatically deleted after this limit expires.
", - "CreateLedger": "Creates a new ledger in your AWS account in the current Region.
", + "CreateLedger": "Creates a new ledger in your account in the current Region.
", "DeleteLedger": "Deletes a ledger and all of its contents. This action is irreversible.
If deletion protection is enabled, you must first disable it before you can delete the ledger. You can disable it by calling the UpdateLedger
operation to set the flag to false
.
Returns detailed information about a given Amazon QLDB journal stream. The output includes the Amazon Resource Name (ARN), stream name, current status, creation time, and the parameters of the original stream creation request.
This action does not return any expired journal streams. For more information, see Expiration for terminal streams in the Amazon QLDB Developer Guide.
", "DescribeJournalS3Export": "Returns information about a journal export job, including the ledger name, export ID, creation time, current status, and the parameters of the original export creation request.
This action does not return any expired export jobs. For more information, see Export job expiration in the Amazon QLDB Developer Guide.
If the export job with the given ExportId
doesn't exist, then throws ResourceNotFoundException
.
If the ledger with the given Name
doesn't exist, then throws ResourceNotFoundException
.
Returns information about a ledger, including its state and when it was created.
", + "DescribeLedger": "Returns information about a ledger, including its state, permissions mode, encryption at rest settings, and when it was created.
", "ExportJournalToS3": "Exports journal contents within a date and time range from a ledger into a specified Amazon Simple Storage Service (Amazon S3) bucket. The data is written as files in Amazon Ion format.
If the ledger with the given Name
doesn't exist, then throws ResourceNotFoundException
.
If the ledger with the given Name
is in CREATING
status, then throws ResourcePreconditionNotMetException
.
You can initiate up to two concurrent journal export requests for each ledger. Beyond this limit, journal export requests throw LimitExceededException
.
Returns a block object at a specified address in a journal. Also returns a proof of the specified block for verification if DigestTipAddress
is provided.
For information about the data contents in a block, see Journal contents in the Amazon QLDB Developer Guide.
If the specified ledger doesn't exist or is in DELETING
status, then throws ResourceNotFoundException
.
If the specified ledger is in CREATING
status, then throws ResourcePreconditionNotMetException
.
If no block exists with the specified address, then throws InvalidParameterException
.
Returns the digest of a ledger at the latest committed block in the journal. The response includes a 256-bit hash value and a block address.
", "GetRevision": "Returns a revision data object for a specified document ID and block address. Also returns a proof of the specified revision for verification if DigestTipAddress
is provided.
Returns an array of all Amazon QLDB journal stream descriptors for a given ledger. The output of each stream descriptor includes the same details that are returned by DescribeJournalKinesisStream
.
This action does not return any expired journal streams. For more information, see Expiration for terminal streams in the Amazon QLDB Developer Guide.
This action returns a maximum of MaxResults
items. It is paginated so that you can retrieve all the items by calling ListJournalKinesisStreamsForLedger
multiple times.
Returns an array of journal export job descriptions for all ledgers that are associated with the current AWS account and Region.
This action returns a maximum of MaxResults
items, and is paginated so that you can retrieve all the items by calling ListJournalS3Exports
multiple times.
This action does not return any expired export jobs. For more information, see Export job expiration in the Amazon QLDB Developer Guide.
", + "ListJournalS3Exports": "Returns an array of journal export job descriptions for all ledgers that are associated with the current account and Region.
This action returns a maximum of MaxResults
items, and is paginated so that you can retrieve all the items by calling ListJournalS3Exports
multiple times.
This action does not return any expired export jobs. For more information, see Export job expiration in the Amazon QLDB Developer Guide.
", "ListJournalS3ExportsForLedger": "Returns an array of journal export job descriptions for a specified ledger.
This action returns a maximum of MaxResults
items, and is paginated so that you can retrieve all the items by calling ListJournalS3ExportsForLedger
multiple times.
This action does not return any expired export jobs. For more information, see Export job expiration in the Amazon QLDB Developer Guide.
", - "ListLedgers": "Returns an array of ledger summaries that are associated with the current AWS account and Region.
This action returns a maximum of 100 items and is paginated so that you can retrieve all the items by calling ListLedgers
multiple times.
Returns an array of ledger summaries that are associated with the current account and Region.
This action returns a maximum of 100 items and is paginated so that you can retrieve all the items by calling ListLedgers
multiple times.
Returns all tags for a specified Amazon QLDB resource.
", "StreamJournalToKinesis": "Creates a journal stream for a given Amazon QLDB ledger. The stream captures every document revision that is committed to the ledger's journal and delivers the data to a specified Amazon Kinesis Data Streams resource.
", "TagResource": "Adds one or more tags to a specified Amazon QLDB resource.
A resource can have up to 50 tags. If you try to create more than 50 tags for a resource, your request fails and returns an error.
", @@ -28,14 +28,16 @@ "base": null, "refs": { "CreateLedgerResponse$Arn": "The Amazon Resource Name (ARN) for the ledger.
", + "CreateLedgerResponse$KmsKeyArn": "The ARN of the customer managed KMS key that the ledger uses for encryption at rest. If this parameter is undefined, the ledger uses an Amazon Web Services owned KMS key for encryption.
", "DescribeLedgerResponse$Arn": "The Amazon Resource Name (ARN) for the ledger.
", - "ExportJournalToS3Request$RoleArn": "The Amazon Resource Name (ARN) of the IAM role that grants QLDB permissions for a journal export job to do the following:
Write objects into your Amazon Simple Storage Service (Amazon S3) bucket.
(Optional) Use your customer master key (CMK) in AWS Key Management Service (AWS KMS) for server-side encryption of your exported data.
The Amazon Resource Name (ARN) of the IAM role that grants QLDB permissions for a journal export job to do the following:
Write objects into your Amazon Simple Storage Service (Amazon S3) bucket.
(Optional) Use your customer master key (CMK) in Key Management Service (KMS) for server-side encryption of your exported data.
The Amazon Resource Name (ARN) of the IAM role that grants QLDB permissions for a journal stream to write data records to a Kinesis Data Streams resource.
", "JournalKinesisStreamDescription$Arn": "The Amazon Resource Name (ARN) of the QLDB journal stream.
", - "JournalS3ExportDescription$RoleArn": "The Amazon Resource Name (ARN) of the IAM role that grants QLDB permissions for a journal export job to do the following:
Write objects into your Amazon Simple Storage Service (Amazon S3) bucket.
(Optional) Use your customer master key (CMK) in AWS Key Management Service (AWS KMS) for server-side encryption of your exported data.
The Amazon Resource Name (ARN) of the IAM role that grants QLDB permissions for a journal export job to do the following:
Write objects into your Amazon Simple Storage Service (Amazon S3) bucket.
(Optional) Use your customer master key (CMK) in Key Management Service (KMS) for server-side encryption of your exported data.
The Amazon Resource Name (ARN) of the Kinesis Data Streams resource.
", + "LedgerEncryptionDescription$KmsKeyArn": "The Amazon Resource Name (ARN) of the customer managed KMS key that the ledger uses for encryption at rest. If this parameter is undefined, the ledger uses an Amazon Web Services owned KMS key for encryption.
", "ListTagsForResourceRequest$ResourceArn": "The Amazon Resource Name (ARN) for which to list the tags. For example:
arn:aws:qldb:us-east-1:123456789012:ledger/exampleLedger
The Amazon Resource Name (ARN) for a symmetric customer master key (CMK) in AWS Key Management Service (AWS KMS). Amazon S3 does not support asymmetric CMKs.
