From 584aec207e76b9adec8d0341f200ad4095f4218b Mon Sep 17 00:00:00 2001 From: awssdkgo Date: Fri, 21 Oct 2022 20:25:49 +0000 Subject: [PATCH] Release v1.44.121 (2022-10-21) === ### Service Client Updates * `service/cognito-idp`: Updates service API and documentation * `service/s3`: Updates service examples * S3 on Outposts launches support for automatic bucket-style alias. You can use the automatic access point alias instead of an access point ARN for any object-level operation in an Outposts bucket. * `service/sagemaker`: Updates service API and documentation * CreateInferenceRecommenderjob API now supports passing endpoint details directly, that will help customers to identify the max invocation and max latency they can achieve for their model and the associated endpoint along with getting recommendations on other instances. --- CHANGELOG.md | 10 + aws/version.go | 2 +- models/apis/cognito-idp/2016-04-18/api-2.json | 13 + .../apis/cognito-idp/2016-04-18/docs-2.json | 52 +- .../2016-04-18/endpoint-rule-set-1.json | 315 +++++ .../2016-04-18/endpoint-tests-1.json | 1083 +++++++++++++++++ .../s3/2006-03-01/endpoint-rule-set-1.json | 777 ++++++++---- .../apis/s3/2006-03-01/endpoint-tests-1.json | 191 +++ models/apis/s3/2006-03-01/examples-1.json | 264 ++-- models/apis/sagemaker/2017-07-24/api-2.json | 45 +- models/apis/sagemaker/2017-07-24/docs-2.json | 36 +- .../2017-07-24/endpoint-rule-set-1.json | 2 +- service/cognitoidentityprovider/api.go | 246 +++- service/s3/examples_test.go | 202 +-- service/sagemaker/api.go | 175 ++- 15 files changed, 2862 insertions(+), 551 deletions(-) create mode 100644 models/apis/cognito-idp/2016-04-18/endpoint-rule-set-1.json create mode 100644 models/apis/cognito-idp/2016-04-18/endpoint-tests-1.json diff --git a/CHANGELOG.md b/CHANGELOG.md index 082b87b601..1b2ac69916 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,13 @@ +Release v1.44.121 (2022-10-21) +=== + +### Service Client Updates +* `service/cognito-idp`: Updates service API and documentation +* `service/s3`: Updates service examples + * S3 on Outposts launches support for automatic bucket-style alias. You can use the automatic access point alias instead of an access point ARN for any object-level operation in an Outposts bucket. +* `service/sagemaker`: Updates service API and documentation + * CreateInferenceRecommenderjob API now supports passing endpoint details directly, that will help customers to identify the max invocation and max latency they can achieve for their model and the associated endpoint along with getting recommendations on other instances. + Release v1.44.120 (2022-10-20) === diff --git a/aws/version.go b/aws/version.go index 8dbe5b2a39..a795ed615f 100644 --- a/aws/version.go +++ b/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.44.120" +const SDKVersion = "1.44.121" diff --git a/models/apis/cognito-idp/2016-04-18/api-2.json b/models/apis/cognito-idp/2016-04-18/api-2.json index 4ec8134f38..53cb75249a 100644 --- a/models/apis/cognito-idp/2016-04-18/api-2.json +++ b/models/apis/cognito-idp/2016-04-18/api-2.json @@ -798,6 +798,7 @@ "errors":[ {"shape":"InvalidParameterException"}, {"shape":"UnsupportedIdentityProviderException"}, + {"shape":"ConcurrentModificationException"}, {"shape":"ResourceNotFoundException"}, {"shape":"NotAuthorizedException"}, {"shape":"TooManyRequestsException"}, @@ -888,6 +889,7 @@ {"shape":"InvalidParameterException"}, {"shape":"TooManyRequestsException"}, {"shape":"NotAuthorizedException"}, + {"shape":"ConcurrentModificationException"}, {"shape":"InternalErrorException"} ] }, @@ -1771,6 +1773,7 @@ {"shape":"InvalidParameterException"}, {"shape":"UnsupportedIdentityProviderException"}, {"shape":"ResourceNotFoundException"}, + {"shape":"ConcurrentModificationException"}, {"shape":"NotAuthorizedException"}, {"shape":"TooManyRequestsException"}, {"shape":"InternalErrorException"} @@ -3064,6 +3067,7 @@ "members":{ "PoolName":{"shape":"UserPoolNameType"}, "Policies":{"shape":"UserPoolPolicyType"}, + "DeletionProtection":{"shape":"DeletionProtectionType"}, "LambdaConfig":{"shape":"LambdaConfigType"}, "AutoVerifiedAttributes":{"shape":"VerifiedAttributesListType"}, "AliasAttributes":{"shape":"AliasAttributesListType"}, @@ -3239,6 +3243,13 @@ "AccessToken":{"shape":"TokenModelType"} } }, + "DeletionProtectionType":{ + "type":"string", + "enum":[ + "ACTIVE", + "INACTIVE" + ] + }, "DeliveryMediumListType":{ "type":"list", "member":{"shape":"DeliveryMediumType"} @@ -5236,6 +5247,7 @@ "members":{ "UserPoolId":{"shape":"UserPoolIdType"}, "Policies":{"shape":"UserPoolPolicyType"}, + "DeletionProtection":{"shape":"DeletionProtectionType"}, "LambdaConfig":{"shape":"LambdaConfigType"}, "AutoVerifiedAttributes":{"shape":"VerifiedAttributesListType"}, "SmsVerificationMessage":{"shape":"SmsVerificationMessageType"}, @@ -5479,6 +5491,7 @@ "Id":{"shape":"UserPoolIdType"}, "Name":{"shape":"UserPoolNameType"}, "Policies":{"shape":"UserPoolPolicyType"}, + "DeletionProtection":{"shape":"DeletionProtectionType"}, "LambdaConfig":{"shape":"LambdaConfigType"}, "Status":{"shape":"StatusType"}, "LastModifiedDate":{"shape":"DateType"}, diff --git a/models/apis/cognito-idp/2016-04-18/docs-2.json b/models/apis/cognito-idp/2016-04-18/docs-2.json index eb7cd11fc0..a9191f9a2e 100644 --- a/models/apis/cognito-idp/2016-04-18/docs-2.json +++ b/models/apis/cognito-idp/2016-04-18/docs-2.json @@ -9,7 +9,7 @@ "AdminDeleteUser": "

Deletes a user as an administrator. Works on any user.

Calling this action requires developer credentials.

", "AdminDeleteUserAttributes": "

Deletes the user attributes in a user pool as an administrator. Works on any user.

Calling this action requires developer credentials.

", "AdminDisableProviderForUser": "

Prevents the user from signing in with the specified external (SAML or social) identity provider (IdP). If the user that you want to deactivate is a Amazon Cognito user pools native username + password user, they can't use their password to sign in. If the user to deactivate is a linked external IdP user, any link between that user and an existing user is removed. When the external user signs in again, and the user is no longer attached to the previously linked DestinationUser, the user must create a new user account. See AdminLinkProviderForUser.

This action is enabled only for admin access and requires developer credentials.

The ProviderName must match the value specified when creating an IdP for the pool.

To deactivate a native username + password user, the ProviderName value must be Cognito and the ProviderAttributeName must be Cognito_Subject. The ProviderAttributeValue must be the name that is used in the user pool for the user.

The ProviderAttributeName must always be Cognito_Subject for social IdPs. The ProviderAttributeValue must always be the exact subject that was used when the user was originally linked as a source user.

For de-linking a SAML identity, there are two scenarios. If the linked identity has not yet been used to sign in, the ProviderAttributeName and ProviderAttributeValue must be the same values that were used for the SourceUser when the identities were originally linked using AdminLinkProviderForUser call. (If the linking was done with ProviderAttributeName set to Cognito_Subject, the same applies here). However, if the user has already signed in, the ProviderAttributeName must be Cognito_Subject and ProviderAttributeValue must be the subject of the SAML assertion.

", - "AdminDisableUser": "

Disables the specified user.

Calling this action requires developer credentials.

", + "AdminDisableUser": "

Deactivates a user and revokes all access tokens for the user. A deactivated user can't sign in, but still appears in the responses to GetUser and ListUsers API requests.

You must make this API request with Amazon Web Services credentials that have cognito-idp:AdminDisableUser permissions.

", "AdminEnableUser": "

Enables the specified user as an administrator. Works on any user.

Calling this action requires developer credentials.

", "AdminForgetDevice": "

Forgets the device, as an administrator.

Calling this action requires developer credentials.

", "AdminGetDevice": "

Gets the device, as an administrator.

Calling this action requires developer credentials.

", @@ -62,12 +62,12 @@ "GetDevice": "

Gets the device.

", "GetGroup": "

Gets a group.

Calling this action requires developer credentials.

", "GetIdentityProviderByIdentifier": "

Gets the specified IdP.

", - "GetSigningCertificate": "

This method takes a user pool ID, and returns the signing certificate.

", + "GetSigningCertificate": "

This method takes a user pool ID, and returns the signing certificate. The issued certificate is valid for 10 years from the date of issue.

Amazon Cognito issues and assigns a new signing certificate annually. This process returns a new value in the response to GetSigningCertificate, but doesn't invalidate the original certificate.

", "GetUICustomization": "

Gets the user interface (UI) Customization information for a particular app client's app UI, if any such information exists for the client. If nothing is set for the particular client, but there is an existing pool level customization (the app clientId is ALL), then that information is returned. If nothing is present, then an empty shape is returned.

", "GetUser": "

Gets the user attributes and metadata for a user.

", "GetUserAttributeVerificationCode": "

Generates a user attribute verification code for the specified attribute name. Sends a message to a user with a code that they must return in a VerifyUserAttribute request.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

", "GetUserPoolMfaConfig": "

Gets the user pool multi-factor authentication (MFA) configuration.

", - "GlobalSignOut": "

Signs out users from all devices. It also invalidates all refresh tokens that Amazon Cognito has issued to a user. The user's current access and ID tokens remain valid until their expiry. By default, access and ID tokens expire one hour after Amazon Cognito issues them. A user can still use a hosted UI cookie to retrieve new tokens for the duration of the cookie validity period of 1 hour.

", + "GlobalSignOut": "

Signs out users from all devices. It also invalidates all refresh tokens that Amazon Cognito has issued to a user. A user can still use a hosted UI cookie to retrieve new tokens for the duration of the 1-hour cookie validity period.

", "InitiateAuth": "

Initiates sign-in for a user in the Amazon Cognito user directory. You can't sign in a user with a federated IdP with InitiateAuth. For more information, see Adding user pool sign-in through a third party.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

", "ListDevices": "

Lists the sign-in devices that Amazon Cognito has registered to the current user.

", "ListGroups": "

Lists the groups associated with a user pool.

Calling this action requires developer credentials.

", @@ -81,7 +81,7 @@ "ListUsersInGroup": "

Lists the users in the specified group.

Calling this action requires developer credentials.

", "ResendConfirmationCode": "

Resends the confirmation (for confirmation of registration) to a specific user in the user pool.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

", "RespondToAuthChallenge": "

Responds to the authentication challenge.

This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an origination phone number before you can send SMS messages to US phone numbers. If you use SMS text messages in Amazon Cognito, you must register a phone number with Amazon Pinpoint. Amazon Cognito uses the registered number automatically. Otherwise, Amazon Cognito users who must receive SMS messages might not be able to sign up, activate their accounts, or sign in.

If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service might place your account in the SMS sandbox. In sandbox mode , you can send messages only to verified phone numbers. After you test your app while in the sandbox environment, you can move out of the sandbox and into production. For more information, see SMS message settings for Amazon Cognito user pools in the Amazon Cognito Developer Guide.

", - "RevokeToken": "

Revokes all of the access tokens generated by the specified refresh token. After the token is revoked, you can't use the revoked token to access Amazon Cognito authenticated APIs.

", + "RevokeToken": "

Revokes all of the access tokens generated by, and at the same time as, the specified refresh token. After a token is revoked, you can't use the revoked token to access Amazon Cognito user APIs, or to authorize access to your resource server.

", "SetRiskConfiguration": "

Configures actions on detected risks. To delete the risk configuration for UserPoolId or ClientId, pass null values for all four configuration types.

To activate Amazon Cognito advanced security features, update the user pool to include the UserPoolAddOns keyAdvancedSecurityMode.

", "SetUICustomization": "

Sets the user interface (UI) customization information for a user pool's built-in app UI.

You can specify app UI customization settings for a single client (with a specific clientId) or for all clients (by setting the clientId to ALL). If you specify ALL, the default configuration is used for every client that has no previously set UI customization. If you specify UI customization settings for a particular client, it will no longer return to the ALL configuration.

To use this API, your user pool must have a domain associated with it. Otherwise, there is no place to host the app's pages, and the service will throw an error.

", "SetUserMFAPreference": "

Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are activated and if any are preferred. Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts unless device tracking is turned on and the device has been trusted. If you want MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive Authentication for the user pool.

", @@ -114,9 +114,9 @@ "AccessTokenValidityType": { "base": null, "refs": { - "CreateUserPoolClientRequest$AccessTokenValidity": "

The access token time limit. After this limit expires, your user can't use their access token. To specify the time unit for AccessTokenValidity as seconds, minutes, hours, or days, set a TokenValidityUnits value in your API request.

For example, when you set AccessTokenValidity to 10 and TokenValidityUnits to hours, your user can authorize access with their access token for 10 hours.

The default time unit for AccessTokenValidity in an API request is hours. Valid range is displayed below in seconds.

", - "UpdateUserPoolClientRequest$AccessTokenValidity": "

The access token time limit. After this limit expires, your user can't use their access token. To specify the time unit for AccessTokenValidity as seconds, minutes, hours, or days, set a TokenValidityUnits value in your API request.

For example, when you set AccessTokenValidity to 10 and TokenValidityUnits to hours, your user can authorize access with their access token for 10 hours.

The default time unit for AccessTokenValidity in an API request is hours. Valid range is displayed below in seconds.

", - "UserPoolClientType$AccessTokenValidity": "

The access token time limit. After this limit expires, your user can't use their access token. To specify the time unit for AccessTokenValidity as seconds, minutes, hours, or days, set a TokenValidityUnits value in your API request.

For example, when you set AccessTokenValidity to 10 and TokenValidityUnits to hours, your user can authorize access with their access token for 10 hours.

The default time unit for AccessTokenValidity in an API request is hours. Valid range is displayed below in seconds.

" + "CreateUserPoolClientRequest$AccessTokenValidity": "

The access token time limit. After this limit expires, your user can't use their access token. To specify the time unit for AccessTokenValidity as seconds, minutes, hours, or days, set a TokenValidityUnits value in your API request.

For example, when you set AccessTokenValidity to 10 and TokenValidityUnits to hours, your user can authorize access with their access token for 10 hours.

The default time unit for AccessTokenValidity in an API request is hours. Valid range is displayed below in seconds.

If you don't specify otherwise in the configuration of your app client, your access tokens are valid for one hour.

", + "UpdateUserPoolClientRequest$AccessTokenValidity": "

The access token time limit. After this limit expires, your user can't use their access token. To specify the time unit for AccessTokenValidity as seconds, minutes, hours, or days, set a TokenValidityUnits value in your API request.

For example, when you set AccessTokenValidity to 10 and TokenValidityUnits to hours, your user can authorize access with their access token for 10 hours.

The default time unit for AccessTokenValidity in an API request is hours. Valid range is displayed below in seconds.

If you don't specify otherwise in the configuration of your app client, your access tokens are valid for one hour.

", + "UserPoolClientType$AccessTokenValidity": "

The access token time limit. After this limit expires, your user can't use their access token. To specify the time unit for AccessTokenValidity as seconds, minutes, hours, or days, set a TokenValidityUnits value in your API request.

For example, when you set AccessTokenValidity to 10 and TokenValidityUnits to hours, your user can authorize access with their access token for 10 hours.

The default time unit for AccessTokenValidity in an API request is hours. Valid range is displayed below in seconds.

If you don't specify otherwise in the configuration of your app client, your access tokens are valid for one hour.