You must provide a KmsKeyArn
if you specify SSE_KMS
as the ObjectEncryptionType
.
KmsKeyArn
is not required if you specify SSE_S3
as the ObjectEncryptionType
.
The Amazon Resource Name (ARN) of a symmetric customer master key (CMK) in Key Management Service (KMS). Amazon S3 does not support asymmetric CMKs.
You must provide a KmsKeyArn
if you specify SSE_KMS
as the ObjectEncryptionType
.
KmsKeyArn
is not required if you specify SSE_S3
as the ObjectEncryptionType
.
The Amazon Resource Name (ARN) of the IAM role that grants QLDB permissions for a journal stream to write data records to a Kinesis Data Streams resource.
", "TagResourceRequest$ResourceArn": "The Amazon Resource Name (ARN) to which you want to add the tags. For example:
arn:aws:qldb:us-east-1:123456789012:ledger/exampleLedger
The Amazon Resource Name (ARN) from which to remove the tags. For example:
arn:aws:qldb:us-east-1:123456789012:ledger/exampleLedger
The 256-bit hash value representing the digest returned by a GetDigest
request.
The current state of encryption at rest for the ledger. This can be one of the following values:
ENABLED
: Encryption is fully enabled using the specified key.
UPDATING
: The ledger is actively processing the specified key change.
Key changes in QLDB are asynchronous. The ledger is fully accessible without any performance impact while the key change is being processed. The amount of time it takes to update a key varies depending on the ledger size.
KMS_KEY_INACCESSIBLE
: The specified customer managed KMS key is not accessible, and the ledger is impaired. Either the key was disabled or deleted, or the grants on the key were revoked. When a ledger is impaired, it is not accessible and does not accept any read or write requests.
An impaired ledger automatically returns to an active state after you restore the grants on the key, or re-enable the key that was disabled. However, deleting a customer managed KMS key is irreversible. After a key is deleted, you can no longer access the ledgers that are protected with that key, and the data becomes unrecoverable permanently.
The array of journal export job descriptions that are associated with the specified ledger.
", - "ListJournalS3ExportsResponse$JournalS3Exports": "The array of journal export job descriptions for all ledgers that are associated with the current AWS account and Region.
" + "ListJournalS3ExportsResponse$JournalS3Exports": "The array of journal export job descriptions for all ledgers that are associated with the current account and Region.
" } }, "KinesisConfiguration": { @@ -228,17 +236,31 @@ "StreamJournalToKinesisRequest$KinesisConfiguration": "The configuration settings of the Kinesis Data Streams destination for your stream request.
" } }, + "KmsKey": { + "base": null, + "refs": { + "CreateLedgerRequest$KmsKey": "The key in Key Management Service (KMS) to use for encryption of data at rest in the ledger. For more information, see Encryption at rest in the Amazon QLDB Developer Guide.
Use one of the following options to specify this parameter:
AWS_OWNED_KMS_KEY
: Use an KMS key that is owned and managed by Amazon Web Services on your behalf.
Undefined: By default, use an Amazon Web Services owned KMS key.
A valid symmetric customer managed KMS key: Use the specified KMS key in your account that you create, own, and manage.
Amazon QLDB does not support asymmetric keys. For more information, see Using symmetric and asymmetric keys in the Key Management Service Developer Guide.
To specify a customer managed KMS key, you can use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with \"alias/\"
. To specify a key in a different account, you must use the key ARN or alias ARN.
For example:
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
Alias name: alias/ExampleAlias
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
For more information, see Key identifiers (KeyId) in the Key Management Service Developer Guide.
", + "UpdateLedgerRequest$KmsKey": "The key in Key Management Service (KMS) to use for encryption of data at rest in the ledger. For more information, see Encryption at rest in the Amazon QLDB Developer Guide.
Use one of the following options to specify this parameter:
AWS_OWNED_KMS_KEY
: Use an KMS key that is owned and managed by Amazon Web Services on your behalf.
Undefined: Make no changes to the KMS key of the ledger.
A valid symmetric customer managed KMS key: Use the specified KMS key in your account that you create, own, and manage.
Amazon QLDB does not support asymmetric keys. For more information, see Using symmetric and asymmetric keys in the Key Management Service Developer Guide.
To specify a customer managed KMS key, you can use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with \"alias/\"
. To specify a key in a different account, you must use the key ARN or alias ARN.
For example:
Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
Alias name: alias/ExampleAlias
Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
For more information, see Key identifiers (KeyId) in the Key Management Service Developer Guide.
" + } + }, + "LedgerEncryptionDescription": { + "base": "Information about the encryption of data at rest in an Amazon QLDB ledger. This includes the current status, the key in Key Management Service (KMS), and when the key became inaccessible (in the case of an error).
For more information, see Encryption at rest in the Amazon QLDB Developer Guide.
", + "refs": { + "DescribeLedgerResponse$EncryptionDescription": "Information about the encryption of data at rest in the ledger. This includes the current status, the KMS key, and when the key became inaccessible (in the case of an error).
", + "UpdateLedgerResponse$EncryptionDescription": "Information about the encryption of data at rest in the ledger. This includes the current status, the KMS key, and when the key became inaccessible (in the case of an error).
" + } + }, "LedgerList": { "base": null, "refs": { - "ListLedgersResponse$Ledgers": "The array of ledger summaries that are associated with the current AWS account and Region.
" + "ListLedgersResponse$Ledgers": "The array of ledger summaries that are associated with the current account and Region.
" } }, "LedgerName": { "base": null, "refs": { "CancelJournalKinesisStreamRequest$LedgerName": "The name of the ledger.
", - "CreateLedgerRequest$Name": "The name of the ledger that you want to create. The name must be unique among all of your ledgers in the current AWS Region.
Naming constraints for ledger names are defined in Quotas in Amazon QLDB in the Amazon QLDB Developer Guide.
", + "CreateLedgerRequest$Name": "The name of the ledger that you want to create. The name must be unique among all of the ledgers in your account in the current Region.
Naming constraints for ledger names are defined in Quotas in Amazon QLDB in the Amazon QLDB Developer Guide.
", "CreateLedgerResponse$Name": "The name of the ledger.
", "DeleteLedgerRequest$Name": "The name of the ledger that you want to delete.
", "DescribeJournalKinesisStreamRequest$LedgerName": "The name of the ledger.
", @@ -509,10 +531,11 @@ "ExportJournalToS3Request$ExclusiveEndTime": "The exclusive end date and time for the range of journal contents to export.
The ExclusiveEndTime
must be in ISO 8601
date and time format and in Universal Coordinated Time (UTC). For example: 2019-06-13T21:36:34Z
.
The ExclusiveEndTime
must be less than or equal to the current UTC date and time.
The date and time, in epoch time format, when the QLDB journal stream was created. (Epoch time format is the number of seconds elapsed since 12:00:00 AM January 1, 1970 UTC.)
", "JournalKinesisStreamDescription$InclusiveStartTime": "The inclusive start date and time from which to start streaming journal data.
", - "JournalKinesisStreamDescription$ExclusiveEndTime": "The exclusive date and time that specifies when the stream ends. If this parameter is blank, the stream runs indefinitely until you cancel it.
", + "JournalKinesisStreamDescription$ExclusiveEndTime": "The exclusive date and time that specifies when the stream ends. If this parameter is undefined, the stream runs indefinitely until you cancel it.
", "JournalS3ExportDescription$ExportCreationTime": "The date and time, in epoch time format, when the export job was created. (Epoch time format is the number of seconds elapsed since 12:00:00 AM January 1, 1970 UTC.)
", "JournalS3ExportDescription$InclusiveStartTime": "The inclusive start date and time for the range of journal contents that are specified in the original export request.
", "JournalS3ExportDescription$ExclusiveEndTime": "The exclusive end date and time for the range of journal contents that are specified in the original export request.
", + "LedgerEncryptionDescription$InaccessibleKmsKeyDateTime": "The date and time, in epoch time format, when the KMS key first became inaccessible, in the case of an error. (Epoch time format is the number of seconds that have elapsed since 12:00:00 AM January 1, 1970 UTC.)
This parameter is undefined if the KMS key is accessible.
", "LedgerSummary$CreationDateTime": "The date and time, in epoch time format, when the ledger was created. (Epoch time format is the number of seconds elapsed since 12:00:00 AM January 1, 1970 UTC.)
", "StreamJournalToKinesisRequest$InclusiveStartTime": "The inclusive start date and time from which to start streaming journal data. This parameter must be in ISO 8601
date and time format and in Universal Coordinated Time (UTC). For example: 2019-06-13T21:36:34Z
.
The InclusiveStartTime
cannot be in the future and must be before ExclusiveEndTime
.
If you provide an InclusiveStartTime
that is before the ledger's CreationDateTime
, QLDB effectively defaults it to the ledger's CreationDateTime
.
The exclusive date and time that specifies when the stream ends. If you don't define this parameter, the stream runs indefinitely until you cancel it.
The ExclusiveEndTime
must be in ISO 8601
date and time format and in Universal Coordinated Time (UTC). For example: 2019-06-13T21:36:34Z
.
AWS S3 Control provides access to Amazon S3 control plane actions.
", + "service": "Amazon Web Services S3 Control provides access to Amazon S3 control plane actions.
", "operations": { "CreateAccessPoint": "Creates an access point and associates it with the specified bucket. For more information, see Managing Data Access with Amazon S3 Access Points in the Amazon S3 User Guide.
S3 on Outposts only supports VPC-style access points.
For more information, see Accessing Amazon S3 on Outposts using virtual private cloud (VPC) only access points in the Amazon S3 User Guide.
All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id
to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control
. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id
derived using the access point ARN, see the Examples section.
The following actions are related to CreateAccessPoint
:
Creates an Object Lambda Access Point. For more information, see Transforming objects with Object Lambda Access Points in the Amazon S3 User Guide.
The following actions are related to CreateAccessPointForObjectLambda
:
Removes the resource policy for an Object Lambda Access Point.
The following actions are related to DeleteAccessPointPolicyForObjectLambda
:
This action deletes an Amazon S3 on Outposts bucket. To delete an S3 bucket, see DeleteBucket in the Amazon S3 API Reference.
Deletes the Amazon S3 on Outposts bucket. All objects (including all object versions and delete markers) in the bucket must be deleted before the bucket itself can be deleted. For more information, see Using Amazon S3 on Outposts in Amazon S3 User Guide.
All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id
to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control
. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id
derived using the access point ARN, see the Examples section.
Related Resources
", "DeleteBucketLifecycleConfiguration": "This action deletes an Amazon S3 on Outposts bucket's lifecycle configuration. To delete an S3 bucket's lifecycle configuration, see DeleteBucketLifecycle in the Amazon S3 API Reference.
Deletes the lifecycle configuration from the specified Outposts bucket. Amazon S3 on Outposts removes all the lifecycle configuration rules in the lifecycle subresource associated with the bucket. Your objects never expire, and Amazon S3 on Outposts no longer automatically deletes any objects on the basis of rules contained in the deleted lifecycle configuration. For more information, see Using Amazon S3 on Outposts in Amazon S3 User Guide.
To use this action, you must have permission to perform the s3-outposts:DeleteLifecycleConfiguration
action. By default, the bucket owner has this permission and the Outposts bucket owner can grant this permission to others.
All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id
to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control
. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id
derived using the access point ARN, see the Examples section.
For more information about object expiration, see Elements to Describe Lifecycle Actions.
Related actions include:
", - "DeleteBucketPolicy": "This action deletes an Amazon S3 on Outposts bucket policy. To delete an S3 bucket policy, see DeleteBucketPolicy in the Amazon S3 API Reference.
This implementation of the DELETE action uses the policy subresource to delete the policy of a specified Amazon S3 on Outposts bucket. If you are using an identity other than the root user of the AWS account that owns the bucket, the calling identity must have the s3-outposts:DeleteBucketPolicy
permissions on the specified Outposts bucket and belong to the bucket owner's account to use this action. For more information, see Using Amazon S3 on Outposts in Amazon S3 User Guide.
If you don't have DeleteBucketPolicy
permissions, Amazon S3 returns a 403 Access Denied
error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a 405 Method Not Allowed
error.
As a security precaution, the root user of the AWS account that owns a bucket can always use this action, even if the policy explicitly denies the root user the ability to perform this action.
For more information about bucket policies, see Using Bucket Policies and User Policies.
All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id
to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control
. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id
derived using the access point ARN, see the Examples section.
The following actions are related to DeleteBucketPolicy
:
This action deletes an Amazon S3 on Outposts bucket policy. To delete an S3 bucket policy, see DeleteBucketPolicy in the Amazon S3 API Reference.
This implementation of the DELETE action uses the policy subresource to delete the policy of a specified Amazon S3 on Outposts bucket. If you are using an identity other than the root user of the account that owns the bucket, the calling identity must have the s3-outposts:DeleteBucketPolicy
permissions on the specified Outposts bucket and belong to the bucket owner's account to use this action. For more information, see Using Amazon S3 on Outposts in Amazon S3 User Guide.
If you don't have DeleteBucketPolicy
permissions, Amazon S3 returns a 403 Access Denied
error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a 405 Method Not Allowed
error.
As a security precaution, the root user of the account that owns a bucket can always use this action, even if the policy explicitly denies the root user the ability to perform this action.
For more information about bucket policies, see Using Bucket Policies and User Policies.
All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id
to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control
. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id
derived using the access point ARN, see the Examples section.
The following actions are related to DeleteBucketPolicy
:
This action deletes an Amazon S3 on Outposts bucket's tags. To delete an S3 bucket tags, see DeleteBucketTagging in the Amazon S3 API Reference.
Deletes the tags from the Outposts bucket. For more information, see Using Amazon S3 on Outposts in Amazon S3 User Guide.
To use this action, you must have permission to perform the PutBucketTagging
action. By default, the bucket owner has this permission and can grant this permission to others.
All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id
to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control
. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id
derived using the access point ARN, see the Examples section.
The following actions are related to DeleteBucketTagging
:
Removes the entire tag set from the specified S3 Batch Operations job. To use this operation, you must have permission to perform the s3:DeleteJobTagging
action. For more information, see Controlling access and labeling jobs using tags in the Amazon S3 User Guide.
Related actions include:
", - "DeletePublicAccessBlock": "Removes the PublicAccessBlock
configuration for an AWS account. For more information, see Using Amazon S3 block public access.
Related actions include:
", + "DeletePublicAccessBlock": "Removes the PublicAccessBlock
configuration for an account. For more information, see Using Amazon S3 block public access.
Related actions include:
", "DeleteStorageLensConfiguration": "Deletes the Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see Assessing your storage activity and usage with Amazon S3 Storage Lens in the Amazon S3 User Guide.
To use this action, you must have permission to perform the s3:DeleteStorageLensConfiguration
action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide.
Deletes the Amazon S3 Storage Lens configuration tags. For more information about S3 Storage Lens, see Assessing your storage activity and usage with Amazon S3 Storage Lens in the Amazon S3 User Guide.