" } }, "AccountRecoverySettingType": { @@ -1127,6 +1127,14 @@ "refs": { } }, + "DeletionProtectionType": { + "base": null, + "refs": { + "CreateUserPoolRequest$DeletionProtection": "

When active, DeletionProtection prevents accidental deletion of your user pool. Before you can delete a user pool that you have protected against deletion, you must deactivate this feature.

When you try to delete a protected user pool in a DeleteUserPool API request, Amazon Cognito returns an InvalidParameterException error. To delete a protected user pool, send a new DeleteUserPool request after you deactivate deletion protection in an UpdateUserPool API request.

", + "UpdateUserPoolRequest$DeletionProtection": "

When active, DeletionProtection prevents accidental deletion of your user pool. Before you can delete a user pool that you have protected against deletion, you must deactivate this feature.

When you try to delete a protected user pool in a DeleteUserPool API request, Amazon Cognito returns an InvalidParameterException error. To delete a protected user pool, send a new DeleteUserPool request after you deactivate deletion protection in an UpdateUserPool API request.

", + "UserPoolType$DeletionProtection": "

When active, DeletionProtection prevents accidental deletion of your user pool. Before you can delete a user pool that you have protected against deletion, you must deactivate this feature.

When you try to delete a protected user pool in a DeleteUserPool API request, Amazon Cognito returns an InvalidParameterException error. To delete a protected user pool, send a new DeleteUserPool request after you deactivate deletion protection in an UpdateUserPool API request.

" + } + }, "DeliveryMediumListType": { "base": null, "refs": { @@ -1342,7 +1350,7 @@ "EmailSendingAccountType": { "base": null, "refs": { - "EmailConfigurationType$EmailSendingAccount": "

Specifies whether Amazon Cognito uses its built-in functionality to send your users email messages, or uses your Amazon Simple Email Service email configuration. Specify one of the following values:

COGNITO_DEFAULT

When Amazon Cognito emails your users, it uses its built-in email functionality. When you use the default option, Amazon Cognito allows only a limited number of emails each day for your user pool. For typical production environments, the default email limit is less than the required delivery volume. To achieve a higher delivery volume, specify DEVELOPER to use your Amazon SES email configuration.

To look up the email delivery limit for the default option, see Limits in in the Developer Guide.

The default FROM address is no-reply@verificationemail.com. To customize the FROM address, provide the Amazon Resource Name (ARN) of an Amazon SES verified email address for the SourceArn parameter.

DEVELOPER

When Amazon Cognito emails your users, it uses your Amazon SES configuration. Amazon Cognito calls Amazon SES on your behalf to send email from your verified email address. When you use this option, the email delivery limits are the same limits that apply to your Amazon SES verified email address in your Amazon Web Services account.

If you use this option, provide the ARN of an Amazon SES verified email address for the SourceArn parameter.

Before Amazon Cognito can email your users, it requires additional permissions to call Amazon SES on your behalf. When you update your user pool with this option, Amazon Cognito creates a service-linked role, which is a type of role, in your Amazon Web Services account. This role contains the permissions that allow to access Amazon SES and send email messages with your address. For more information about the service-linked role that Amazon Cognito creates, see Using Service-Linked Roles for Amazon Cognito in the Amazon Cognito Developer Guide.

" + "EmailConfigurationType$EmailSendingAccount": "

Specifies whether Amazon Cognito uses its built-in functionality to send your users email messages, or uses your Amazon Simple Email Service email configuration. Specify one of the following values:

COGNITO_DEFAULT

When Amazon Cognito emails your users, it uses its built-in email functionality. When you use the default option, Amazon Cognito allows only a limited number of emails each day for your user pool. For typical production environments, the default email limit is less than the required delivery volume. To achieve a higher delivery volume, specify DEVELOPER to use your Amazon SES email configuration.

To look up the email delivery limit for the default option, see Limits in the Amazon Cognito Developer Guide.

The default FROM address is no-reply@verificationemail.com. To customize the FROM address, provide the Amazon Resource Name (ARN) of an Amazon SES verified email address for the SourceArn parameter.

DEVELOPER

When Amazon Cognito emails your users, it uses your Amazon SES configuration. Amazon Cognito calls Amazon SES on your behalf to send email from your verified email address. When you use this option, the email delivery limits are the same limits that apply to your Amazon SES verified email address in your Amazon Web Services account.

If you use this option, provide the ARN of an Amazon SES verified email address for the SourceArn parameter.

Before Amazon Cognito can email your users, it requires additional permissions to call Amazon SES on your behalf. When you update your user pool with this option, Amazon Cognito creates a service-linked role, which is a type of role in your Amazon Web Services account. This role contains the permissions that allow you to access Amazon SES and send email messages from your email address. For more information about the service-linked role that Amazon Cognito creates, see Using Service-Linked Roles for Amazon Cognito in the Amazon Cognito Developer Guide.

" } }, "EmailVerificationMessageByLinkType": { @@ -1439,9 +1447,9 @@ "ExplicitAuthFlowsListType": { "base": null, "refs": { - "CreateUserPoolClientRequest$ExplicitAuthFlows": "

The authentication flows that are supported by the user pool clients. Flow names without the ALLOW_ prefix are no longer supported, in favor of new names with the ALLOW_ prefix.

Values with ALLOW_ prefix must be used only along with the ALLOW_ prefix.

Valid values include:

ALLOW_ADMIN_USER_PASSWORD_AUTH

Enable admin based user password authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting. With this authentication flow, Amazon Cognito receives the password in the request instead of using the Secure Remote Password (SRP) protocol to verify passwords.

ALLOW_CUSTOM_AUTH

Enable Lambda trigger based authentication.

ALLOW_USER_PASSWORD_AUTH

Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.

ALLOW_USER_SRP_AUTH

Enable SRP-based authentication.

ALLOW_REFRESH_TOKEN_AUTH

Enable the authflow that refreshes tokens.

If you don't specify a value for ExplicitAuthFlows, your user client supports ALLOW_USER_SRP_AUTH and ALLOW_CUSTOM_AUTH.

", - "UpdateUserPoolClientRequest$ExplicitAuthFlows": "

The authentication flows that are supported by the user pool clients. Flow names without the ALLOW_ prefix are no longer supported in favor of new names with the ALLOW_ prefix. Note that values with ALLOW_ prefix must be used only along with values with the ALLOW_ prefix.

Valid values include:

", - "UserPoolClientType$ExplicitAuthFlows": "

The authentication flows that are supported by the user pool clients. Flow names without the ALLOW_ prefix are no longer supported in favor of new names with the ALLOW_ prefix. Note that values with ALLOW_ prefix must be used only along with values including the ALLOW_ prefix.

Valid values include:

" + "CreateUserPoolClientRequest$ExplicitAuthFlows": "

The authentication flows that you want your user pool client to support. For each app client in your user pool, you can sign in your users with any combination of one or more flows, including with a user name and Secure Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda functions.

If you don't specify a value for ExplicitAuthFlows, your user client supports ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.

Valid values include:

In some environments, you will see the values ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values to user pool clients at the same time as values that begin with ALLOW_, like ALLOW_USER_SRP_AUTH.

", + "UpdateUserPoolClientRequest$ExplicitAuthFlows": "

The authentication flows that you want your user pool client to support. For each app client in your user pool, you can sign in your users with any combination of one or more flows, including with a user name and Secure Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda functions.

If you don't specify a value for ExplicitAuthFlows, your user client supports ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.

Valid values include:

In some environments, you will see the values ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values to user pool clients at the same time as values that begin with ALLOW_, like ALLOW_USER_SRP_AUTH.

", + "UserPoolClientType$ExplicitAuthFlows": "

The authentication flows that you want your user pool client to support. For each app client in your user pool, you can sign in your users with any combination of one or more flows, including with a user name and Secure Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda functions.

If you don't specify a value for ExplicitAuthFlows, your user client supports ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH.

Valid values include:

In some environments, you will see the values ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values to user pool clients at the same time as values that begin with ALLOW_, like ALLOW_USER_SRP_AUTH.

" } }, "ExplicitAuthFlowsType": { @@ -1646,18 +1654,18 @@ "IdTokenValidityType": { "base": null, "refs": { - "CreateUserPoolClientRequest$IdTokenValidity": "

The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time unit for IdTokenValidity as seconds, minutes, hours, or days, set a TokenValidityUnits value in your API request.

For example, when you set IdTokenValidity as 10 and TokenValidityUnits as hours, your user can authenticate their session with their ID token for 10 hours.

The default time unit for AccessTokenValidity in an API request is hours. Valid range is displayed below in seconds.

", - "UpdateUserPoolClientRequest$IdTokenValidity": "

The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time unit for IdTokenValidity as seconds, minutes, hours, or days, set a TokenValidityUnits value in your API request.

For example, when you set IdTokenValidity as 10 and TokenValidityUnits as hours, your user can authenticate their session with their ID token for 10 hours.

The default time unit for AccessTokenValidity in an API request is hours. Valid range is displayed below in seconds.

", - "UserPoolClientType$IdTokenValidity": "

The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time unit for IdTokenValidity as seconds, minutes, hours, or days, set a TokenValidityUnits value in your API request.

For example, when you set IdTokenValidity as 10 and TokenValidityUnits as hours, your user can authenticate their session with their ID token for 10 hours.

The default time unit for AccessTokenValidity in an API request is hours. Valid range is displayed below in seconds.

" + "CreateUserPoolClientRequest$IdTokenValidity": "

The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time unit for IdTokenValidity as seconds, minutes, hours, or days, set a TokenValidityUnits value in your API request.

For example, when you set IdTokenValidity as 10 and TokenValidityUnits as hours, your user can authenticate their session with their ID token for 10 hours.

The default time unit for AccessTokenValidity in an API request is hours. Valid range is displayed below in seconds.

If you don't specify otherwise in the configuration of your app client, your ID tokens are valid for one hour.

", + "UpdateUserPoolClientRequest$IdTokenValidity": "

The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time unit for IdTokenValidity as seconds, minutes, hours, or days, set a TokenValidityUnits value in your API request.

For example, when you set IdTokenValidity as 10 and TokenValidityUnits as hours, your user can authenticate their session with their ID token for 10 hours.

The default time unit for AccessTokenValidity in an API request is hours. Valid range is displayed below in seconds.

If you don't specify otherwise in the configuration of your app client, your ID tokens are valid for one hour.

", + "UserPoolClientType$IdTokenValidity": "

The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time unit for IdTokenValidity as seconds, minutes, hours, or days, set a TokenValidityUnits value in your API request.

For example, when you set IdTokenValidity as 10 and TokenValidityUnits as hours, your user can authenticate their session with their ID token for 10 hours.

The default time unit for AccessTokenValidity in an API request is hours. Valid range is displayed below in seconds.

If you don't specify otherwise in the configuration of your app client, your ID tokens are valid for one hour.

" } }, "IdentityProviderType": { "base": "

A container for information about an IdP.

", "refs": { "CreateIdentityProviderResponse$IdentityProvider": "

The newly created IdP object.

", - "DescribeIdentityProviderResponse$IdentityProvider": "

The IdP that was deleted.

", - "GetIdentityProviderByIdentifierResponse$IdentityProvider": "

The IdP object.

", - "UpdateIdentityProviderResponse$IdentityProvider": "

The IdP object.

" + "DescribeIdentityProviderResponse$IdentityProvider": "

The identity provider details.

", + "GetIdentityProviderByIdentifierResponse$IdentityProvider": "

The identity provider details.

", + "UpdateIdentityProviderResponse$IdentityProvider": "

The identity provider details.

" } }, "IdentityProviderTypeType": { @@ -2182,7 +2190,7 @@ "refs": { "AdminListDevicesRequest$Limit": "

The limit of the devices request.

", "AdminListGroupsForUserRequest$Limit": "

The limit of the request to list groups.

", - "AdminListUserAuthEventsRequest$MaxResults": "

The maximum number of authentication events to return.

", + "AdminListUserAuthEventsRequest$MaxResults": "

The maximum number of authentication events to return. Returns 60 events if you set MaxResults to 0, or if you don't include a MaxResults parameter.

", "ListDevicesRequest$Limit": "

The limit of the device request.

", "ListGroupsRequest$Limit": "

The limit of the request to list groups.

", "ListUsersInGroupRequest$Limit": "

The limit of the request to list users.

", @@ -2220,9 +2228,9 @@ "RefreshTokenValidityType": { "base": null, "refs": { - "CreateUserPoolClientRequest$RefreshTokenValidity": "

The refresh token time limit. After this limit expires, your user can't use their refresh token. To specify the time unit for RefreshTokenValidity as seconds, minutes, hours, or days, set a TokenValidityUnits value in your API request.

For example, when you set RefreshTokenValidity as 10 and TokenValidityUnits as days, your user can refresh their session and retrieve new access and ID tokens for 10 days.

The default time unit for RefreshTokenValidity in an API request is days. You can't set RefreshTokenValidity to 0. If you do, Amazon Cognito overrides the value with the default value of 30 days. Valid range is displayed below in seconds.

", - "UpdateUserPoolClientRequest$RefreshTokenValidity": "

The refresh token time limit. After this limit expires, your user can't use their refresh token. To specify the time unit for RefreshTokenValidity as seconds, minutes, hours, or days, set a TokenValidityUnits value in your API request.

For example, when you set RefreshTokenValidity as 10 and TokenValidityUnits as days, your user can refresh their session and retrieve new access and ID tokens for 10 days.

The default time unit for RefreshTokenValidity in an API request is days. You can't set RefreshTokenValidity to 0. If you do, Amazon Cognito overrides the value with the default value of 30 days. Valid range is displayed below in seconds.

", - "UserPoolClientType$RefreshTokenValidity": "

The refresh token time limit. After this limit expires, your user can't use their refresh token. To specify the time unit for RefreshTokenValidity as seconds, minutes, hours, or days, set a TokenValidityUnits value in your API request.

For example, when you set RefreshTokenValidity as 10 and TokenValidityUnits as days, your user can refresh their session and retrieve new access and ID tokens for 10 days.

The default time unit for RefreshTokenValidity in an API request is days. You can't set RefreshTokenValidity to 0. If you do, Amazon Cognito overrides the value with the default value of 30 days. Valid range is displayed below in seconds.

" + "CreateUserPoolClientRequest$RefreshTokenValidity": "

The refresh token time limit. After this limit expires, your user can't use their refresh token. To specify the time unit for RefreshTokenValidity as seconds, minutes, hours, or days, set a TokenValidityUnits value in your API request.

For example, when you set RefreshTokenValidity as 10 and TokenValidityUnits as days, your user can refresh their session and retrieve new access and ID tokens for 10 days.

The default time unit for RefreshTokenValidity in an API request is days. You can't set RefreshTokenValidity to 0. If you do, Amazon Cognito overrides the value with the default value of 30 days. Valid range is displayed below in seconds.

If you don't specify otherwise in the configuration of your app client, your refresh tokens are valid for 30 days.

", + "UpdateUserPoolClientRequest$RefreshTokenValidity": "

The refresh token time limit. After this limit expires, your user can't use their refresh token. To specify the time unit for RefreshTokenValidity as seconds, minutes, hours, or days, set a TokenValidityUnits value in your API request.

For example, when you set RefreshTokenValidity as 10 and TokenValidityUnits as days, your user can refresh their session and retrieve new access and ID tokens for 10 days.

The default time unit for RefreshTokenValidity in an API request is days. You can't set RefreshTokenValidity to 0. If you do, Amazon Cognito overrides the value with the default value of 30 days. Valid range is displayed below in seconds.

If you don't specify otherwise in the configuration of your app client, your refresh tokens are valid for 30 days.

", + "UserPoolClientType$RefreshTokenValidity": "

The refresh token time limit. After this limit expires, your user can't use their refresh token. To specify the time unit for RefreshTokenValidity as seconds, minutes, hours, or days, set a TokenValidityUnits value in your API request.

For example, when you set RefreshTokenValidity as 10 and TokenValidityUnits as days, your user can refresh their session and retrieve new access and ID tokens for 10 days.