To use this action, you must have permission to perform the s3:DeleteStorageLensConfigurationTagging
action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide.
Retrieves the configuration parameters and status for a Batch Operations job. For more information, see S3 Batch Operations in the Amazon S3 User Guide.
Related actions include:
", @@ -26,27 +26,27 @@ "GetAccessPointPolicyForObjectLambda": "Returns the resource policy for an Object Lambda Access Point.
The following actions are related to GetAccessPointPolicyForObjectLambda
:
Indicates whether the specified access point currently has a policy that allows public access. For more information about public access through access points, see Managing Data Access with Amazon S3 access points in the Amazon S3 User Guide.
", "GetAccessPointPolicyStatusForObjectLambda": "Returns the status of the resource policy associated with an Object Lambda Access Point.
", - "GetBucket": "Gets an Amazon S3 on Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide.
If you are using an identity other than the root user of the AWS account that owns the Outposts bucket, the calling identity must have the s3-outposts:GetBucket
permissions on the specified Outposts bucket and belong to the Outposts bucket owner's account in order to use this action. Only users from Outposts bucket owner account with the right permissions can perform actions on an Outposts bucket.
If you don't have s3-outposts:GetBucket
permissions or you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a 403 Access Denied
error.
The following actions are related to GetBucket
for Amazon S3 on Outposts:
All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id
to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control
. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id
derived using the access point ARN, see the Examples section.
Gets an Amazon S3 on Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide.
If you are using an identity other than the root user of the account that owns the Outposts bucket, the calling identity must have the s3-outposts:GetBucket
permissions on the specified Outposts bucket and belong to the Outposts bucket owner's account in order to use this action. Only users from Outposts bucket owner account with the right permissions can perform actions on an Outposts bucket.
If you don't have s3-outposts:GetBucket
permissions or you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a 403 Access Denied
error.
The following actions are related to GetBucket
for Amazon S3 on Outposts:
All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id
to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control
. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id
derived using the access point ARN, see the Examples section.
This action gets an Amazon S3 on Outposts bucket's lifecycle configuration. To get an S3 bucket's lifecycle configuration, see GetBucketLifecycleConfiguration in the Amazon S3 API Reference.
Returns the lifecycle configuration information set on the Outposts bucket. For more information, see Using Amazon S3 on Outposts and for information about lifecycle configuration, see Object Lifecycle Management in Amazon S3 User Guide.
To use this action, you must have permission to perform the s3-outposts:GetLifecycleConfiguration
action. The Outposts bucket owner has this permission, by default. The bucket owner can grant this permission to others. For more information about permissions, see Permissions Related to Bucket Subresource Operations and Managing Access Permissions to Your Amazon S3 Resources.
All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id
to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control
. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id
derived using the access point ARN, see the Examples section.
GetBucketLifecycleConfiguration
has the following special error:
Error code: NoSuchLifecycleConfiguration
Description: The lifecycle configuration does not exist.
HTTP Status Code: 404 Not Found
SOAP Fault Code Prefix: Client
The following actions are related to GetBucketLifecycleConfiguration
:
This action gets a bucket policy for an Amazon S3 on Outposts bucket. To get a policy for an S3 bucket, see GetBucketPolicy in the Amazon S3 API Reference.
Returns the policy of a specified Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide.
If you are using an identity other than the root user of the AWS account that owns the bucket, the calling identity must have the GetBucketPolicy
permissions on the specified bucket and belong to the bucket owner's account in order to use this action.
Only users from Outposts bucket owner account with the right permissions can perform actions on an Outposts bucket. If you don't have s3-outposts:GetBucketPolicy
permissions or you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a 403 Access Denied
error.
As a security precaution, the root user of the AWS account that owns a bucket can always use this action, even if the policy explicitly denies the root user the ability to perform this action.
For more information about bucket policies, see Using Bucket Policies and User Policies.
All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id
to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control
. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id
derived using the access point ARN, see the Examples section.
The following actions are related to GetBucketPolicy
:
This action gets a bucket policy for an Amazon S3 on Outposts bucket. To get a policy for an S3 bucket, see GetBucketPolicy in the Amazon S3 API Reference.
Returns the policy of a specified Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide.
If you are using an identity other than the root user of the account that owns the bucket, the calling identity must have the GetBucketPolicy
permissions on the specified bucket and belong to the bucket owner's account in order to use this action.
Only users from Outposts bucket owner account with the right permissions can perform actions on an Outposts bucket. If you don't have s3-outposts:GetBucketPolicy
permissions or you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a 403 Access Denied
error.
As a security precaution, the root user of the account that owns a bucket can always use this action, even if the policy explicitly denies the root user the ability to perform this action.
For more information about bucket policies, see Using Bucket Policies and User Policies.
All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id
to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control
. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id
derived using the access point ARN, see the Examples section.
The following actions are related to GetBucketPolicy
:
This action gets an Amazon S3 on Outposts bucket's tags. To get an S3 bucket tags, see GetBucketTagging in the Amazon S3 API Reference.
Returns the tag set associated with the Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide.
To use this action, you must have permission to perform the GetBucketTagging
action. By default, the bucket owner has this permission and can grant this permission to others.
GetBucketTagging
has the following special error:
Error code: NoSuchTagSetError
Description: There is no tag set associated with the bucket.
All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id
to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control
. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id
derived using the access point ARN, see the Examples section.
The following actions are related to GetBucketTagging
:
Returns the tags on an S3 Batch Operations job. To use this operation, you must have permission to perform the s3:GetJobTagging
action. For more information, see Controlling access and labeling jobs using tags in the Amazon S3 User Guide.
Related actions include:
", - "GetPublicAccessBlock": "Retrieves the PublicAccessBlock
configuration for an AWS account. For more information, see Using Amazon S3 block public access.
Related actions include:
", + "GetPublicAccessBlock": "Retrieves the PublicAccessBlock
configuration for an account. For more information, see Using Amazon S3 block public access.
Related actions include:
", "GetStorageLensConfiguration": "Gets the Amazon S3 Storage Lens configuration. For more information, see Assessing your storage activity and usage with Amazon S3 Storage Lens in the Amazon S3 User Guide.
To use this action, you must have permission to perform the s3:GetStorageLensConfiguration
action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide.
Gets the tags of Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see Assessing your storage activity and usage with Amazon S3 Storage Lens in the Amazon S3 User Guide.
To use this action, you must have permission to perform the s3:GetStorageLensConfigurationTagging
action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide.
Returns a list of the access points currently associated with the specified bucket. You can retrieve up to 1000 access points per call. If the specified bucket has more than 1,000 access points (or the number specified in maxResults
, whichever is less), the response will include a continuation token that you can use to list the additional access points.
All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id
to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control
. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id
derived using the access point ARN, see the Examples section.
The following actions are related to ListAccessPoints
:
Returns a list of the access points associated with the Object Lambda Access Point. You can retrieve up to 1000 access points per call. If there are more than 1,000 access points (or the number specified in maxResults
, whichever is less), the response will include a continuation token that you can use to list the additional access points.
The following actions are related to ListAccessPointsForObjectLambda
:
Lists current S3 Batch Operations jobs and jobs that have ended within the last 30 days for the AWS account making the request. For more information, see S3 Batch Operations in the Amazon S3 User Guide.
Related actions include:
", + "ListJobs": "Lists current S3 Batch Operations jobs and jobs that have ended within the last 30 days for the account making the request. For more information, see S3 Batch Operations in the Amazon S3 User Guide.
Related actions include:
", "ListRegionalBuckets": "Returns a list of all Outposts buckets in an Outpost that are owned by the authenticated sender of the request. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide.