The default time unit for RefreshTokenValidity in an API request is days. You can't set RefreshTokenValidity to 0. If you do, Amazon Cognito overrides the value with the default value of 30 days. Valid range is displayed below in seconds.

If you don't specify otherwise in the configuration of your app client, your refresh tokens are valid for 30 days.

" } }, "RegionCodeType": { @@ -3122,7 +3130,7 @@ "refs": { "CreateUserPoolRequest$MfaConfiguration": "

Specifies MFA configuration details.

", "GetUserPoolMfaConfigResponse$MfaConfiguration": "

The multi-factor authentication (MFA) configuration. Valid values include:

", - "SetUserPoolMfaConfigRequest$MfaConfiguration": "

The MFA configuration. If you set the MfaConfiguration value to ‘ON’, only users who have set up an MFA factor can sign in. To learn more, see Adding Multi-Factor Authentication (MFA) to a user pool. Valid values include:

", + "SetUserPoolMfaConfigRequest$MfaConfiguration": "

The MFA configuration. If you set the MfaConfiguration value to ‘ON’, only users who have set up an MFA factor can sign in. To learn more, see Adding Multi-Factor Authentication (MFA) to a user pool. Valid values include:

", "SetUserPoolMfaConfigResponse$MfaConfiguration": "

The MFA configuration. Valid values include:

", "UpdateUserPoolRequest$MfaConfiguration": "

Possible values include:

", "UserPoolType$MfaConfiguration": "

Can be one of the following values:

" diff --git a/models/apis/cognito-idp/2016-04-18/endpoint-rule-set-1.json b/models/apis/cognito-idp/2016-04-18/endpoint-rule-set-1.json new file mode 100644 index 0000000000..c4b4871e7e --- /dev/null +++ b/models/apis/cognito-idp/2016-04-18/endpoint-rule-set-1.json @@ -0,0 +1,315 @@ +{ + "version": "1.0", + "parameters": { + "Region": { + "builtIn": "AWS::Region", + "required": false, + "documentation": "The AWS region used to dispatch the request.", + "type": "String" + }, + "UseDualStack": { + "builtIn": "AWS::UseDualStack", + "required": true, + "default": false, + "documentation": "When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.", + "type": "Boolean" + }, + "UseFIPS": { + "builtIn": "AWS::UseFIPS", + "required": true, + "default": false, + "documentation": "When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.", + "type": "Boolean" + }, + "Endpoint": { + "builtIn": "SDK::Endpoint", + "required": false, + "documentation": "Override the endpoint used to send this request", + "type": "String" + } + }, + "rules": [ + { + "conditions": [ + { + "fn": "aws.partition", + "argv": [ + { + "ref": "Region" + } + ], + "assign": "PartitionResult" + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Endpoint" + } + ] + }, + { + "fn": "parseURL", + "argv": [ + { + "ref": "Endpoint" + } + ], + "assign": "url" + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "error": "Invalid Configuration: FIPS and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "endpoint": { + "url": { + "ref": "Endpoint" + }, + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + }, + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + }, + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://cognito-idp-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + }, + { + "conditions": [], + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://cognito-idp-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [], + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" + } + ] + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://cognito-idp.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + }, + { + "conditions": [], + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" + } + ] + }, + { + "conditions": [], + "endpoint": { + "url": "https://cognito-idp.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] +} \ No newline at end of file diff --git a/models/apis/cognito-idp/2016-04-18/endpoint-tests-1.json b/models/apis/cognito-idp/2016-04-18/endpoint-tests-1.json new file mode 100644 index 0000000000..2e9849ac5e --- /dev/null +++ b/models/apis/cognito-idp/2016-04-18/endpoint-tests-1.json @@ -0,0 +1,1083 @@ +{ + "testCases": [ + { + "documentation": "For region ap-south-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.ap-south-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-south-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-south-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.ap-south-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-south-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-south-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.ap-south-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-south-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.ap-south-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-south-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-south-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.eu-south-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-south-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-south-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.eu-south-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-south-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-south-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.eu-south-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-south-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.eu-south-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-south-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ca-central-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.ca-central-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ca-central-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ca-central-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.ca-central-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ca-central-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ca-central-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.ca-central-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ca-central-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.ca-central-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ca-central-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-central-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.eu-central-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-central-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-central-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.eu-central-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-central-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-central-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.eu-central-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-central-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.eu-central-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-central-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-west-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.us-west-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-west-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.us-west-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-west-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-west-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.us-west-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-west-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.us-west-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-west-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-west-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.us-west-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-west-2", + "UseDualStack": true + } + }, + { + "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.us-west-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-west-2", + "UseDualStack": false + } + }, + { + "documentation": "For region us-west-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.us-west-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-west-2", + "UseDualStack": true + } + }, + { + "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.us-west-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-west-2", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-north-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.eu-north-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-north-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-north-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.eu-north-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-north-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-north-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.eu-north-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-north-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.eu-north-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-north-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-3 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.eu-west-3.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-west-3", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-west-3 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.eu-west-3.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-west-3", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-3 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.eu-west-3.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-west-3", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.eu-west-3.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-west-3", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.eu-west-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-west-2", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-west-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.eu-west-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-west-2", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.eu-west-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-west-2", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.eu-west-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-west-2", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.eu-west-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-west-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-west-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.eu-west-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "eu-west-1", + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.eu-west-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-west-1", + "UseDualStack": true + } + }, + { + "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.eu-west-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "eu-west-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-northeast-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.ap-northeast-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-northeast-2", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-northeast-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.ap-northeast-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-northeast-2", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.ap-northeast-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-northeast-2", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.ap-northeast-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-northeast-2", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-northeast-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.ap-northeast-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-northeast-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-northeast-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.ap-northeast-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-northeast-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.ap-northeast-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-northeast-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.ap-northeast-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-northeast-1", + "UseDualStack": false + } + }, + { + "documentation": "For region me-south-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.me-south-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "me-south-1", + "UseDualStack": true + } + }, + { + "documentation": "For region me-south-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.me-south-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "me-south-1", + "UseDualStack": false + } + }, + { + "documentation": "For region me-south-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.me-south-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "me-south-1", + "UseDualStack": true + } + }, + { + "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.me-south-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "me-south-1", + "UseDualStack": false + } + }, + { + "documentation": "For region sa-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.sa-east-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "sa-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region sa-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.sa-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "sa-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region sa-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.sa-east-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "sa-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.sa-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "sa-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.ap-east-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.ap-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.ap-east-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.ap-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.us-gov-west-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-gov-west-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.us-gov-west-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-gov-west-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.us-gov-west-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-gov-west-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.us-gov-west-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-gov-west-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.ap-southeast-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-southeast-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-southeast-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.ap-southeast-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-southeast-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.ap-southeast-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-southeast-1", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.ap-southeast-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-southeast-1", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.ap-southeast-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-southeast-2", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-southeast-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.ap-southeast-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "ap-southeast-2", + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.ap-southeast-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-southeast-2", + "UseDualStack": true + } + }, + { + "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.ap-southeast-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "ap-southeast-2", + "UseDualStack": false + } + }, + { + "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.us-east-1.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.us-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.us-east-1.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-east-1", + "UseDualStack": true + } + }, + { + "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.us-east-1.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-east-1", + "UseDualStack": false + } + }, + { + "documentation": "For region us-east-2 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.us-east-2.api.aws" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-east-2", + "UseDualStack": true + } + }, + { + "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp-fips.us-east-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": true, + "Region": "us-east-2", + "UseDualStack": false + } + }, + { + "documentation": "For region us-east-2 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.us-east-2.api.aws" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-east-2", + "UseDualStack": true + } + }, + { + "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-idp.us-east-2.amazonaws.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-east-2", + "UseDualStack": false + } + }, + { + "documentation": "For custom endpoint with fips disabled and dualstack disabled", + "expect": { + "endpoint": { + "url": "https://example.com" + } + }, + "params": { + "UseFIPS": false, + "Region": "us-east-1", + "UseDualStack": false, + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with fips enabled and dualstack disabled", + "expect": { + "error": "Invalid Configuration: FIPS and custom endpoint are not supported" + }, + "params": { + "UseFIPS": true, + "Region": "us-east-1", + "UseDualStack": false, + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with fips disabled and dualstack enabled", + "expect": { + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" + }, + "params": { + "UseFIPS": false, + "Region": "us-east-1", + "UseDualStack": true, + "Endpoint": "https://example.com" + } + } + ], + "version": "1.0" +} \ No newline at end of file diff --git a/models/apis/s3/2006-03-01/endpoint-rule-set-1.json b/models/apis/s3/2006-03-01/endpoint-rule-set-1.json index 394ecc1572..819bfe14b9 100644 --- a/models/apis/s3/2006-03-01/endpoint-rule-set-1.json +++ b/models/apis/s3/2006-03-01/endpoint-rule-set-1.json @@ -98,6 +98,329 @@ "conditions": [], "type": "tree", "rules": [ + { + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Bucket" + } + ] + }, + { + "fn": "substring", + "argv": [ + { + "ref": "Bucket" + }, + 49, + 50, + true + ], + "assign": "hardwareType" + }, + { + "fn": "substring", + "argv": [ + { + "ref": "Bucket" + }, + 8, + 12, + true + ], + "assign": "regionPrefix" + }, + { + "fn": "substring", + "argv": [ + { + "ref": "Bucket" + }, + 0, + 7, + true + ], + "assign": "abbaSuffix" + }, + { + "fn": "substring", + "argv": [ + { + "ref": "Bucket" + }, + 32, + 49, + true + ], + "assign": "outpostId" + }, + { + "fn": "aws.partition", + "argv": [ + { + "ref": "Region" + } + ], + "assign": "regionPartition" + }, + { + "fn": "stringEquals", + "argv": [ + { + "ref": "abbaSuffix" + }, + "--op-s3" + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "isValidHostLabel", + "argv": [ + { + "ref": "outpostId" + }, + false + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "stringEquals", + "argv": [ + { + "ref": "hardwareType" + }, + "e" + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "stringEquals", + "argv": [ + { + "ref": "regionPrefix" + }, + "beta" + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "not", + "argv": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Endpoint" + } + ] + } + ] + } + ], + "error": "Expected a endpoint to be specified but no endpoint was found", + "type": "error" + }, + { + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Endpoint" + } + ] + }, + { + "fn": "parseURL", + "argv": [ + { + "ref": "Endpoint" + } + ], + "assign": "url" + } + ], + "endpoint": { + "url": "https://{Bucket}.ec2.{url#authority}", + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingName": "s3-outposts", + "disableDoubleEncoding": true, + "signingRegion": "{Region}" + } + ] + }, + "headers": {} + }, + "type": "endpoint" + } + ] + }, + { + "conditions": [], + "endpoint": { + "url": "https://{Bucket}.ec2.s3-outposts.{Region}.{regionPartition#dnsSuffix}", + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingName": "s3-outposts", + "disableDoubleEncoding": true, + "signingRegion": "{Region}" + } + ] + }, + "headers": {} + }, + "type": "endpoint" + } + ] + }, + { + "conditions": [ + { + "fn": "stringEquals", + "argv": [ + { + "ref": "hardwareType" + }, + "o" + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "stringEquals", + "argv": [ + { + "ref": "regionPrefix" + }, + "beta" + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "not", + "argv": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Endpoint" + } + ] + } + ] + } + ], + "error": "Expected a endpoint to be specified but no endpoint was found", + "type": "error" + }, + { + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Endpoint" + } + ] + }, + { + "fn": "parseURL", + "argv": [ + { + "ref": "Endpoint" + } + ], + "assign": "url" + } + ], + "endpoint": { + "url": "https://{Bucket}.op-{outpostId}.{url#authority}", + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingName": "s3-outposts", + "disableDoubleEncoding": true, + "signingRegion": "{Region}" + } + ] + }, + "headers": {} + }, + "type": "endpoint" + } + ] + }, + { + "conditions": [], + "endpoint": { + "url": "https://{Bucket}.op-{outpostId}.s3-outposts.{Region}.{regionPartition#dnsSuffix}", + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingName": "s3-outposts", + "disableDoubleEncoding": true, + "signingRegion": "{Region}" + } + ] + }, + "headers": {} + }, + "type": "endpoint" + } + ] + }, + { + "conditions": [], + "error": "Unrecognized hardware type: \"Expected hardware type o or e but got {hardwareType}\"", + "type": "error" + } + ] + } + ] + }, + { + "conditions": [], + "error": "Invalid ARN: The outpost Id must only contain a-z, A-Z, 0-9 and `-`.", + "type": "error" + } + ] + }, { "conditions": [ { @@ -322,9 +645,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -372,9 +695,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -440,9 +763,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -506,9 +829,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -560,9 +883,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -614,9 +937,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -696,9 +1019,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -714,9 +1037,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -784,9 +1107,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -834,9 +1157,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -884,9 +1207,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -962,9 +1285,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -980,9 +1303,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -1046,9 +1369,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -1376,9 +1699,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -1444,9 +1767,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -1530,9 +1853,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -1614,9 +1937,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -1682,9 +2005,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -1750,9 +2073,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -1836,9 +2159,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -1920,9 +2243,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -1988,9 +2311,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -2056,9 +2379,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -2142,9 +2465,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -2226,9 +2549,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -2294,9 +2617,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -2362,9 +2685,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -2448,9 +2771,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -2532,9 +2855,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -2619,9 +2942,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -2706,9 +3029,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -2793,9 +3116,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -2880,9 +3203,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -2995,9 +3318,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -3013,9 +3336,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -3130,9 +3453,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -3148,9 +3471,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -3251,9 +3574,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -3352,9 +3675,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -3420,9 +3743,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -3488,9 +3811,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -3584,9 +3907,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -3602,9 +3925,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -3686,9 +4009,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -3754,9 +4077,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -3822,9 +4145,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -3918,9 +4241,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -3936,9 +4259,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -4020,9 +4343,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -4175,9 +4498,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -4715,9 +5038,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{bucketArn#region}", + "signingName": "s3-object-lambda", "disableDoubleEncoding": true, - "signingName": "s3-object-lambda" + "signingRegion": "{bucketArn#region}" } ] }, @@ -4743,9 +5066,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{bucketArn#region}", + "signingName": "s3-object-lambda", "disableDoubleEncoding": true, - "signingName": "s3-object-lambda" + "signingRegion": "{bucketArn#region}" } ] }, @@ -4761,9 +5084,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{bucketArn#region}", + "signingName": "s3-object-lambda", "disableDoubleEncoding": true, - "signingName": "s3-object-lambda" + "signingRegion": "{bucketArn#region}" } ] }, @@ -5355,9 +5678,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{bucketArn#region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{bucketArn#region}" } ] }, @@ -5392,9 +5715,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{bucketArn#region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{bucketArn#region}" } ] }, @@ -5429,9 +5752,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{bucketArn#region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{bucketArn#region}" } ] }, @@ -5483,9 +5806,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{bucketArn#region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{bucketArn#region}" } ] }, @@ -5520,9 +5843,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{bucketArn#region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{bucketArn#region}" } ] }, @@ -5777,11 +6100,11 @@ "authSchemes": [ { "name": "sigv4a", + "signingName": "s3", + "disableDoubleEncoding": true, "signingRegionSet": [ "*" - ], - "disableDoubleEncoding": true, - "signingName": "s3" + ] } ] }, @@ -6224,9 +6547,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{bucketArn#region}", + "signingName": "s3-outposts", "disableDoubleEncoding": true, - "signingName": "s3-outposts" + "signingRegion": "{bucketArn#region}" } ] }, @@ -6242,9 +6565,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{bucketArn#region}", + "signingName": "s3-outposts", "disableDoubleEncoding": true, - "signingName": "s3-outposts" + "signingRegion": "{bucketArn#region}" } ] }, @@ -6550,9 +6873,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -6600,9 +6923,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -6668,9 +6991,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -6734,9 +7057,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -6788,9 +7111,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -6842,9 +7165,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -6924,9 +7247,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -6942,9 +7265,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -7012,9 +7335,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -7062,9 +7385,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -7112,9 +7435,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -7190,9 +7513,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -7208,9 +7531,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -7274,9 +7597,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -7475,9 +7798,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3-object-lambda", "disableDoubleEncoding": true, - "signingName": "s3-object-lambda" + "signingRegion": "{Region}" } ] }, @@ -7503,9 +7826,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3-object-lambda", "disableDoubleEncoding": true, - "signingName": "s3-object-lambda" + "signingRegion": "{Region}" } ] }, @@ -7521,9 +7844,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3-object-lambda", "disableDoubleEncoding": true, - "signingName": "s3-object-lambda" + "signingRegion": "{Region}" } ] }, @@ -7698,9 +8021,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -7761,9 +8084,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -7842,9 +8165,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -7921,9 +8244,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -7980,9 +8303,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -8039,9 +8362,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -8116,9 +8439,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -8191,9 +8514,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -8254,9 +8577,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -8317,9 +8640,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -8398,9 +8721,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -8477,9 +8800,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -8536,9 +8859,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -8595,9 +8918,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -8672,9 +8995,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -8747,9 +9070,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -8810,9 +9133,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -8873,9 +9196,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -8954,9 +9277,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -9033,9 +9356,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -9092,9 +9415,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -9151,9 +9474,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -9228,9 +9551,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -9303,9 +9626,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -9366,9 +9689,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -9429,9 +9752,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -9520,9 +9843,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -9538,9 +9861,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -9617,9 +9940,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -9676,9 +9999,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -9735,9 +10058,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "us-east-1", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "us-east-1" } ] }, @@ -9822,9 +10145,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -9840,9 +10163,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, @@ -9915,9 +10238,9 @@ "authSchemes": [ { "name": "sigv4", - "signingRegion": "{Region}", + "signingName": "s3", "disableDoubleEncoding": true, - "signingName": "s3" + "signingRegion": "{Region}" } ] }, diff --git a/models/apis/s3/2006-03-01/endpoint-tests-1.json b/models/apis/s3/2006-03-01/endpoint-tests-1.json index dbd7b0b5e8..e0ce3c35fb 100644 --- a/models/apis/s3/2006-03-01/endpoint-tests-1.json +++ b/models/apis/s3/2006-03-01/endpoint-tests-1.json @@ -6260,6 +6260,197 @@ "UseDualStack": false, "UseFIPS": false } + }, + { + "documentation": "S3 Outposts Abba Real Outpost Prod us-west-1", + "expect": { + "endpoint": { + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingName": "s3-outposts", + "signingRegion": "us-west-1", + "disableDoubleEncoding": true + } + ] + }, + "url": "https://test-accessp-o0b1d075431d83bebde8xz5w8ijx1qzlbp3i3kuse10--op-s3.op-0b1d075431d83bebd.s3-outposts.us-west-1.amazonaws.com" + } + }, + "params": { + "Region": "us-west-1", + "Bucket": "test-accessp-o0b1d075431d83bebde8xz5w8ijx1qzlbp3i3kuse10--op-s3", + "UseFIPS": false, + "UseDualStack": false, + "Accelerate": false + } + }, + { + "documentation": "S3 Outposts Abba Real Outpost Prod ap-east-1", + "expect": { + "endpoint": { + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingName": "s3-outposts", + "signingRegion": "ap-east-1", + "disableDoubleEncoding": true + } + ] + }, + "url": "https://test-accessp-o0b1d075431d83bebde8xz5w8ijx1qzlbp3i3kuse10--op-s3.op-0b1d075431d83bebd.s3-outposts.ap-east-1.amazonaws.com" + } + }, + "params": { + "Region": "ap-east-1", + "Bucket": "test-accessp-o0b1d075431d83bebde8xz5w8ijx1qzlbp3i3kuse10--op-s3", + "UseFIPS": false, + "UseDualStack": false, + "Accelerate": false + } + }, + { + "documentation": "S3 Outposts Abba Ec2 Outpost Prod us-east-1", + "expect": { + "endpoint": { + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingName": "s3-outposts", + "signingRegion": "us-east-1", + "disableDoubleEncoding": true + } + ] + }, + "url": "https://test-accessp-e0000075431d83bebde8xz5w8ijx1qzlbp3i3kuse10--op-s3.ec2.s3-outposts.us-east-1.amazonaws.com" + } + }, + "params": { + "Region": "us-east-1", + "Bucket": "test-accessp-e0000075431d83bebde8xz5w8ijx1qzlbp3i3kuse10--op-s3", + "UseFIPS": false, + "UseDualStack": false, + "Accelerate": false + } + }, + { + "documentation": "S3 Outposts Abba Ec2 Outpost Prod me-south-1", + "expect": { + "endpoint": { + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingName": "s3-outposts", + "signingRegion": "me-south-1", + "disableDoubleEncoding": true + } + ] + }, + "url": "https://test-accessp-e0000075431d83bebde8xz5w8ijx1qzlbp3i3kuse10--op-s3.ec2.s3-outposts.me-south-1.amazonaws.com" + } + }, + "params": { + "Region": "me-south-1", + "Bucket": "test-accessp-e0000075431d83bebde8xz5w8ijx1qzlbp3i3kuse10--op-s3", + "UseFIPS": false, + "UseDualStack": false, + "Accelerate": false + } + }, + { + "documentation": "S3 Outposts Abba Real Outpost Beta", + "expect": { + "endpoint": { + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingName": "s3-outposts", + "signingRegion": "us-east-1", + "disableDoubleEncoding": true + } + ] + }, + "url": "https://test-accessp-o0b1d075431d83bebde8xz5w8ijx1qzlbp3i3kbeta0--op-s3.op-0b1d075431d83bebd.example.amazonaws.com" + } + }, + "params": { + "Region": "us-east-1", + "Bucket": "test-accessp-o0b1d075431d83bebde8xz5w8ijx1qzlbp3i3kbeta0--op-s3", + "Endpoint": "https://example.amazonaws.com", + "UseFIPS": false, + "UseDualStack": false, + "Accelerate": false + } + }, + { + "documentation": "S3 Outposts Abba Ec2 Outpost Beta", + "expect": { + "endpoint": { + "properties": { + "authSchemes": [ + { + "name": "sigv4", + "signingName": "s3-outposts", + "signingRegion": "us-east-1", + "disableDoubleEncoding": true + } + ] + }, + "url": "https://161743052723-e00000136899934034jeahy1t8gpzpbwjj8kb7beta0--op-s3.ec2.example.amazonaws.com" + } + }, + "params": { + "Region": "us-east-1", + "Bucket": "161743052723-e00000136899934034jeahy1t8gpzpbwjj8kb7beta0--op-s3", + "Endpoint": "https://example.amazonaws.com", + "UseFIPS": false, + "UseDualStack": false, + "Accelerate": false + } + }, + { + "documentation": "S3 Outposts Abba - No endpoint set for beta", + "expect": { + "error": "Expected a endpoint to be specified but no endpoint was found" + }, + "params": { + "Region": "us-east-1", + "Bucket": "test-accessp-o0b1d075431d83bebde8xz5w8ijx1qzlbp3i3kbeta0--op-s3", + "UseFIPS": false, + "UseDualStack": false, + "Accelerate": false + } + }, + { + "documentation": "S3 Outposts Abba Invalid hardware type", + "expect": { + "error": "Unrecognized hardware type: \"Expected hardware type o or e but got h\"" + }, + "params": { + "Region": "us-east-1", + "Bucket": "test-accessp-h0000075431d83bebde8xz5w8ijx1qzlbp3i3kuse10--op-s3", + "UseFIPS": false, + "UseDualStack": false, + "Accelerate": false + } + }, + { + "documentation": "S3 Outposts Abba Special character in Outpost Arn", + "expect": { + "error": "Invalid ARN: The outpost Id must only contain a-z, A-Z, 0-9 and `-`." + }, + "params": { + "Region": "us-east-1", + "Bucket": "test-accessp-o00000754%1d83bebde8xz5w8ijx1qzlbp3i3kuse10--op-s3", + "UseFIPS": false, + "UseDualStack": false, + "Accelerate": false + } } ], "version": "1.0" diff --git a/models/apis/s3/2006-03-01/examples-1.json b/models/apis/s3/2006-03-01/examples-1.json index f08ab58000..c516f8ca36 100644 --- a/models/apis/s3/2006-03-01/examples-1.json +++ b/models/apis/s3/2006-03-01/examples-1.json @@ -292,10 +292,11 @@ { "input": { "Bucket": "examplebucket", - "Key": "HappyFace.jpg" + "Key": "HappyFace.jpg", + "VersionId": "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI" }, "output": { - "VersionId": "null" + "VersionId": "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI" }, "comments": { "input": { @@ -303,18 +304,17 @@ "output": { } }, - "description": "The following example removes tag set associated with the specified object. If the bucket is versioning enabled, the operation removes tag set from the latest object version.", - "id": "to-remove-tag-set-from-an-object-1483145342862", - "title": "To remove tag set from an object" + "description": "The following example removes tag set associated with the specified object version. The request specifies both the object key and object version.", + "id": "to-remove-tag-set-from-an-object-version-1483145285913", + "title": "To remove tag set from an object version" }, { "input": { "Bucket": "examplebucket", - "Key": "HappyFace.jpg", - "VersionId": "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI" + "Key": "HappyFace.jpg" }, "output": { - "VersionId": "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI" + "VersionId": "null" }, "comments": { "input": { @@ -322,9 +322,9 @@ "output": { } }, - "description": "The following example removes tag set associated with the specified object version. The request specifies both the object key and object version.", - "id": "to-remove-tag-set-from-an-object-version-1483145285913", - "title": "To remove tag set from an object version" + "description": "The following example removes tag set associated with the specified object. If the bucket is versioning enabled, the operation removes tag set from the latest object version.", + "id": "to-remove-tag-set-from-an-object-1483145342862", + "title": "To remove tag set from an object" } ], "DeleteObjects": [ @@ -334,10 +334,12 @@ "Delete": { "Objects": [ { - "Key": "objectkey1" + "Key": "HappyFace.jpg", + "VersionId": "2LWg7lQLnY41.maGB5Z6SWW.dcq0vx7b" }, { - "Key": "objectkey2" + "Key": "HappyFace.jpg", + "VersionId": "yoz3HB.ZhCS_tKVEmIOr7qYyyAaZSKVd" } ], "Quiet": false @@ -346,14 +348,12 @@ "output": { "Deleted": [ { - "DeleteMarker": "true", - "DeleteMarkerVersionId": "A._w1z6EFiCF5uhtQMDal9JDkID9tQ7F", - "Key": "objectkey1" + "Key": "HappyFace.jpg", + "VersionId": "yoz3HB.ZhCS_tKVEmIOr7qYyyAaZSKVd" }, { - "DeleteMarker": "true", - "DeleteMarkerVersionId": "iOd_ORxhkKe_e8G8_oSGxt2PjsCZKlkt", - "Key": "objectkey2" + "Key": "HappyFace.jpg", + "VersionId": "2LWg7lQLnY41.maGB5Z6SWW.dcq0vx7b" } ] }, @@ -363,9 +363,9 @@ "output": { } }, - "description": "The following example deletes objects from a bucket. The bucket is versioned, and the request does not specify the object version to delete. In this case, all versions remain in the bucket and S3 adds a delete marker.", - "id": "to-delete-multiple-objects-from-a-versioned-bucket-1483146248805", - "title": "To delete multiple objects from a versioned bucket" + "description": "The following example deletes objects from a bucket. The request specifies object versions. S3 deletes specific object versions and returns the key and versions of deleted objects in the response.", + "id": "to-delete-multiple-object-versions-from-a-versioned-bucket-1483147087737", + "title": "To delete multiple object versions from a versioned bucket" }, { "input": { @@ -373,12 +373,10 @@ "Delete": { "Objects": [ { - "Key": "HappyFace.jpg", - "VersionId": "2LWg7lQLnY41.maGB5Z6SWW.dcq0vx7b" + "Key": "objectkey1" }, { - "Key": "HappyFace.jpg", - "VersionId": "yoz3HB.ZhCS_tKVEmIOr7qYyyAaZSKVd" + "Key": "objectkey2" } ], "Quiet": false @@ -387,12 +385,14 @@ "output": { "Deleted": [ { - "Key": "HappyFace.jpg", - "VersionId": "yoz3HB.ZhCS_tKVEmIOr7qYyyAaZSKVd" + "DeleteMarker": "true", + "DeleteMarkerVersionId": "A._w1z6EFiCF5uhtQMDal9JDkID9tQ7F", + "Key": "objectkey1" }, { - "Key": "HappyFace.jpg", - "VersionId": "2LWg7lQLnY41.maGB5Z6SWW.dcq0vx7b" + "DeleteMarker": "true", + "DeleteMarkerVersionId": "iOd_ORxhkKe_e8G8_oSGxt2PjsCZKlkt", + "Key": "objectkey2" } ] }, @@ -402,9 +402,9 @@ "output": { } }, - "description": "The following example deletes objects from a bucket. The request specifies object versions. S3 deletes specific object versions and returns the key and versions of deleted objects in the response.", - "id": "to-delete-multiple-object-versions-from-a-versioned-bucket-1483147087737", - "title": "To delete multiple object versions from a versioned bucket" + "description": "The following example deletes objects from a bucket. The bucket is versioned, and the request does not specify the object version to delete. In this case, all versions remain in the bucket and S3 adds a delete marker.", + "id": "to-delete-multiple-objects-from-a-versioned-bucket-1483146248805", + "title": "To delete multiple objects from a versioned bucket" } ], "GetBucketCors": [ @@ -840,17 +840,20 @@ { "input": { "Bucket": "examplebucket", - "Key": "exampleobject", - "VersionId": "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI" + "Key": "HappyFace.jpg" }, "output": { "TagSet": [ { - "Key": "Key1", - "Value": "Value1" + "Key": "Key4", + "Value": "Value4" + }, + { + "Key": "Key3", + "Value": "Value3" } ], - "VersionId": "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI" + "VersionId": "null" }, "comments": { "input": { @@ -858,27 +861,24 @@ "output": { } }, - "description": "The following example retrieves tag set of an object. The request specifies object version.", - "id": "to-retrieve-tag-set-of-a-specific-object-version-1483400283663", - "title": "To retrieve tag set of a specific object version" + "description": "The following example retrieves tag set of an object.", + "id": "to-retrieve-tag-set-of-an-object-1481833847896", + "title": "To retrieve tag set of an object" }, { "input": { "Bucket": "examplebucket", - "Key": "HappyFace.jpg" + "Key": "exampleobject", + "VersionId": "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI" }, "output": { "TagSet": [ { - "Key": "Key4", - "Value": "Value4" - }, - { - "Key": "Key3", - "Value": "Value3" + "Key": "Key1", + "Value": "Value1" } ], - "VersionId": "null" + "VersionId": "ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI" }, "comments": { "input": { @@ -886,9 +886,9 @@ "output": { } }, - "description": "The following example retrieves tag set of an object.", - "id": "to-retrieve-tag-set-of-an-object-1481833847896", - "title": "To retrieve tag set of an object" + "description": "The following example retrieves tag set of an object. The request specifies object version.", + "id": "to-retrieve-tag-set-of-a-specific-object-version-1483400283663", + "title": "To retrieve tag set of a specific object version" } ], "GetObjectTorrent": [ @@ -989,37 +989,47 @@ "ListMultipartUploads": [ { "input": { - "Bucket": "examplebucket" + "Bucket": "examplebucket", + "KeyMarker": "nextkeyfrompreviousresponse", + "MaxUploads": "2", + "UploadIdMarker": "valuefrompreviousresponse" }, "output": { + "Bucket": "acl1", + "IsTruncated": true, + "KeyMarker": "", + "MaxUploads": "2", + "NextKeyMarker": "someobjectkey", + "NextUploadIdMarker": "examplelo91lv1iwvWpvCiJWugw2xXLPAD7Z8cJyX9.WiIRgNrdG6Ldsn.9FtS63TCl1Uf5faTB.1U5Ckcbmdw--", + "UploadIdMarker": "", "Uploads": [ { "Initiated": "2014-05-01T05:40:58.000Z", "Initiator": { - "DisplayName": "display-name", + "DisplayName": "ownder-display-name", "ID": "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc" }, "Key": "JavaFile", "Owner": { - "DisplayName": "display-name", - "ID": "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc" + "DisplayName": "mohanataws", + "ID": "852b113e7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc" }, "StorageClass": "STANDARD", - "UploadId": "examplelUa.CInXklLQtSMJITdUnoZ1Y5GACB5UckOtspm5zbDMCkPF_qkfZzMiFZ6dksmcnqxJyIBvQMG9X9Q--" + "UploadId": "gZ30jIqlUa.CInXklLQtSMJITdUnoZ1Y5GACB5UckOtspm5zbDMCkPF_qkfZzMiFZ6dksmcnqxJyIBvQMG9X9Q--" }, { "Initiated": "2014-05-01T05:41:27.000Z", "Initiator": { - "DisplayName": "display-name", + "DisplayName": "ownder-display-name", "ID": "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc" }, "Key": "JavaFile", "Owner": { - "DisplayName": "display-name", + "DisplayName": "ownder-display-name", "ID": "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc" }, "StorageClass": "STANDARD", - "UploadId": "examplelo91lv1iwvWpvCiJWugw2xXLPAD7Z8cJyX9.WiIRgNrdG6Ldsn.9FtS63TCl1Uf5faTB.1U5Ckcbmdw--" + "UploadId": "b7tZSqIlo91lv1iwvWpvCiJWugw2xXLPAD7Z8cJyX9.WiIRgNrdG6Ldsn.9FtS63TCl1Uf5faTB.1U5Ckcbmdw--" } ] }, @@ -1029,53 +1039,43 @@ "output": { } }, - "description": "The following example lists in-progress multipart uploads on a specific bucket.", - "id": "to-list-in-progress-multipart-uploads-on-a-bucket-1481852775260", - "title": "To list in-progress multipart uploads on a bucket" + "description": "The following example specifies the upload-id-marker and key-marker from previous truncated response to retrieve next setup of multipart uploads.", + "id": "list-next-set-of-multipart-uploads-when-previous-result-is-truncated-1482428106748", + "title": "List next set of multipart uploads when previous result is truncated" }, { "input": { - "Bucket": "examplebucket", - "KeyMarker": "nextkeyfrompreviousresponse", - "MaxUploads": "2", - "UploadIdMarker": "valuefrompreviousresponse" + "Bucket": "examplebucket" }, "output": { - "Bucket": "acl1", - "IsTruncated": true, - "KeyMarker": "", - "MaxUploads": "2", - "NextKeyMarker": "someobjectkey", - "NextUploadIdMarker": "examplelo91lv1iwvWpvCiJWugw2xXLPAD7Z8cJyX9.WiIRgNrdG6Ldsn.9FtS63TCl1Uf5faTB.1U5Ckcbmdw--", - "UploadIdMarker": "", "Uploads": [ { "Initiated": "2014-05-01T05:40:58.000Z", "Initiator": { - "DisplayName": "ownder-display-name", + "DisplayName": "display-name", "ID": "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc" }, "Key": "JavaFile", "Owner": { - "DisplayName": "mohanataws", - "ID": "852b113e7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc" + "DisplayName": "display-name", + "ID": "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc" }, "StorageClass": "STANDARD", - "UploadId": "gZ30jIqlUa.CInXklLQtSMJITdUnoZ1Y5GACB5UckOtspm5zbDMCkPF_qkfZzMiFZ6dksmcnqxJyIBvQMG9X9Q--" + "UploadId": "examplelUa.CInXklLQtSMJITdUnoZ1Y5GACB5UckOtspm5zbDMCkPF_qkfZzMiFZ6dksmcnqxJyIBvQMG9X9Q--" }, { "Initiated": "2014-05-01T05:41:27.000Z", "Initiator": { - "DisplayName": "ownder-display-name", + "DisplayName": "display-name", "ID": "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc" }, "Key": "JavaFile", "Owner": { - "DisplayName": "ownder-display-name", + "DisplayName": "display-name", "ID": "examplee7a2f25102679df27bb0ae12b3f85be6f290b936c4393484be31bebcc" }, "StorageClass": "STANDARD", - "UploadId": "b7tZSqIlo91lv1iwvWpvCiJWugw2xXLPAD7Z8cJyX9.WiIRgNrdG6Ldsn.9FtS63TCl1Uf5faTB.1U5Ckcbmdw--" + "UploadId": "examplelo91lv1iwvWpvCiJWugw2xXLPAD7Z8cJyX9.WiIRgNrdG6Ldsn.9FtS63TCl1Uf5faTB.1U5Ckcbmdw--" } ] }, @@ -1085,9 +1085,9 @@ "output": { } }, - "description": "The following example specifies the upload-id-marker and key-marker from previous truncated response to retrieve next setup of multipart uploads.", - "id": "list-next-set-of-multipart-uploads-when-previous-result-is-truncated-1482428106748", - "title": "List next set of multipart uploads when previous result is truncated" + "description": "The following example lists in-progress multipart uploads on a specific bucket.", + "id": "to-list-in-progress-multipart-uploads-on-a-bucket-1481852775260", + "title": "To list in-progress multipart uploads on a bucket" } ], "ListObjectVersions": [ @@ -1567,14 +1567,13 @@ "PutObject": [ { "input": { - "Body": "c:\\HappyFace.jpg", + "Body": "filetoupload", "Bucket": "examplebucket", - "Key": "HappyFace.jpg", - "Tagging": "key1=value1&key2=value2" + "Key": "objectkey" }, "output": { "ETag": "\"6805f2cfc46c0f04559748bb039d69ae\"", - "VersionId": "psM2sYY4.o1501dSx8wMvnkOzSBB.V4a" + "VersionId": "Bvq0EDKxOcXLJXNo_Lkz37eM3R4pfzyQ" }, "comments": { "input": { @@ -1582,9 +1581,9 @@ "output": { } }, - "description": "The following example uploads an object. The request specifies optional object tags. The bucket is versioned, therefore S3 returns version ID of the newly created object.", - "id": "to-upload-an-object-and-specify-optional-tags-1481762310955", - "title": "To upload an object and specify optional tags" + "description": "The following example creates an object. If the bucket is versioning enabled, S3 returns version ID in response.", + "id": "to-create-an-object-1483147613675", + "title": "To create an object." }, { "input": { @@ -1611,13 +1610,14 @@ "Body": "filetoupload", "Bucket": "examplebucket", "Key": "exampleobject", - "ServerSideEncryption": "AES256", - "Tagging": "key1=value1&key2=value2" + "Metadata": { + "metadata1": "value1", + "metadata2": "value2" + } }, "output": { "ETag": "\"6805f2cfc46c0f04559748bb039d69ae\"", - "ServerSideEncryption": "AES256", - "VersionId": "Ri.vC6qVlA4dEnjgRV4ZHsHoFIjqEMNt" + "VersionId": "pSKidl4pHBiNwukdbcPXAIs.sshFFOc0" }, "comments": { "input": { @@ -1625,23 +1625,20 @@ "output": { } }, - "description": "The following example uploads and object. The request specifies the optional server-side encryption option. The request also specifies optional object tags. If the bucket is versioning enabled, S3 returns version ID in response.", - "id": "to-upload-an-object-and-specify-server-side-encryption-and-object-tags-1483398331831", - "title": "To upload an object and specify server-side encryption and object tags" + "description": "The following example creates an object. The request also specifies optional metadata. If the bucket is versioning enabled, S3 returns version ID in response.", + "id": "to-upload-object-and-specify-user-defined-metadata-1483396974757", + "title": "To upload object and specify user-defined metadata" }, { "input": { - "Body": "filetoupload", + "Body": "c:\\HappyFace.jpg", "Bucket": "examplebucket", - "Key": "exampleobject", - "Metadata": { - "metadata1": "value1", - "metadata2": "value2" - } + "Key": "HappyFace.jpg", + "Tagging": "key1=value1&key2=value2" }, "output": { "ETag": "\"6805f2cfc46c0f04559748bb039d69ae\"", - "VersionId": "pSKidl4pHBiNwukdbcPXAIs.sshFFOc0" + "VersionId": "psM2sYY4.o1501dSx8wMvnkOzSBB.V4a" }, "comments": { "input": { @@ -1649,9 +1646,9 @@ "output": { } }, - "description": "The following example creates an object. The request also specifies optional metadata. If the bucket is versioning enabled, S3 returns version ID in response.", - "id": "to-upload-object-and-specify-user-defined-metadata-1483396974757", - "title": "To upload object and specify user-defined metadata" + "description": "The following example uploads an object. The request specifies optional object tags. The bucket is versioned, therefore S3 returns version ID of the newly created object.", + "id": "to-upload-an-object-and-specify-optional-tags-1481762310955", + "title": "To upload an object and specify optional tags" }, { "input": { @@ -1678,14 +1675,16 @@ }, { "input": { - "ACL": "authenticated-read", "Body": "filetoupload", "Bucket": "examplebucket", - "Key": "exampleobject" + "Key": "exampleobject", + "ServerSideEncryption": "AES256", + "Tagging": "key1=value1&key2=value2" }, "output": { "ETag": "\"6805f2cfc46c0f04559748bb039d69ae\"", - "VersionId": "Kirh.unyZwjQ69YxcQLA8z4F5j3kJJKr" + "ServerSideEncryption": "AES256", + "VersionId": "Ri.vC6qVlA4dEnjgRV4ZHsHoFIjqEMNt" }, "comments": { "input": { @@ -1693,19 +1692,20 @@ "output": { } }, - "description": "The following example uploads and object. The request specifies optional canned ACL (access control list) to all READ access to authenticated users. If the bucket is versioning enabled, S3 returns version ID in response.", - "id": "to-upload-an-object-and-specify-canned-acl-1483397779571", - "title": "To upload an object and specify canned ACL." + "description": "The following example uploads and object. The request specifies the optional server-side encryption option. The request also specifies optional object tags. If the bucket is versioning enabled, S3 returns version ID in response.", + "id": "to-upload-an-object-and-specify-server-side-encryption-and-object-tags-1483398331831", + "title": "To upload an object and specify server-side encryption and object tags" }, { "input": { + "ACL": "authenticated-read", "Body": "filetoupload", "Bucket": "examplebucket", - "Key": "objectkey" + "Key": "exampleobject" }, "output": { "ETag": "\"6805f2cfc46c0f04559748bb039d69ae\"", - "VersionId": "Bvq0EDKxOcXLJXNo_Lkz37eM3R4pfzyQ" + "VersionId": "Kirh.unyZwjQ69YxcQLA8z4F5j3kJJKr" }, "comments": { "input": { @@ -1713,9 +1713,9 @@ "output": { } }, - "description": "The following example creates an object. If the bucket is versioning enabled, S3 returns version ID in response.", - "id": "to-create-an-object-1483147613675", - "title": "To create an object." + "description": "The following example uploads and object. The request specifies optional canned ACL (access control list) to all READ access to authenticated users. If the bucket is versioning enabled, S3 returns version ID in response.", + "id": "to-upload-an-object-and-specify-canned-acl-1483397779571", + "title": "To upload an object and specify canned ACL." } ], "PutObjectAcl": [ @@ -1826,15 +1826,14 @@ "input": { "Bucket": "examplebucket", "CopySource": "/bucketname/sourceobjectkey", - "CopySourceRange": "bytes=1-100000", "Key": "examplelargeobject", - "PartNumber": "2", + "PartNumber": "1", "UploadId": "exampleuoh_10OhKhT7YukE9bjzTPRiuaCotmZM_pFngJFir9OZNrSr5cWa3cq3LZSUsfjI4FI7PkP91We7Nrw--" }, "output": { "CopyPartResult": { - "ETag": "\"65d16d19e65a7508a51f043180edcc36\"", - "LastModified": "2016-12-29T21:44:28.000Z" + "ETag": "\"b0c6f0e7e054ab8fa2536a2677f8734d\"", + "LastModified": "2016-12-29T21:24:43.000Z" } }, "comments": { @@ -1843,22 +1842,23 @@ "output": { } }, - "description": "The following example uploads a part of a multipart upload by copying a specified byte range from an existing object as data source.", - "id": "to-upload-a-part-by-copying-byte-range-from-an-existing-object-as-data-source-1483048068594", - "title": "To upload a part by copying byte range from an existing object as data source" + "description": "The following example uploads a part of a multipart upload by copying data from an existing object as data source.", + "id": "to-upload-a-part-by-copying-data-from-an-existing-object-as-data-source-1483046746348", + "title": "To upload a part by copying data from an existing object as data source" }, { "input": { "Bucket": "examplebucket", "CopySource": "/bucketname/sourceobjectkey", + "CopySourceRange": "bytes=1-100000", "Key": "examplelargeobject", - "PartNumber": "1", + "PartNumber": "2", "UploadId": "exampleuoh_10OhKhT7YukE9bjzTPRiuaCotmZM_pFngJFir9OZNrSr5cWa3cq3LZSUsfjI4FI7PkP91We7Nrw--" }, "output": { "CopyPartResult": { - "ETag": "\"b0c6f0e7e054ab8fa2536a2677f8734d\"", - "LastModified": "2016-12-29T21:24:43.000Z" + "ETag": "\"65d16d19e65a7508a51f043180edcc36\"", + "LastModified": "2016-12-29T21:44:28.000Z" } }, "comments": { @@ -1867,9 +1867,9 @@ "output": { } }, - "description": "The following example uploads a part of a multipart upload by copying data from an existing object as data source.", - "id": "to-upload-a-part-by-copying-data-from-an-existing-object-as-data-source-1483046746348", - "title": "To upload a part by copying data from an existing object as data source" + "description": "The following example uploads a part of a multipart upload by copying a specified byte range from an existing object as data source.", + "id": "to-upload-a-part-by-copying-byte-range-from-an-existing-object-as-data-source-1483048068594", + "title": "To upload a part by copying byte range from an existing object as data source" } ] } diff --git a/models/apis/sagemaker/2017-07-24/api-2.json b/models/apis/sagemaker/2017-07-24/api-2.json index 1b671ee54a..2125d9fccc 100644 --- a/models/apis/sagemaker/2017-07-24/api-2.json +++ b/models/apis/sagemaker/2017-07-24/api-2.json @@ -7521,7 +7521,8 @@ "FailureReason":{"shape":"FailureReason"}, "InputConfig":{"shape":"RecommendationJobInputConfig"}, "StoppingConditions":{"shape":"RecommendationJobStoppingConditions"}, - "InferenceRecommendations":{"shape":"InferenceRecommendations"} + "InferenceRecommendations":{"shape":"InferenceRecommendations"}, + "EndpointPerformances":{"shape":"EndpointPerformances"} } }, "DescribeLabelingJobRequest":{ @@ -8908,6 +8909,13 @@ "type":"list", "member":{"shape":"EndpointConfigSummary"} }, + "EndpointInfo":{ + "type":"structure", + "required":["EndpointName"], + "members":{ + "EndpointName":{"shape":"EndpointName"} + } + }, "EndpointInput":{ "type":"structure", "required":[ @@ -8967,6 +8975,22 @@ "InitialInstanceCount":{"shape":"Integer"} } }, + "EndpointPerformance":{ + "type":"structure", + "required":[ + "Metrics", + "EndpointInfo" + ], + "members":{ + "Metrics":{"shape":"InferenceMetrics"}, + "EndpointInfo":{"shape":"EndpointInfo"} + } + }, + "EndpointPerformances":{ + "type":"list", + "member":{"shape":"EndpointPerformance"}, + "max":1 + }, "EndpointSortKey":{ "type":"string", "enum":[ @@ -9009,6 +9033,11 @@ "type":"list", "member":{"shape":"EndpointSummary"} }, + "Endpoints":{ + "type":"list", + "member":{"shape":"EndpointInfo"}, + "max":1 + }, "EntityDescription":{ "type":"string", "max":1024, @@ -10343,6 +10372,17 @@ "type":"string", "max":256 }, + "InferenceMetrics":{ + "type":"structure", + "required":[ + "MaxInvocations", + "ModelLatency" + ], + "members":{ + "MaxInvocations":{"shape":"Integer"}, + "ModelLatency":{"shape":"Integer"} + } + }, "InferenceRecommendation":{ "type":"structure", "required":[ @@ -15107,7 +15147,8 @@ "ResourceLimit":{"shape":"RecommendationJobResourceLimit"}, "EndpointConfigurations":{"shape":"EndpointInputConfigurations"}, "VolumeKmsKeyId":{"shape":"KmsKeyId"}, - "ContainerConfig":{"shape":"RecommendationJobContainerConfig"} + "ContainerConfig":{"shape":"RecommendationJobContainerConfig"}, + "Endpoints":{"shape":"Endpoints"} } }, "RecommendationJobName":{ diff --git a/models/apis/sagemaker/2017-07-24/docs-2.json b/models/apis/sagemaker/2017-07-24/docs-2.json index a21e9abe02..a1c1736d28 100644 --- a/models/apis/sagemaker/2017-07-24/docs-2.json +++ b/models/apis/sagemaker/2017-07-24/docs-2.json @@ -4190,6 +4190,13 @@ "ListEndpointConfigsOutput$EndpointConfigs": "