For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and x-amz-outpost-id
in your request, see the Examples section.
Gets a list of Amazon S3 Storage Lens configurations. For more information about S3 Storage Lens, see Assessing your storage activity and usage with Amazon S3 Storage Lens in the Amazon S3 User Guide.
To use this action, you must have permission to perform the s3:ListStorageLensConfigurations
action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide.
Replaces configuration for an Object Lambda Access Point.
The following actions are related to PutAccessPointConfigurationForObjectLambda
:
Associates an access policy with the specified access point. Each access point can have only one policy, so a request made to this API replaces any existing policy associated with the specified access point.
All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id
to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control
. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id
derived using the access point ARN, see the Examples section.
The following actions are related to PutAccessPointPolicy
:
Creates or replaces resource policy for an Object Lambda Access Point. For an example policy, see Creating Object Lambda Access Points in the Amazon S3 User Guide.
The following actions are related to PutAccessPointPolicyForObjectLambda
:
This action puts a lifecycle configuration to an Amazon S3 on Outposts bucket. To put a lifecycle configuration to an S3 bucket, see PutBucketLifecycleConfiguration in the Amazon S3 API Reference.
Creates a new lifecycle configuration for the S3 on Outposts bucket or replaces an existing lifecycle configuration. Outposts buckets only support lifecycle configurations that delete/expire objects after a certain period of time and abort incomplete multipart uploads.
All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id
to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control
. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id
derived using the access point ARN, see the Examples section.
The following actions are related to PutBucketLifecycleConfiguration
:
This action puts a bucket policy to an Amazon S3 on Outposts bucket. To put a policy on an S3 bucket, see PutBucketPolicy in the Amazon S3 API Reference.
Applies an Amazon S3 bucket policy to an Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide.
If you are using an identity other than the root user of the AWS account that owns the Outposts bucket, the calling identity must have the PutBucketPolicy
permissions on the specified Outposts bucket and belong to the bucket owner's account in order to use this action.
If you don't have PutBucketPolicy
permissions, Amazon S3 returns a 403 Access Denied
error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a 405 Method Not Allowed
error.
As a security precaution, the root user of the AWS account that owns a bucket can always use this action, even if the policy explicitly denies the root user the ability to perform this action.
For more information about bucket policies, see Using Bucket Policies and User Policies.
All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id
to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control
. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id
derived using the access point ARN, see the Examples section.
The following actions are related to PutBucketPolicy
:
This action puts tags on an Amazon S3 on Outposts bucket. To put tags on an S3 bucket, see PutBucketTagging in the Amazon S3 API Reference.
Sets the tags for an S3 on Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide.
Use tags to organize your AWS bill to reflect your own cost structure. To do this, sign up to get your AWS account bill with tag key values included. Then, to see the cost of combined resources, organize your billing information according to resources with the same tag key values. For example, you can tag several resources with a specific application name, and then organize your billing information to see the total cost of that application across several services. For more information, see Cost allocation and tagging.
Within a bucket, if you add a tag that has the same key as an existing tag, the new value overwrites the old value. For more information, see Using cost allocation in Amazon S3 bucket tags.
To use this action, you must have permissions to perform the s3-outposts:PutBucketTagging
action. The Outposts bucket owner has this permission by default and can grant this permission to others. For more information about permissions, see Permissions Related to Bucket Subresource Operations and Managing access permissions to your Amazon S3 resources.
PutBucketTagging
has the following special errors:
Error code: InvalidTagError
Description: The tag provided was not a valid tag. This error can occur if the tag did not pass input validation. For information about tag restrictions, see User-Defined Tag Restrictions and AWS-Generated Cost Allocation Tag Restrictions.
Error code: MalformedXMLError
Description: The XML provided does not match the schema.
Error code: OperationAbortedError
Description: A conflicting conditional action is currently in progress against this resource. Try again.
Error code: InternalError
Description: The service was unable to apply the provided tag to the bucket.
All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id
to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control
. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id
derived using the access point ARN, see the Examples section.
The following actions are related to PutBucketTagging
:
Sets the supplied tag-set on an S3 Batch Operations job.
A tag is a key-value pair. You can associate S3 Batch Operations tags with any job by sending a PUT request against the tagging subresource that is associated with the job. To modify the existing tag set, you can either replace the existing tag set entirely, or make changes within the existing tag set by retrieving the existing tag set using GetJobTagging, modify that tag set, and use this action to replace the tag set with the one you modified. For more information, see Controlling access and labeling jobs using tags in the Amazon S3 User Guide.
If you send this request with an empty tag set, Amazon S3 deletes the existing tag set on the Batch Operations job. If you use this method, you are charged for a Tier 1 Request (PUT). For more information, see Amazon S3 pricing.
For deleting existing tags for your Batch Operations job, a DeleteJobTagging request is preferred because it achieves the same result without incurring charges.
A few things to consider about using tags:
Amazon S3 limits the maximum number of tags to 50 tags per job.
You can associate up to 50 tags with a job as long as they have unique tag keys.
A tag key can be up to 128 Unicode characters in length, and tag values can be up to 256 Unicode characters in length.
The key and values are case sensitive.
For tagging-related restrictions related to characters and encodings, see User-Defined Tag Restrictions in the AWS Billing and Cost Management User Guide.
To use this action, you must have permission to perform the s3:PutJobTagging
action.
Related actions include:
", - "PutPublicAccessBlock": "Creates or modifies the PublicAccessBlock
configuration for an AWS account. For more information, see Using Amazon S3 block public access.
Related actions include:
", + "PutBucketPolicy": "This action puts a bucket policy to an Amazon S3 on Outposts bucket. To put a policy on an S3 bucket, see PutBucketPolicy in the Amazon S3 API Reference.
Applies an Amazon S3 bucket policy to an Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide.
If you are using an identity other than the root user of the account that owns the Outposts bucket, the calling identity must have the PutBucketPolicy
permissions on the specified Outposts bucket and belong to the bucket owner's account in order to use this action.
If you don't have PutBucketPolicy
permissions, Amazon S3 returns a 403 Access Denied
error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a 405 Method Not Allowed
error.
As a security precaution, the root user of the account that owns a bucket can always use this action, even if the policy explicitly denies the root user the ability to perform this action.
For more information about bucket policies, see Using Bucket Policies and User Policies.
All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id
to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control
. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id
derived using the access point ARN, see the Examples section.
The following actions are related to PutBucketPolicy
:
This action puts tags on an Amazon S3 on Outposts bucket. To put tags on an S3 bucket, see PutBucketTagging in the Amazon S3 API Reference.
Sets the tags for an S3 on Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide.
Use tags to organize your Amazon Web Services bill to reflect your own cost structure. To do this, sign up to get your account bill with tag key values included. Then, to see the cost of combined resources, organize your billing information according to resources with the same tag key values. For example, you can tag several resources with a specific application name, and then organize your billing information to see the total cost of that application across several services. For more information, see Cost allocation and tagging.
Within a bucket, if you add a tag that has the same key as an existing tag, the new value overwrites the old value. For more information, see Using cost allocation in Amazon S3 bucket tags.
To use this action, you must have permissions to perform the s3-outposts:PutBucketTagging
action. The Outposts bucket owner has this permission by default and can grant this permission to others. For more information about permissions, see Permissions Related to Bucket Subresource Operations and Managing access permissions to your Amazon S3 resources.
PutBucketTagging
has the following special errors:
Error code: InvalidTagError
Description: The tag provided was not a valid tag. This error can occur if the tag did not pass input validation. For information about tag restrictions, see User-Defined Tag Restrictions and Amazon Web Services-Generated Cost Allocation Tag Restrictions.