An array of endpoint configurations.

" } }, + "EndpointInfo": { + "base": "

Details about a customer endpoint that was compared in an Inference Recommender job.

", + "refs": { + "EndpointPerformance$EndpointInfo": null, + "Endpoints$member": null + } + }, "EndpointInput": { "base": "

Input object for the endpoint

", "refs": { @@ -4221,6 +4228,7 @@ "DescribeEndpointOutput$EndpointName": "

Name of the endpoint.

", "DescribeMonitoringScheduleResponse$EndpointName": "

The name of the endpoint for the monitoring job.

", "Endpoint$EndpointName": "

The name of the endpoint.

", + "EndpointInfo$EndpointName": "

The name of a customer's endpoint.

", "EndpointInput$EndpointName": "

An endpoint in customer's account which has enabled DataCaptureConfig enabled.

", "EndpointSummary$EndpointName": "

The name of the endpoint.

", "ListDataQualityJobDefinitionsRequest$EndpointName": "

A filter that lists the data quality job definitions associated with the specified endpoint.

", @@ -4251,6 +4259,18 @@ "InferenceRecommendation$EndpointConfiguration": "

Defines the endpoint configuration parameters.

" } }, + "EndpointPerformance": { + "base": "

The performance results from running an Inference Recommender job on an existing endpoint.

", + "refs": { + "EndpointPerformances$member": null + } + }, + "EndpointPerformances": { + "base": null, + "refs": { + "DescribeInferenceRecommendationsJobResponse$EndpointPerformances": "

The performance results from running an Inference Recommender job on an existing endpoint.

" + } + }, "EndpointSortKey": { "base": null, "refs": { @@ -4278,6 +4298,12 @@ "ListEndpointsOutput$Endpoints": "

An array or endpoint objects.

" } }, + "Endpoints": { + "base": null, + "refs": { + "RecommendationJobInputConfig$Endpoints": "

Existing customer endpoints on which to run an Inference Recommender job.

" + } + }, "EntityDescription": { "base": null, "refs": { @@ -5704,6 +5730,12 @@ "DescribeCompilationJobResponse$InferenceImage": "

The inference image to use when compiling a model. Specify an image only if the target device is a cloud instance.

" } }, + "InferenceMetrics": { + "base": "

The metrics for an existing endpoint compared in an Inference Recommender job.

", + "refs": { + "EndpointPerformance$Metrics": "

The metrics for an existing endpoint.

" + } + }, "InferenceRecommendation": { "base": "

A list of recommendations made by Amazon SageMaker Inference Recommender.

", "refs": { @@ -5844,6 +5876,8 @@ "EdgeDeploymentStatus$EdgeDeploymentPendingInStage": "

The number of edge devices yet to pick up the deployment in current stage, or in progress.

", "EdgeDeploymentStatus$EdgeDeploymentFailedInStage": "

The number of edge devices that failed the deployment in current stage.

", "EndpointOutputConfiguration$InitialInstanceCount": "

The number of instances recommended to launch initially.

", + "InferenceMetrics$MaxInvocations": "

The expected maximum number of requests per minute for the instance.

", + "InferenceMetrics$ModelLatency": "

The expected model latency at maximum invocations per minute for the instance.

", "ModelLatencyThreshold$ValueInMilliseconds": "

The model latency percentile value in milliseconds.

", "RecommendationJobStoppingConditions$MaxInvocations": "

The maximum number of requests per minute expected for the endpoint.

", "RecommendationMetrics$MaxInvocations": "

The expected maximum number of requests per minute for the instance.

", @@ -11877,7 +11911,7 @@ "TransformInstanceCount": { "base": null, "refs": { - "TransformResources$InstanceCount": "

The number of ML compute instances to use in the transform job. For distributed transform jobs, specify a value greater than 1. The default value is 1.

" + "TransformResources$InstanceCount": "

The number of ML compute instances to use in the transform job. The default value is 1, and the maximum is 100. For distributed transform jobs, specify a value greater than 1.