Error code: MalformedXMLError
Description: The XML provided does not match the schema.
Error code: OperationAbortedError
Description: A conflicting conditional action is currently in progress against this resource. Try again.
Error code: InternalError
Description: The service was unable to apply the provided tag to the bucket.
All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id
to be passed with the request and an S3 on Outposts endpoint hostname prefix instead of s3-control
. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id
derived using the access point ARN, see the Examples section.
The following actions are related to PutBucketTagging
:
Sets the supplied tag-set on an S3 Batch Operations job.
A tag is a key-value pair. You can associate S3 Batch Operations tags with any job by sending a PUT request against the tagging subresource that is associated with the job. To modify the existing tag set, you can either replace the existing tag set entirely, or make changes within the existing tag set by retrieving the existing tag set using GetJobTagging, modify that tag set, and use this action to replace the tag set with the one you modified. For more information, see Controlling access and labeling jobs using tags in the Amazon S3 User Guide.
If you send this request with an empty tag set, Amazon S3 deletes the existing tag set on the Batch Operations job. If you use this method, you are charged for a Tier 1 Request (PUT). For more information, see Amazon S3 pricing.
For deleting existing tags for your Batch Operations job, a DeleteJobTagging request is preferred because it achieves the same result without incurring charges.
A few things to consider about using tags:
Amazon S3 limits the maximum number of tags to 50 tags per job.
You can associate up to 50 tags with a job as long as they have unique tag keys.
A tag key can be up to 128 Unicode characters in length, and tag values can be up to 256 Unicode characters in length.
The key and values are case sensitive.
For tagging-related restrictions related to characters and encodings, see User-Defined Tag Restrictions in the Billing and Cost Management User Guide.
To use this action, you must have permission to perform the s3:PutJobTagging
action.
Related actions include:
", + "PutPublicAccessBlock": "Creates or modifies the PublicAccessBlock
configuration for an account. For more information, see Using Amazon S3 block public access.
Related actions include:
", "PutStorageLensConfiguration": "Puts an Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see Working with Amazon S3 Storage Lens in the Amazon S3 User Guide.
To use this action, you must have permission to perform the s3:PutStorageLensConfiguration
action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide.
Put or replace tags on an existing Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see Assessing your storage activity and usage with Amazon S3 Storage Lens in the Amazon S3 User Guide.
To use this action, you must have permission to perform the s3:PutStorageLensConfigurationTagging
action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide.
Updates an existing S3 Batch Operations job's priority. For more information, see S3 Batch Operations in the Amazon S3 User Guide.
Related actions include:
", @@ -76,21 +76,21 @@ "refs": { "AccessPoint$Name": "The name of this access point.
", "CreateAccessPointRequest$Name": "The name you want to assign to this access point.
", - "DeleteAccessPointPolicyRequest$Name": "The name of the access point whose policy you want to delete.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/accesspoint/<my-accesspoint-name>
. For example, to access the access point reports-ap
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap
. The value must be URL encoded.
The name of the access point you want to delete.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/accesspoint/<my-accesspoint-name>
. For example, to access the access point reports-ap
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap
. The value must be URL encoded.
The name of the access point whose policy you want to retrieve.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/accesspoint/<my-accesspoint-name>
. For example, to access the access point reports-ap
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap
. The value must be URL encoded.
The name of the access point whose policy you want to delete.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/accesspoint/<my-accesspoint-name>
. For example, to access the access point reports-ap
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap
. The value must be URL encoded.
The name of the access point you want to delete.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/accesspoint/<my-accesspoint-name>
. For example, to access the access point reports-ap
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap
. The value must be URL encoded.
The name of the access point whose policy you want to retrieve.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/accesspoint/<my-accesspoint-name>
. For example, to access the access point reports-ap
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap
. The value must be URL encoded.
The name of the access point whose policy status you want to retrieve.
", - "GetAccessPointRequest$Name": "The name of the access point whose configuration information you want to retrieve.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/accesspoint/<my-accesspoint-name>
. For example, to access the access point reports-ap
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap
. The value must be URL encoded.
The name of the access point whose configuration information you want to retrieve.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/accesspoint/<my-accesspoint-name>
. For example, to access the access point reports-ap
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap
. The value must be URL encoded.
The name of the specified access point.
", - "PutAccessPointPolicyRequest$Name": "The name of the access point that you want to associate with the specified policy.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/accesspoint/<my-accesspoint-name>
. For example, to access the access point reports-ap
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap
. The value must be URL encoded.
The name of the access point that you want to associate with the specified policy.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the access point accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/accesspoint/<my-accesspoint-name>
. For example, to access the access point reports-ap
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap
. The value must be URL encoded.
The AWS account ID for owner of the specified Object Lambda Access Point.
", - "CreateAccessPointRequest$AccountId": "The AWS account ID for the owner of the bucket for which you want to create an access point.
", - "CreateJobRequest$AccountId": "The AWS account ID that creates the job.
", + "CreateAccessPointForObjectLambdaRequest$AccountId": "The account ID for owner of the specified Object Lambda Access Point.
", + "CreateAccessPointRequest$AccountId": "The account ID for the owner of the bucket for which you want to create an access point.
", + "CreateJobRequest$AccountId": "The account ID that creates the job.
", "DeleteAccessPointForObjectLambdaRequest$AccountId": "The account ID for the account that owns the specified Object Lambda Access Point.
", "DeleteAccessPointPolicyForObjectLambdaRequest$AccountId": "The account ID for the account that owns the specified Object Lambda Access Point.
", "DeleteAccessPointPolicyRequest$AccountId": "The account ID for the account that owns the specified access point.
", @@ -98,12 +98,12 @@ "DeleteBucketLifecycleConfigurationRequest$AccountId": "The account ID of the lifecycle configuration to delete.
", "DeleteBucketPolicyRequest$AccountId": "The account ID of the Outposts bucket.
", "DeleteBucketRequest$AccountId": "The account ID that owns the Outposts bucket.
", - "DeleteBucketTaggingRequest$AccountId": "The AWS account ID of the Outposts bucket tag set to be removed.
", - "DeleteJobTaggingRequest$AccountId": "The AWS account ID associated with the S3 Batch Operations job.
", - "DeletePublicAccessBlockRequest$AccountId": "The account ID for the AWS account whose PublicAccessBlock
configuration you want to remove.
The account ID of the Outposts bucket tag set to be removed.
", + "DeleteJobTaggingRequest$AccountId": "The account ID associated with the S3 Batch Operations job.
", + "DeletePublicAccessBlockRequest$AccountId": "The account ID for the account whose PublicAccessBlock
configuration you want to remove.
The account ID of the requester.
", "DeleteStorageLensConfigurationTaggingRequest$AccountId": "The account ID of the requester.
", - "DescribeJobRequest$AccountId": "The AWS account ID associated with the S3 Batch Operations job.
", + "DescribeJobRequest$AccountId": "The account ID associated with the S3 Batch Operations job.
", "GetAccessPointConfigurationForObjectLambdaRequest$AccountId": "The account ID for the account that owns the specified Object Lambda Access Point.
", "GetAccessPointForObjectLambdaRequest$AccountId": "The account ID for the account that owns the specified Object Lambda Access Point.
", "GetAccessPointPolicyForObjectLambdaRequest$AccountId": "The account ID for the account that owns the specified Object Lambda Access Point.
", @@ -111,32 +111,32 @@ "GetAccessPointPolicyStatusForObjectLambdaRequest$AccountId": "The account ID for the account that owns the specified Object Lambda Access Point.
", "GetAccessPointPolicyStatusRequest$AccountId": "The account ID for the account that owns the specified access point.
", "GetAccessPointRequest$AccountId": "The account ID for the account that owns the specified access point.
", - "GetBucketLifecycleConfigurationRequest$AccountId": "The AWS account ID of the Outposts bucket.
", - "GetBucketPolicyRequest$AccountId": "The AWS account ID of the Outposts bucket.
", - "GetBucketRequest$AccountId": "The AWS account ID of the Outposts bucket.
", - "GetBucketTaggingRequest$AccountId": "The AWS account ID of the Outposts bucket.
", - "GetJobTaggingRequest$AccountId": "The AWS account ID associated with the S3 Batch Operations job.
", - "GetPublicAccessBlockRequest$AccountId": "The account ID for the AWS account whose PublicAccessBlock
configuration you want to retrieve.
The account ID of the Outposts bucket.
", + "GetBucketPolicyRequest$AccountId": "The account ID of the Outposts bucket.
", + "GetBucketRequest$AccountId": "The account ID of the Outposts bucket.
", + "GetBucketTaggingRequest$AccountId": "The account ID of the Outposts bucket.
", + "GetJobTaggingRequest$AccountId": "The account ID associated with the S3 Batch Operations job.
", + "GetPublicAccessBlockRequest$AccountId": "The account ID for the account whose PublicAccessBlock
configuration you want to retrieve.
The account ID of the requester.
", "GetStorageLensConfigurationTaggingRequest$AccountId": "The account ID of the requester.
", "ListAccessPointsForObjectLambdaRequest$AccountId": "The account ID for the account that owns the specified Object Lambda Access Point.
", - "ListAccessPointsRequest$AccountId": "The AWS account ID for owner of the bucket whose access points you want to list.
", - "ListJobsRequest$AccountId": "The AWS account ID associated with the S3 Batch Operations job.
", - "ListRegionalBucketsRequest$AccountId": "The AWS account ID of the Outposts bucket.
", + "ListAccessPointsRequest$AccountId": "The account ID for owner of the bucket whose access points you want to list.
", + "ListJobsRequest$AccountId": "The account ID associated with the S3 Batch Operations job.
", + "ListRegionalBucketsRequest$AccountId": "The account ID of the Outposts bucket.
", "ListStorageLensConfigurationsRequest$AccountId": "The account ID of the requester.
", "PutAccessPointConfigurationForObjectLambdaRequest$AccountId": "The account ID for the account that owns the specified Object Lambda Access Point.
", "PutAccessPointPolicyForObjectLambdaRequest$AccountId": "The account ID for the account that owns the specified Object Lambda Access Point.
", - "PutAccessPointPolicyRequest$AccountId": "The AWS account ID for owner of the bucket associated with the specified access point.
", - "PutBucketLifecycleConfigurationRequest$AccountId": "The AWS account ID of the Outposts bucket.
", - "PutBucketPolicyRequest$AccountId": "The AWS account ID of the Outposts bucket.
", - "PutBucketTaggingRequest$AccountId": "The AWS account ID of the Outposts bucket.
", - "PutJobTaggingRequest$AccountId": "The AWS account ID associated with the S3 Batch Operations job.
", - "PutPublicAccessBlockRequest$AccountId": "The account ID for the AWS account whose PublicAccessBlock
configuration you want to set.
The account ID for owner of the bucket associated with the specified access point.
", + "PutBucketLifecycleConfigurationRequest$AccountId": "The account ID of the Outposts bucket.
", + "PutBucketPolicyRequest$AccountId": "The account ID of the Outposts bucket.
", + "PutBucketTaggingRequest$AccountId": "The account ID of the Outposts bucket.
", + "PutJobTaggingRequest$AccountId": "The account ID associated with the S3 Batch Operations job.
", + "PutPublicAccessBlockRequest$AccountId": "The account ID for the account whose PublicAccessBlock
configuration you want to set.
The account ID of the requester.
", "PutStorageLensConfigurationTaggingRequest$AccountId": "The account ID of the requester.
", "S3BucketDestination$AccountId": "The account ID of the owner of the S3 Storage Lens metrics export bucket.
", - "UpdateJobPriorityRequest$AccountId": "The AWS account ID associated with the S3 Batch Operations job.
", - "UpdateJobStatusRequest$AccountId": "The AWS account ID associated with the S3 Batch Operations job.
" + "UpdateJobPriorityRequest$AccountId": "The account ID associated with the S3 Batch Operations job.
", + "UpdateJobStatusRequest$AccountId": "The account ID associated with the S3 Batch Operations job.
" } }, "AccountLevel": { @@ -153,9 +153,9 @@ } }, "AwsLambdaTransformation": { - "base": "AWS Lambda function used to transform objects through an Object Lambda Access Point.
", + "base": "Lambda function used to transform objects through an Object Lambda Access Point.
", "refs": { - "ObjectLambdaContentTransformation$AwsLambda": "A container for an AWS Lambda function.
" + "ObjectLambdaContentTransformation$AwsLambda": "A container for an Lambda function.
" } }, "AwsLambdaTransformationPayload": { @@ -167,7 +167,7 @@ "AwsOrgArn": { "base": null, "refs": { - "StorageLensAwsOrg$Arn": "A container for the Amazon Resource Name (ARN) of the AWS organization. This property is read-only and follows the following format: arn:aws:organizations:us-east-1:example-account-id:organization/o-ex2l495dck
A container for the Amazon Resource Name (ARN) of the Amazon Web Services organization. This property is read-only and follows the following format: arn:aws:organizations:us-east-1:example-account-id:organization/o-ex2l495dck
Indicates whether the specified job will generate a job-completion report.
", "ObjectLambdaConfiguration$CloudWatchMetricsEnabled": "A container for whether the CloudWatch metrics configuration is enabled.
", "S3CopyObjectOperation$RequesterPays": "", - "S3CopyObjectOperation$BucketKeyEnabled": "Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with server-side encryption using AWS KMS (SSE-KMS). Setting this header to true
causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS.
Specifying this header with an object action doesn’t affect bucket-level settings for S3 Bucket Key.
", + "S3CopyObjectOperation$BucketKeyEnabled": "Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with server-side encryption using Amazon Web Services KMS (SSE-KMS). Setting this header to true
causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS.
Specifying this header with an object action doesn’t affect bucket-level settings for S3 Bucket Key.
", "S3ObjectMetadata$RequesterCharged": "", "S3SetObjectRetentionOperation$BypassGovernanceRetention": "Indicates if the action should be applied to objects in the Batch Operations job even if they have Object Lock GOVERNANCE
type in place.
The requested Outposts bucket name is not available. The bucket namespace is shared by all users of the AWS Outposts in this Region. Select a different name and try again.
", + "base": "The requested Outposts bucket name is not available. The bucket namespace is shared by all users of the Outposts in this Region. Select a different name and try again.
", "refs": { } }, @@ -218,22 +218,22 @@ "base": null, "refs": { "AccessPoint$Bucket": "The name of the bucket associated with this access point.
", - "CreateAccessPointRequest$Bucket": "The name of the bucket that you want to associate this access point with.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
The name of the bucket that you want to associate this access point with.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
The name of the bucket.
", - "DeleteBucketLifecycleConfigurationRequest$Bucket": "Specifies the bucket.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
Specifies the bucket.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
Specifies the bucket being deleted.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
The bucket ARN that has the tag set to be removed.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
Specifies the bucket.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
Specifies the bucket.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
Specifies the bucket being deleted.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
The bucket ARN that has the tag set to be removed.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
The name of the bucket associated with the specified access point.
", - "GetBucketLifecycleConfigurationRequest$Bucket": "The Amazon Resource Name (ARN) of the bucket.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
Specifies the bucket.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
Specifies the bucket.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
The Amazon Resource Name (ARN) of the bucket.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
Specifies the bucket.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
Specifies the bucket.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
The Outposts bucket requested.
", - "GetBucketTaggingRequest$Bucket": "Specifies the bucket.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
The name of the bucket whose associated access points you want to list.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
Specifies the bucket.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
The name of the bucket whose associated access points you want to list.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
The name of the bucket for which to set the configuration.
", - "PutBucketPolicyRequest$Bucket": "Specifies the bucket.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
The Amazon Resource Name (ARN) of the bucket.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
Specifies the bucket.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
The Amazon Resource Name (ARN) of the bucket.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
The Amazon Resource Name (ARN) of the AWS Lambda function.
", - "LambdaInvokeOperation$FunctionArn": "The Amazon Resource Name (ARN) for the AWS Lambda function that the specified job will invoke on every object in the manifest.
" + "AwsLambdaTransformation$FunctionArn": "The Amazon Resource Name (ARN) of the Lambda function.
", + "LambdaInvokeOperation$FunctionArn": "The Amazon Resource Name (ARN) for the Lambda function that the specified job will invoke on every object in the manifest.
" } }, "GetAccessPointConfigurationForObjectLambdaRequest": { @@ -662,8 +662,8 @@ "IAMRoleArn": { "base": null, "refs": { - "CreateJobRequest$RoleArn": "The Amazon Resource Name (ARN) for the AWS Identity and Access Management (IAM) role that Batch Operations will use to run this job's action on every object in the manifest.
", - "JobDescriptor$RoleArn": "The Amazon Resource Name (ARN) for the AWS Identity and Access Management (IAM) role assigned to run the tasks for this job.
" + "CreateJobRequest$RoleArn": "The Amazon Resource Name (ARN) for the Identity and Access Management (IAM) role that Batch Operations will use to run this job's action on every object in the manifest.
", + "JobDescriptor$RoleArn": "The Amazon Resource Name (ARN) for the Identity and Access Management (IAM) role assigned to run the tasks for this job.
" } }, "ID": { @@ -926,7 +926,7 @@ "LambdaInvokeOperation": { "base": "Contains the configuration parameters for a Lambda Invoke
operation.
Directs the specified job to invoke an AWS Lambda function on every object in the manifest.
" + "JobOperation$LambdaInvoke": "Directs the specified job to invoke an Lambda function on every object in the manifest.
" } }, "LifecycleConfiguration": { @@ -1110,8 +1110,8 @@ "refs": { "CreateBucketRequest$OutpostId": "The ID of the Outposts where the bucket is being created.
This is required by Amazon S3 on Outposts buckets.
An idempotency token to ensure that you don't accidentally submit the same request twice. You can use any string up to the maximum length.
", - "ListRegionalBucketsRequest$OutpostId": "The ID of the AWS Outposts.
This is required by Amazon S3 on Outposts buckets.
The AWS Outposts ID of the regional bucket.
" + "ListRegionalBucketsRequest$OutpostId": "The ID of the Outposts.
This is required by Amazon S3 on Outposts buckets.
The Outposts ID of the regional bucket.
" } }, "NoncurrentVersionExpiration": { @@ -1138,7 +1138,7 @@ } }, "ObjectLambdaAccessPoint": { - "base": "An access point with an attached AWS Lambda function used to access transformed data from an Amazon S3 bucket.
", + "base": "An access point with an attached Lambda function used to access transformed data from an Amazon S3 bucket.
", "refs": { "ObjectLambdaAccessPointList$member": null } @@ -1295,8 +1295,8 @@ "CreateAccessPointRequest$PublicAccessBlockConfiguration": " The PublicAccessBlock
configuration that you want to apply to the access point.
Configuration to block all public access. This setting is turned on and can not be edited.
", "GetAccessPointResult$PublicAccessBlockConfiguration": null, - "GetPublicAccessBlockOutput$PublicAccessBlockConfiguration": "The PublicAccessBlock
configuration currently in effect for this AWS account.
The PublicAccessBlock
configuration that you want to apply to the specified AWS account.
The PublicAccessBlock
configuration currently in effect for this account.
The PublicAccessBlock
configuration that you want to apply to the specified account.
The Amazon Resource Name (ARN) of the bucket.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the AWS SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
The Amazon Resource Name (ARN) of the bucket.
For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well.
For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:<Region>:<account-id>:outpost/<outpost-id>/bucket/<my-bucket-name>
. For example, to access the bucket reports
through outpost my-outpost
owned by account 123456789012
in Region us-west-2
, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports
. The value must be URL encoded.
The Amazon Resource Name (ARN) for the regional bucket.
" } }, @@ -1672,7 +1672,7 @@ "PublicAccessBlockConfiguration$BlockPublicAcls": "Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE
causes the following behavior:
PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public.
PUT Object calls fail if the request includes a public ACL.
PUT Bucket calls fail if the request includes a public ACL.
Enabling this setting doesn't affect existing policies or ACLs.
This is not supported for Amazon S3 on Outposts.
", "PublicAccessBlockConfiguration$IgnorePublicAcls": "Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE
causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.
Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.
This is not supported for Amazon S3 on Outposts.
", "PublicAccessBlockConfiguration$BlockPublicPolicy": "Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE
causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.
Enabling this setting doesn't affect existing bucket policies.
This is not supported for Amazon S3 on Outposts.
", - "PublicAccessBlockConfiguration$RestrictPublicBuckets": "Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to TRUE
restricts access to buckets with public policies to only AWS service principals and authorized users within this account.
Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.
This is not supported for Amazon S3 on Outposts.
" + "PublicAccessBlockConfiguration$RestrictPublicBuckets": "Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to TRUE
restricts access to buckets with public policies to only Amazon Web Service principals and authorized users within this account.
Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.
This is not supported for Amazon S3 on Outposts.
" } }, "StorageLensArn": { @@ -1683,9 +1683,9 @@ } }, "StorageLensAwsOrg": { - "base": "The AWS organization for your S3 Storage Lens.
", + "base": "The Amazon Web Services organization for your S3 Storage Lens.
", "refs": { - "StorageLensConfiguration$AwsOrg": "A container for the AWS organization for this S3 Storage Lens configuration.
" + "StorageLensConfiguration$AwsOrg": "A container for the Amazon Web Services organization for this S3 Storage Lens configuration.
" } }, "StorageLensConfiguration": { @@ -1840,9 +1840,9 @@ "VpcConfiguration": { "base": "The virtual private cloud (VPC) configuration for an access point.
", "refs": { - "AccessPoint$VpcConfiguration": "The virtual private cloud (VPC) configuration for this access point, if one exists.
This element is empty if this access point is an Amazon S3 on Outposts access point that is used by other AWS services.
The virtual private cloud (VPC) configuration for this access point, if one exists.
This element is empty if this access point is an Amazon S3 on Outposts access point that is used by other Amazon Web Services.
If you include this field, Amazon S3 restricts access to this access point to requests from the specified virtual private cloud (VPC).
This is required for creating an access point for Amazon S3 on Outposts buckets.
Contains the virtual private cloud (VPC) configuration for the specified access point.
This element is empty if this access point is an Amazon S3 on Outposts access point that is used by other AWS services.
Contains the virtual private cloud (VPC) configuration for the specified access point.
This element is empty if this access point is an Amazon S3 on Outposts access point that is used by other Amazon Web Services.