" } }, "TransformInstanceType": { diff --git a/models/apis/sagemaker/2017-07-24/endpoint-rule-set-1.json b/models/apis/sagemaker/2017-07-24/endpoint-rule-set-1.json index 602de7bde1..fd9bb62165 100644 --- a/models/apis/sagemaker/2017-07-24/endpoint-rule-set-1.json +++ b/models/apis/sagemaker/2017-07-24/endpoint-rule-set-1.json @@ -3,7 +3,7 @@ "parameters": { "Region": { "builtIn": "AWS::Region", - "required": true, + "required": false, "documentation": "The AWS region used to dispatch the request.", "type": "String" }, diff --git a/service/cognitoidentityprovider/api.go b/service/cognitoidentityprovider/api.go index 8627fe649a..e17bf72147 100644 --- a/service/cognitoidentityprovider/api.go +++ b/service/cognitoidentityprovider/api.go @@ -881,9 +881,12 @@ func (c *CognitoIdentityProvider) AdminDisableUserRequest(input *AdminDisableUse // AdminDisableUser API operation for Amazon Cognito Identity Provider. // -// Disables the specified user. +// Deactivates a user and revokes all access tokens for the user. A deactivated +// user can't sign in, but still appears in the responses to GetUser and ListUsers +// API requests. // -// Calling this action requires developer credentials. +// You must make this API request with Amazon Web Services credentials that +// have cognito-idp:AdminDisableUser permissions. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4769,6 +4772,9 @@ func (c *CognitoIdentityProvider) DeleteIdentityProviderRequest(input *DeleteIde // - UnsupportedIdentityProviderException // This exception is thrown when the specified identifier isn't supported. // +// - ConcurrentModificationException +// This exception is thrown if two or more modifications are happening concurrently. +// // - ResourceNotFoundException // This exception is thrown when the Amazon Cognito service can't find the requested // resource. @@ -5287,6 +5293,9 @@ func (c *CognitoIdentityProvider) DeleteUserPoolClientRequest(input *DeleteUserP // - NotAuthorizedException // This exception is thrown when a user isn't authorized. // +// - ConcurrentModificationException +// This exception is thrown if two or more modifications are happening concurrently. +// // - InternalErrorException // This exception is thrown when Amazon Cognito encounters an internal error. // @@ -6775,7 +6784,12 @@ func (c *CognitoIdentityProvider) GetSigningCertificateRequest(input *GetSigning // GetSigningCertificate API operation for Amazon Cognito Identity Provider. // -// This method takes a user pool ID, and returns the signing certificate. +// This method takes a user pool ID, and returns the signing certificate. The +// issued certificate is valid for 10 years from the date of issue. +// +// Amazon Cognito issues and assigns a new signing certificate annually. This +// process returns a new value in the response to GetSigningCertificate, but +// doesn't invalidate the original certificate. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -7325,11 +7339,9 @@ func (c *CognitoIdentityProvider) GlobalSignOutRequest(input *GlobalSignOutInput // GlobalSignOut API operation for Amazon Cognito Identity Provider. // // Signs out users from all devices. It also invalidates all refresh tokens -// that Amazon Cognito has issued to a user. The user's current access and ID -// tokens remain valid until their expiry. By default, access and ID tokens -// expire one hour after Amazon Cognito issues them. A user can still use a -// hosted UI cookie to retrieve new tokens for the duration of the cookie validity -// period of 1 hour. +// that Amazon Cognito has issued to a user. A user can still use a hosted UI +// cookie to retrieve new tokens for the duration of the 1-hour cookie validity +// period. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -9279,9 +9291,10 @@ func (c *CognitoIdentityProvider) RevokeTokenRequest(input *RevokeTokenInput) (r // RevokeToken API operation for Amazon Cognito Identity Provider. // -// Revokes all of the access tokens generated by the specified refresh token. -// After the token is revoked, you can't use the revoked token to access Amazon -// Cognito authenticated APIs. +// Revokes all of the access tokens generated by, and at the same time as, the +// specified refresh token. After a token is revoked, you can't use the revoked +// token to access Amazon Cognito user APIs, or to authorize access to your +// resource server. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -10827,6 +10840,9 @@ func (c *CognitoIdentityProvider) UpdateIdentityProviderRequest(input *UpdateIde // This exception is thrown when the Amazon Cognito service can't find the requested // resource. // +// - ConcurrentModificationException +// This exception is thrown if two or more modifications are happening concurrently. +// // - NotAuthorizedException // This exception is thrown when a user isn't authorized. // @@ -14404,7 +14420,8 @@ func (s *AdminListGroupsForUserOutput) SetNextToken(v string) *AdminListGroupsFo type AdminListUserAuthEventsInput struct { _ struct{} `type:"structure"` - // The maximum number of authentication events to return. + // The maximum number of authentication events to return. Returns 60 events + // if you set MaxResults to 0, or if you don't include a MaxResults parameter. MaxResults *int64 `type:"integer"` // A pagination token. @@ -18192,6 +18209,9 @@ type CreateUserPoolClientInput struct { // // The default time unit for AccessTokenValidity in an API request is hours. // Valid range is displayed below in seconds. + // + // If you don't specify otherwise in the configuration of your app client, your + // access tokens are valid for one hour. AccessTokenValidity *int64 `min:"1" type:"integer"` // The allowed OAuth flows. @@ -18295,40 +18315,37 @@ type CreateUserPoolClientInput struct { // for the new user pool client. EnableTokenRevocation *bool `type:"boolean"` - // The authentication flows that are supported by the user pool clients. Flow - // names without the ALLOW_ prefix are no longer supported, in favor of new - // names with the ALLOW_ prefix. + // The authentication flows that you want your user pool client to support. + // For each app client in your user pool, you can sign in your users with any + // combination of one or more flows, including with a user name and Secure Remote + // Password (SRP), a user name and password, or a custom authentication process + // that you define with Lambda functions. // - // Values with ALLOW_ prefix must be used only along with the ALLOW_ prefix. + // If you don't specify a value for ExplicitAuthFlows, your user client supports + // ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH. // // Valid values include: // - // ALLOW_ADMIN_USER_PASSWORD_AUTH - // - // Enable admin based user password authentication flow ADMIN_USER_PASSWORD_AUTH. - // This setting replaces the ADMIN_NO_SRP_AUTH setting. With this authentication - // flow, Amazon Cognito receives the password in the request instead of using - // the Secure Remote Password (SRP) protocol to verify passwords. - // - // ALLOW_CUSTOM_AUTH - // - // Enable Lambda trigger based authentication. - // - // ALLOW_USER_PASSWORD_AUTH - // - // Enable user password-based authentication. In this flow, Amazon Cognito receives - // the password in the request instead of using the SRP protocol to verify passwords. + // * ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication + // flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH + // setting. With this authentication flow, your app passes a user name and + // password to Amazon Cognito in the request, instead of using the Secure + // Remote Password (SRP) protocol to securely transmit the password. // - // ALLOW_USER_SRP_AUTH + // * ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication. // - // Enable SRP-based authentication. + // * ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. + // In this flow, Amazon Cognito receives the password in the request instead + // of using the SRP protocol to verify passwords. // - // ALLOW_REFRESH_TOKEN_AUTH + // * ALLOW_USER_SRP_AUTH: Enable SRP-based authentication. // - // Enable the authflow that refreshes tokens. + // * ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens. // - // If you don't specify a value for ExplicitAuthFlows, your user client supports - // ALLOW_USER_SRP_AUTH and ALLOW_CUSTOM_AUTH. + // In some environments, you will see the values ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, + // or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values + // to user pool clients at the same time as values that begin with ALLOW_, like + // ALLOW_USER_SRP_AUTH. ExplicitAuthFlows []*string `type:"list" enum:"ExplicitAuthFlowsType"` // Boolean to specify whether you want to generate a secret for the user pool @@ -18345,6 +18362,9 @@ type CreateUserPoolClientInput struct { // // The default time unit for AccessTokenValidity in an API request is hours. // Valid range is displayed below in seconds. + // + // If you don't specify otherwise in the configuration of your app client, your + // ID tokens are valid for one hour. IdTokenValidity *int64 `min:"1" type:"integer"` // A list of allowed logout URLs for the IdPs. @@ -18383,6 +18403,9 @@ type CreateUserPoolClientInput struct { // You can't set RefreshTokenValidity to 0. If you do, Amazon Cognito overrides // the value with the default value of 30 days. Valid range is displayed below // in seconds. + // + // If you don't specify otherwise in the configuration of your app client, your + // refresh tokens are valid for 30 days. RefreshTokenValidity *int64 `type:"integer"` // A list of provider names for the identity providers (IdPs) that are supported @@ -18778,6 +18801,16 @@ type CreateUserPoolInput struct { // The attributes to be auto-verified. Possible values: email, phone_number. AutoVerifiedAttributes []*string `type:"list" enum:"VerifiedAttributeType"` + // When active, DeletionProtection prevents accidental deletion of your user + // pool. Before you can delete a user pool that you have protected against deletion, + // you must deactivate this feature. + // + // When you try to delete a protected user pool in a DeleteUserPool API request, + // Amazon Cognito returns an InvalidParameterException error. To delete a protected + // user pool, send a new DeleteUserPool request after you deactivate deletion + // protection in an UpdateUserPool API request. + DeletionProtection *string `type:"string" enum:"DeletionProtectionType"` + // The device-remembering configuration for a user pool. A null value indicates // that you have deactivated device remembering in your user pool. // @@ -18996,6 +19029,12 @@ func (s *CreateUserPoolInput) SetAutoVerifiedAttributes(v []*string) *CreateUser return s } +// SetDeletionProtection sets the DeletionProtection field's value. +func (s *CreateUserPoolInput) SetDeletionProtection(v string) *CreateUserPoolInput { + s.DeletionProtection = &v + return s +} + // SetDeviceConfiguration sets the DeviceConfiguration field's value. func (s *CreateUserPoolInput) SetDeviceConfiguration(v *DeviceConfigurationType) *CreateUserPoolInput { s.DeviceConfiguration = v @@ -20077,7 +20116,7 @@ func (s *DescribeIdentityProviderInput) SetUserPoolId(v string) *DescribeIdentit type DescribeIdentityProviderOutput struct { _ struct{} `type:"structure"` - // The IdP that was deleted. + // The identity provider details. // // IdentityProvider is a required field IdentityProvider *IdentityProviderType `type:"structure" required:"true"` @@ -21061,9 +21100,8 @@ type EmailConfigurationType struct { // a higher delivery volume, specify DEVELOPER to use your Amazon SES email // configuration. // - // To look up the email delivery limit for the default option, see Limits in - // (https://docs.aws.amazon.com/cognito/latest/developerguide/limits.html) in - // the Developer Guide. + // To look up the email delivery limit for the default option, see Limits (https://docs.aws.amazon.com/cognito/latest/developerguide/limits.html) + // in the Amazon Cognito Developer Guide. // // The default FROM address is no-reply@verificationemail.com. To customize // the FROM address, provide the Amazon Resource Name (ARN) of an Amazon SES @@ -21083,10 +21121,10 @@ type EmailConfigurationType struct { // Before Amazon Cognito can email your users, it requires additional permissions // to call Amazon SES on your behalf. When you update your user pool with this // option, Amazon Cognito creates a service-linked role, which is a type of - // role, in your Amazon Web Services account. This role contains the permissions - // that allow to access Amazon SES and send email messages with your address. - // For more information about the service-linked role that Amazon Cognito creates, - // see Using Service-Linked Roles for Amazon Cognito (https://docs.aws.amazon.com/cognito/latest/developerguide/using-service-linked-roles.html) + // role in your Amazon Web Services account. This role contains the permissions + // that allow you to access Amazon SES and send email messages from your email + // address. For more information about the service-linked role that Amazon Cognito + // creates, see Using Service-Linked Roles for Amazon Cognito (https://docs.aws.amazon.com/cognito/latest/developerguide/using-service-linked-roles.html) // in the Amazon Cognito Developer Guide. EmailSendingAccount *string `type:"string" enum:"EmailSendingAccountType"` @@ -22179,7 +22217,7 @@ func (s *GetIdentityProviderByIdentifierInput) SetUserPoolId(v string) *GetIdent type GetIdentityProviderByIdentifierOutput struct { _ struct{} `type:"structure"` - // The IdP object. + // The identity provider details. // // IdentityProvider is a required field IdentityProvider *IdentityProviderType `type:"structure" required:"true"` @@ -27935,7 +27973,7 @@ type SetUserPoolMfaConfigInput struct { // The MFA configuration. If you set the MfaConfiguration value to ‘ON’, // only users who have set up an MFA factor can sign in. To learn more, see - // Adding Multi-Factor Authentication (MFA) to a user pool (cognito/latest/developerguide/user-pool-settings-mfa.html). + // Adding Multi-Factor Authentication (MFA) to a user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa.html). // Valid values include: // // * OFF MFA won't be used for any users. @@ -30301,7 +30339,7 @@ func (s *UpdateIdentityProviderInput) SetUserPoolId(v string) *UpdateIdentityPro type UpdateIdentityProviderOutput struct { _ struct{} `type:"structure"` - // The IdP object. + // The identity provider details. // // IdentityProvider is a required field IdentityProvider *IdentityProviderType `type:"structure" required:"true"` @@ -30634,6 +30672,9 @@ type UpdateUserPoolClientInput struct { // // The default time unit for AccessTokenValidity in an API request is hours. // Valid range is displayed below in seconds. + // + // If you don't specify otherwise in the configuration of your app client, your + // access tokens are valid for one hour. AccessTokenValidity *int64 `min:"1" type:"integer"` // The allowed OAuth flows. @@ -30740,18 +30781,22 @@ type UpdateUserPoolClientInput struct { // tokens, see RevokeToken (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html). EnableTokenRevocation *bool `type:"boolean"` - // The authentication flows that are supported by the user pool clients. Flow - // names without the ALLOW_ prefix are no longer supported in favor of new names - // with the ALLOW_ prefix. Note that values with ALLOW_ prefix must be used - // only along with values with the ALLOW_ prefix. + // The authentication flows that you want your user pool client to support. + // For each app client in your user pool, you can sign in your users with any + // combination of one or more flows, including with a user name and Secure Remote + // Password (SRP), a user name and password, or a custom authentication process + // that you define with Lambda functions. + // + // If you don't specify a value for ExplicitAuthFlows, your user client supports + // ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH. // // Valid values include: // // * ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication // flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH - // setting. With this authentication flow, Amazon Cognito receives the password - // in the request instead of using the Secure Remote Password (SRP) protocol - // to verify passwords. + // setting. With this authentication flow, your app passes a user name and + // password to Amazon Cognito in the request, instead of using the Secure + // Remote Password (SRP) protocol to securely transmit the password. // // * ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication. // @@ -30762,6 +30807,11 @@ type UpdateUserPoolClientInput struct { // * ALLOW_USER_SRP_AUTH: Enable SRP-based authentication. // // * ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens. + // + // In some environments, you will see the values ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, + // or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values + // to user pool clients at the same time as values that begin with ALLOW_, like + // ALLOW_USER_SRP_AUTH. ExplicitAuthFlows []*string `type:"list" enum:"ExplicitAuthFlowsType"` // The ID token time limit. After this limit expires, your user can't use their @@ -30774,6 +30824,9 @@ type UpdateUserPoolClientInput struct { // // The default time unit for AccessTokenValidity in an API request is hours. // Valid range is displayed below in seconds. + // + // If you don't specify otherwise in the configuration of your app client, your + // ID tokens are valid for one hour. IdTokenValidity *int64 `min:"1" type:"integer"` // A list of allowed logout URLs for the IdPs. @@ -30812,6 +30865,9 @@ type UpdateUserPoolClientInput struct { // You can't set RefreshTokenValidity to 0. If you do, Amazon Cognito overrides // the value with the default value of 30 days. Valid range is displayed below // in seconds. + // + // If you don't specify otherwise in the configuration of your app client, your + // refresh tokens are valid for 30 days. RefreshTokenValidity *int64 `type:"integer"` // A list of provider names for the IdPs that this client supports. The following @@ -31206,6 +31262,16 @@ type UpdateUserPoolInput struct { // to update user pools. AutoVerifiedAttributes []*string `type:"list" enum:"VerifiedAttributeType"` + // When active, DeletionProtection prevents accidental deletion of your user + // pool. Before you can delete a user pool that you have protected against deletion, + // you must deactivate this feature. + // + // When you try to delete a protected user pool in a DeleteUserPool API request, + // Amazon Cognito returns an InvalidParameterException error. To delete a protected + // user pool, send a new DeleteUserPool request after you deactivate deletion + // protection in an UpdateUserPool API request. + DeletionProtection *string `type:"string" enum:"DeletionProtectionType"` + // The device-remembering configuration for a user pool. A null value indicates // that you have deactivated device remembering in your user pool. // @@ -31387,6 +31453,12 @@ func (s *UpdateUserPoolInput) SetAutoVerifiedAttributes(v []*string) *UpdateUser return s } +// SetDeletionProtection sets the DeletionProtection field's value. +func (s *UpdateUserPoolInput) SetDeletionProtection(v string) *UpdateUserPoolInput { + s.DeletionProtection = &v + return s +} + // SetDeviceConfiguration sets the DeviceConfiguration field's value. func (s *UpdateUserPoolInput) SetDeviceConfiguration(v *DeviceConfigurationType) *UpdateUserPoolInput { s.DeviceConfiguration = v @@ -32204,6 +32276,9 @@ type UserPoolClientType struct { // // The default time unit for AccessTokenValidity in an API request is hours. // Valid range is displayed below in seconds. + // + // If you don't specify otherwise in the configuration of your app client, your + // access tokens are valid for one hour. AccessTokenValidity *int64 `min:"1" type:"integer"` // The allowed OAuth flows. @@ -32326,18 +32401,22 @@ type UserPoolClientType struct { // default. For more information about revoking tokens, see RevokeToken (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html). EnableTokenRevocation *bool `type:"boolean"` - // The authentication flows that are supported by the user pool clients. Flow - // names without the ALLOW_ prefix are no longer supported in favor of new names - // with the ALLOW_ prefix. Note that values with ALLOW_ prefix must be used - // only along with values including the ALLOW_ prefix. + // The authentication flows that you want your user pool client to support. + // For each app client in your user pool, you can sign in your users with any + // combination of one or more flows, including with a user name and Secure Remote + // Password (SRP), a user name and password, or a custom authentication process + // that you define with Lambda functions. + // + // If you don't specify a value for ExplicitAuthFlows, your user client supports + // ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_CUSTOM_AUTH. // // Valid values include: // // * ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication // flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH - // setting. With this authentication flow, Amazon Cognito receives the password - // in the request instead of using the Secure Remote Password (SRP) protocol - // to verify passwords. + // setting. With this authentication flow, your app passes a user name and + // password to Amazon Cognito in the request, instead of using the Secure + // Remote Password (SRP) protocol to securely transmit the password. // // * ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication. // @@ -32348,6 +32427,11 @@ type UserPoolClientType struct { // * ALLOW_USER_SRP_AUTH: Enable SRP-based authentication. // // * ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens. + // + // In some environments, you will see the values ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, + // or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows values + // to user pool clients at the same time as values that begin with ALLOW_, like + // ALLOW_USER_SRP_AUTH. ExplicitAuthFlows []*string `type:"list" enum:"ExplicitAuthFlowsType"` // The ID token time limit. After this limit expires, your user can't use their @@ -32360,6 +32444,9 @@ type UserPoolClientType struct { // // The default time unit for AccessTokenValidity in an API request is hours. // Valid range is displayed below in seconds. + // + // If you don't specify otherwise in the configuration of your app client, your + // ID tokens are valid for one hour. IdTokenValidity *int64 `min:"1" type:"integer"` // The date the user pool client was last modified. @@ -32401,6 +32488,9 @@ type UserPoolClientType struct { // You can't set RefreshTokenValidity to 0. If you do, Amazon Cognito overrides // the value with the default value of 30 days. Valid range is displayed below // in seconds. + // + // If you don't specify otherwise in the configuration of your app client, your + // refresh tokens are valid for 30 days. RefreshTokenValidity *int64 `type:"integer"` // A list of provider names for the IdPs that this client supports. The following @@ -32811,6 +32901,16 @@ type UserPoolType struct { // Using Your Own Domain for the Hosted UI (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-add-custom-domain.html). CustomDomain *string `min:"1" type:"string"` + // When active, DeletionProtection prevents accidental deletion of your user + // pool. Before you can delete a user pool that you have protected against deletion, + // you must deactivate this feature. + // + // When you try to delete a protected user pool in a DeleteUserPool API request, + // Amazon Cognito returns an InvalidParameterException error. To delete a protected + // user pool, send a new DeleteUserPool request after you deactivate deletion + // protection in an UpdateUserPool API request. + DeletionProtection *string `type:"string" enum:"DeletionProtectionType"` + // The device-remembering configuration for a user pool. A null value indicates // that you have deactivated device remembering in your user pool. // @@ -32994,6 +33094,12 @@ func (s *UserPoolType) SetCustomDomain(v string) *UserPoolType { return s } +// SetDeletionProtection sets the DeletionProtection field's value. +func (s *UserPoolType) SetDeletionProtection(v string) *UserPoolType { + s.DeletionProtection = &v + return s +} + // SetDeviceConfiguration sets the DeviceConfiguration field's value. func (s *UserPoolType) SetDeviceConfiguration(v *DeviceConfigurationType) *UserPoolType { s.DeviceConfiguration = v @@ -33998,6 +34104,22 @@ func DefaultEmailOptionType_Values() []string { } } +const ( + // DeletionProtectionTypeActive is a DeletionProtectionType enum value + DeletionProtectionTypeActive = "ACTIVE" + + // DeletionProtectionTypeInactive is a DeletionProtectionType enum value + DeletionProtectionTypeInactive = "INACTIVE" +) + +// DeletionProtectionType_Values returns all elements of the DeletionProtectionType enum +func DeletionProtectionType_Values() []string { + return []string{ + DeletionProtectionTypeActive, + DeletionProtectionTypeInactive, + } +} + const ( // DeliveryMediumTypeSms is a DeliveryMediumType enum value DeliveryMediumTypeSms = "SMS" diff --git a/service/s3/examples_test.go b/service/s3/examples_test.go index 7a7177f921..1e1aefa9fa 100644 --- a/service/s3/examples_test.go +++ b/service/s3/examples_test.go @@ -452,15 +452,15 @@ func ExampleS3_DeleteObject_shared01() { fmt.Println(result) } -// To remove tag set from an object -// The following example removes tag set associated with the specified object. If the -// bucket is versioning enabled, the operation removes tag set from the latest object -// version. +// To remove tag set from an object version +// The following example removes tag set associated with the specified object version. +// The request specifies both the object key and object version. func ExampleS3_DeleteObjectTagging_shared00() { svc := s3.New(session.New()) input := &s3.DeleteObjectTaggingInput{ - Bucket: aws.String("examplebucket"), - Key: aws.String("HappyFace.jpg"), + Bucket: aws.String("examplebucket"), + Key: aws.String("HappyFace.jpg"), + VersionId: aws.String("ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI"), } result, err := svc.DeleteObjectTagging(input) @@ -481,15 +481,15 @@ func ExampleS3_DeleteObjectTagging_shared00() { fmt.Println(result) } -// To remove tag set from an object version -// The following example removes tag set associated with the specified object version. -// The request specifies both the object key and object version. +// To remove tag set from an object +// The following example removes tag set associated with the specified object. If the +// bucket is versioning enabled, the operation removes tag set from the latest object +// version. func ExampleS3_DeleteObjectTagging_shared01() { svc := s3.New(session.New()) input := &s3.DeleteObjectTaggingInput{ - Bucket: aws.String("examplebucket"), - Key: aws.String("HappyFace.jpg"), - VersionId: aws.String("ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI"), + Bucket: aws.String("examplebucket"), + Key: aws.String("HappyFace.jpg"), } result, err := svc.DeleteObjectTagging(input) @@ -510,10 +510,10 @@ func ExampleS3_DeleteObjectTagging_shared01() { fmt.Println(result) } -// To delete multiple objects from a versioned bucket -// The following example deletes objects from a bucket. The bucket is versioned, and -// the request does not specify the object version to delete. In this case, all versions -// remain in the bucket and S3 adds a delete marker. +// To delete multiple object versions from a versioned bucket +// The following example deletes objects from a bucket. The request specifies object +// versions. S3 deletes specific object versions and returns the key and versions of +// deleted objects in the response. func ExampleS3_DeleteObjects_shared00() { svc := s3.New(session.New()) input := &s3.DeleteObjectsInput{ @@ -521,10 +521,12 @@ func ExampleS3_DeleteObjects_shared00() { Delete: &s3.Delete{ Objects: []*s3.ObjectIdentifier{ { - Key: aws.String("objectkey1"), + Key: aws.String("HappyFace.jpg"), + VersionId: aws.String("2LWg7lQLnY41.maGB5Z6SWW.dcq0vx7b"), }, { - Key: aws.String("objectkey2"), + Key: aws.String("HappyFace.jpg"), + VersionId: aws.String("yoz3HB.ZhCS_tKVEmIOr7qYyyAaZSKVd"), }, }, Quiet: aws.Bool(false), @@ -549,10 +551,10 @@ func ExampleS3_DeleteObjects_shared00() { fmt.Println(result) } -// To delete multiple object versions from a versioned bucket -// The following example deletes objects from a bucket. The request specifies object -// versions. S3 deletes specific object versions and returns the key and versions of -// deleted objects in the response. +// To delete multiple objects from a versioned bucket +// The following example deletes objects from a bucket. The bucket is versioned, and +// the request does not specify the object version to delete. In this case, all versions +// remain in the bucket and S3 adds a delete marker. func ExampleS3_DeleteObjects_shared01() { svc := s3.New(session.New()) input := &s3.DeleteObjectsInput{ @@ -560,12 +562,10 @@ func ExampleS3_DeleteObjects_shared01() { Delete: &s3.Delete{ Objects: []*s3.ObjectIdentifier{ { - Key: aws.String("HappyFace.jpg"), - VersionId: aws.String("2LWg7lQLnY41.maGB5Z6SWW.dcq0vx7b"), + Key: aws.String("objectkey1"), }, { - Key: aws.String("HappyFace.jpg"), - VersionId: aws.String("yoz3HB.ZhCS_tKVEmIOr7qYyyAaZSKVd"), + Key: aws.String("objectkey2"), }, }, Quiet: aws.Bool(false), @@ -996,15 +996,13 @@ func ExampleS3_GetObjectAcl_shared00() { fmt.Println(result) } -// To retrieve tag set of a specific object version -// The following example retrieves tag set of an object. The request specifies object -// version. +// To retrieve tag set of an object +// The following example retrieves tag set of an object. func ExampleS3_GetObjectTagging_shared00() { svc := s3.New(session.New()) input := &s3.GetObjectTaggingInput{ - Bucket: aws.String("examplebucket"), - Key: aws.String("exampleobject"), - VersionId: aws.String("ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI"), + Bucket: aws.String("examplebucket"), + Key: aws.String("HappyFace.jpg"), } result, err := svc.GetObjectTagging(input) @@ -1025,13 +1023,15 @@ func ExampleS3_GetObjectTagging_shared00() { fmt.Println(result) } -// To retrieve tag set of an object -// The following example retrieves tag set of an object. +// To retrieve tag set of a specific object version +// The following example retrieves tag set of an object. The request specifies object +// version. func ExampleS3_GetObjectTagging_shared01() { svc := s3.New(session.New()) input := &s3.GetObjectTaggingInput{ - Bucket: aws.String("examplebucket"), - Key: aws.String("HappyFace.jpg"), + Bucket: aws.String("examplebucket"), + Key: aws.String("exampleobject"), + VersionId: aws.String("ydlaNkwWm0SfKJR.T1b1fIdPRbldTYRI"), } result, err := svc.GetObjectTagging(input) @@ -1161,12 +1161,16 @@ func ExampleS3_ListBuckets_shared00() { fmt.Println(result) } -// To list in-progress multipart uploads on a bucket -// The following example lists in-progress multipart uploads on a specific bucket. +// List next set of multipart uploads when previous result is truncated +// The following example specifies the upload-id-marker and key-marker from previous +// truncated response to retrieve next setup of multipart uploads. func ExampleS3_ListMultipartUploads_shared00() { svc := s3.New(session.New()) input := &s3.ListMultipartUploadsInput{ - Bucket: aws.String("examplebucket"), + Bucket: aws.String("examplebucket"), + KeyMarker: aws.String("nextkeyfrompreviousresponse"), + MaxUploads: aws.Int64(2), + UploadIdMarker: aws.String("valuefrompreviousresponse"), } result, err := svc.ListMultipartUploads(input) @@ -1187,16 +1191,12 @@ func ExampleS3_ListMultipartUploads_shared00() { fmt.Println(result) } -// List next set of multipart uploads when previous result is truncated -// The following example specifies the upload-id-marker and key-marker from previous -// truncated response to retrieve next setup of multipart uploads. +// To list in-progress multipart uploads on a bucket +// The following example lists in-progress multipart uploads on a specific bucket. func ExampleS3_ListMultipartUploads_shared01() { svc := s3.New(session.New()) input := &s3.ListMultipartUploadsInput{ - Bucket: aws.String("examplebucket"), - KeyMarker: aws.String("nextkeyfrompreviousresponse"), - MaxUploads: aws.Int64(2), - UploadIdMarker: aws.String("valuefrompreviousresponse"), + Bucket: aws.String("examplebucket"), } result, err := svc.ListMultipartUploads(input) @@ -1751,16 +1751,15 @@ func ExampleS3_PutBucketWebsite_shared00() { fmt.Println(result) } -// To upload an object and specify optional tags -// The following example uploads an object. The request specifies optional object tags. -// The bucket is versioned, therefore S3 returns version ID of the newly created object. +// To create an object. +// The following example creates an object. If the bucket is versioning enabled, S3 +// returns version ID in response. func ExampleS3_PutObject_shared00() { svc := s3.New(session.New()) input := &s3.PutObjectInput{ - Body: aws.ReadSeekCloser(strings.NewReader("c:\\HappyFace.jpg")), - Bucket: aws.String("examplebucket"), - Key: aws.String("HappyFace.jpg"), - Tagging: aws.String("key1=value1&key2=value2"), + Body: aws.ReadSeekCloser(strings.NewReader("filetoupload")), + Bucket: aws.String("examplebucket"), + Key: aws.String("objectkey"), } result, err := svc.PutObject(input) @@ -1811,18 +1810,19 @@ func ExampleS3_PutObject_shared01() { fmt.Println(result) } -// To upload an object and specify server-side encryption and object tags -// The following example uploads and object. The request specifies the optional server-side -// encryption option. The request also specifies optional object tags. If the bucket -// is versioning enabled, S3 returns version ID in response. +// To upload object and specify user-defined metadata +// The following example creates an object. The request also specifies optional metadata. +// If the bucket is versioning enabled, S3 returns version ID in response. func ExampleS3_PutObject_shared02() { svc := s3.New(session.New()) input := &s3.PutObjectInput{ - Body: aws.ReadSeekCloser(strings.NewReader("filetoupload")), - Bucket: aws.String("examplebucket"), - Key: aws.String("exampleobject"), - ServerSideEncryption: aws.String("AES256"), - Tagging: aws.String("key1=value1&key2=value2"), + Body: aws.ReadSeekCloser(strings.NewReader("filetoupload")), + Bucket: aws.String("examplebucket"), + Key: aws.String("exampleobject"), + Metadata: map[string]*string{ + "metadata1": aws.String("value1"), + "metadata2": aws.String("value2"), + }, } result, err := svc.PutObject(input) @@ -1843,19 +1843,16 @@ func ExampleS3_PutObject_shared02() { fmt.Println(result) } -// To upload object and specify user-defined metadata -// The following example creates an object. The request also specifies optional metadata. -// If the bucket is versioning enabled, S3 returns version ID in response. +// To upload an object and specify optional tags +// The following example uploads an object. The request specifies optional object tags. +// The bucket is versioned, therefore S3 returns version ID of the newly created object. func ExampleS3_PutObject_shared03() { svc := s3.New(session.New()) input := &s3.PutObjectInput{ - Body: aws.ReadSeekCloser(strings.NewReader("filetoupload")), - Bucket: aws.String("examplebucket"), - Key: aws.String("exampleobject"), - Metadata: map[string]*string{ - "metadata1": aws.String("value1"), - "metadata2": aws.String("value2"), - }, + Body: aws.ReadSeekCloser(strings.NewReader("c:\\HappyFace.jpg")), + Bucket: aws.String("examplebucket"), + Key: aws.String("HappyFace.jpg"), + Tagging: aws.String("key1=value1&key2=value2"), } result, err := svc.PutObject(input) @@ -1907,17 +1904,18 @@ func ExampleS3_PutObject_shared04() { fmt.Println(result) } -// To upload an object and specify canned ACL. -// The following example uploads and object. The request specifies optional canned ACL -// (access control list) to all READ access to authenticated users. If the bucket is -// versioning enabled, S3 returns version ID in response. +// To upload an object and specify server-side encryption and object tags +// The following example uploads and object. The request specifies the optional server-side +// encryption option. The request also specifies optional object tags. If the bucket +// is versioning enabled, S3 returns version ID in response. func ExampleS3_PutObject_shared05() { svc := s3.New(session.New()) input := &s3.PutObjectInput{ - ACL: aws.String("authenticated-read"), - Body: aws.ReadSeekCloser(strings.NewReader("filetoupload")), - Bucket: aws.String("examplebucket"), - Key: aws.String("exampleobject"), + Body: aws.ReadSeekCloser(strings.NewReader("filetoupload")), + Bucket: aws.String("examplebucket"), + Key: aws.String("exampleobject"), + ServerSideEncryption: aws.String("AES256"), + Tagging: aws.String("key1=value1&key2=value2"), } result, err := svc.PutObject(input) @@ -1938,15 +1936,17 @@ func ExampleS3_PutObject_shared05() { fmt.Println(result) } -// To create an object. -// The following example creates an object. If the bucket is versioning enabled, S3 -// returns version ID in response. +// To upload an object and specify canned ACL. +// The following example uploads and object. The request specifies optional canned ACL +// (access control list) to all READ access to authenticated users. If the bucket is +// versioning enabled, S3 returns version ID in response. func ExampleS3_PutObject_shared06() { svc := s3.New(session.New()) input := &s3.PutObjectInput{ + ACL: aws.String("authenticated-read"), Body: aws.ReadSeekCloser(strings.NewReader("filetoupload")), Bucket: aws.String("examplebucket"), - Key: aws.String("objectkey"), + Key: aws.String("exampleobject"), } result, err := svc.PutObject(input) @@ -2107,18 +2107,17 @@ func ExampleS3_UploadPart_shared00() { fmt.Println(result) } -// To upload a part by copying byte range from an existing object as data source -// The following example uploads a part of a multipart upload by copying a specified -// byte range from an existing object as data source. +// To upload a part by copying data from an existing object as data source +// The following example uploads a part of a multipart upload by copying data from an +// existing object as data source. func ExampleS3_UploadPartCopy_shared00() { svc := s3.New(session.New()) input := &s3.UploadPartCopyInput{ - Bucket: aws.String("examplebucket"), - CopySource: aws.String("/bucketname/sourceobjectkey"), - CopySourceRange: aws.String("bytes=1-100000"), - Key: aws.String("examplelargeobject"), - PartNumber: aws.Int64(2), - UploadId: aws.String("exampleuoh_10OhKhT7YukE9bjzTPRiuaCotmZM_pFngJFir9OZNrSr5cWa3cq3LZSUsfjI4FI7PkP91We7Nrw--"), + Bucket: aws.String("examplebucket"), + CopySource: aws.String("/bucketname/sourceobjectkey"), + Key: aws.String("examplelargeobject"), + PartNumber: aws.Int64(1), + UploadId: aws.String("exampleuoh_10OhKhT7YukE9bjzTPRiuaCotmZM_pFngJFir9OZNrSr5cWa3cq3LZSUsfjI4FI7PkP91We7Nrw--"), } result, err := svc.UploadPartCopy(input) @@ -2139,17 +2138,18 @@ func ExampleS3_UploadPartCopy_shared00() { fmt.Println(result) } -// To upload a part by copying data from an existing object as data source -// The following example uploads a part of a multipart upload by copying data from an -// existing object as data source. +// To upload a part by copying byte range from an existing object as data source +// The following example uploads a part of a multipart upload by copying a specified +// byte range from an existing object as data source. func ExampleS3_UploadPartCopy_shared01() { svc := s3.New(session.New()) input := &s3.UploadPartCopyInput{ - Bucket: aws.String("examplebucket"), - CopySource: aws.String("/bucketname/sourceobjectkey"), - Key: aws.String("examplelargeobject"), - PartNumber: aws.Int64(1), - UploadId: aws.String("exampleuoh_10OhKhT7YukE9bjzTPRiuaCotmZM_pFngJFir9OZNrSr5cWa3cq3LZSUsfjI4FI7PkP91We7Nrw--"), + Bucket: aws.String("examplebucket"), + CopySource: aws.String("/bucketname/sourceobjectkey"), + CopySourceRange: aws.String("bytes=1-100000"), + Key: aws.String("examplelargeobject"), + PartNumber: aws.Int64(2), + UploadId: aws.String("exampleuoh_10OhKhT7YukE9bjzTPRiuaCotmZM_pFngJFir9OZNrSr5cWa3cq3LZSUsfjI4FI7PkP91We7Nrw--"), } result, err := svc.UploadPartCopy(input) diff --git a/service/sagemaker/api.go b/service/sagemaker/api.go index aa2b300457..848b3b7782 100644 --- a/service/sagemaker/api.go +++ b/service/sagemaker/api.go @@ -50510,6 +50510,10 @@ type DescribeInferenceRecommendationsJobOutput struct { // CreationTime is a required field CreationTime *time.Time `type:"timestamp" required:"true"` + // The performance results from running an Inference Recommender job on an existing + // endpoint. + EndpointPerformances []*EndpointPerformance `type:"list"` + // If the job fails, provides information why the job failed. FailureReason *string `type:"string"` @@ -50592,6 +50596,12 @@ func (s *DescribeInferenceRecommendationsJobOutput) SetCreationTime(v time.Time) return s } +// SetEndpointPerformances sets the EndpointPerformances field's value. +func (s *DescribeInferenceRecommendationsJobOutput) SetEndpointPerformances(v []*EndpointPerformance) *DescribeInferenceRecommendationsJobOutput { + s.EndpointPerformances = v + return s +} + // SetFailureReason sets the FailureReason field's value. func (s *DescribeInferenceRecommendationsJobOutput) SetFailureReason(v string) *DescribeInferenceRecommendationsJobOutput { s.FailureReason = &v @@ -58067,6 +58077,54 @@ func (s *EndpointConfigSummary) SetEndpointConfigName(v string) *EndpointConfigS return s } +// Details about a customer endpoint that was compared in an Inference Recommender +// job. +type EndpointInfo struct { + _ struct{} `type:"structure"` + + // The name of a customer's endpoint. + // + // EndpointName is a required field + EndpointName *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EndpointInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EndpointInfo) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *EndpointInfo) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "EndpointInfo"} + if s.EndpointName == nil { + invalidParams.Add(request.NewErrParamRequired("EndpointName")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetEndpointName sets the EndpointName field's value. +func (s *EndpointInfo) SetEndpointName(v string) *EndpointInfo { + s.EndpointName = &v + return s +} + // Input object for the endpoint type EndpointInput struct { _ struct{} `type:"structure"` @@ -58355,6 +58413,53 @@ func (s *EndpointOutputConfiguration) SetVariantName(v string) *EndpointOutputCo return s } +// The performance results from running an Inference Recommender job on an existing +// endpoint. +type EndpointPerformance struct { + _ struct{} `type:"structure"` + + // Details about a customer endpoint that was compared in an Inference Recommender + // job. + // + // EndpointInfo is a required field + EndpointInfo *EndpointInfo `type:"structure" required:"true"` + + // The metrics for an existing endpoint. + // + // Metrics is a required field + Metrics *InferenceMetrics `type:"structure" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EndpointPerformance) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EndpointPerformance) GoString() string { + return s.String() +} + +// SetEndpointInfo sets the EndpointInfo field's value. +func (s *EndpointPerformance) SetEndpointInfo(v *EndpointInfo) *EndpointPerformance { + s.EndpointInfo = v + return s +} + +// SetMetrics sets the Metrics field's value. +func (s *EndpointPerformance) SetMetrics(v *InferenceMetrics) *EndpointPerformance { + s.Metrics = v + return s +} + // Provides summary information for an endpoint. type EndpointSummary struct { _ struct{} `type:"structure"` @@ -64293,6 +64398,52 @@ func (s *InferenceExecutionConfig) SetMode(v string) *InferenceExecutionConfig { return s } +// The metrics for an existing endpoint compared in an Inference Recommender +// job. +type InferenceMetrics struct { + _ struct{} `type:"structure"` + + // The expected maximum number of requests per minute for the instance. + // + // MaxInvocations is a required field + MaxInvocations *int64 `type:"integer" required:"true"` + + // The expected model latency at maximum invocations per minute for the instance. + // + // ModelLatency is a required field + ModelLatency *int64 `type:"integer" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InferenceMetrics) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InferenceMetrics) GoString() string { + return s.String() +} + +// SetMaxInvocations sets the MaxInvocations field's value. +func (s *InferenceMetrics) SetMaxInvocations(v int64) *InferenceMetrics { + s.MaxInvocations = &v + return s +} + +// SetModelLatency sets the ModelLatency field's value. +func (s *InferenceMetrics) SetModelLatency(v int64) *InferenceMetrics { + s.ModelLatency = &v + return s +} + // A list of recommendations made by Amazon SageMaker Inference Recommender. type InferenceRecommendation struct { _ struct{} `type:"structure"` @@ -86425,6 +86576,9 @@ type RecommendationJobInputConfig struct { // Specifies the endpoint configuration to use for a job. EndpointConfigurations []*EndpointInputConfiguration `min:"1" type:"list"` + // Existing customer endpoints on which to run an Inference Recommender job. + Endpoints []*EndpointInfo `type:"list"` + // Specifies the maximum duration of the job, in seconds.> JobDurationInSeconds *int64 `min:"1" type:"integer"` @@ -86509,6 +86663,16 @@ func (s *RecommendationJobInputConfig) Validate() error { } } } + if s.Endpoints != nil { + for i, v := range s.Endpoints { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Endpoints", i), err.(request.ErrInvalidParams)) + } + } + } if s.ResourceLimit != nil { if err := s.ResourceLimit.Validate(); err != nil { invalidParams.AddNested("ResourceLimit", err.(request.ErrInvalidParams)) @@ -86538,6 +86702,12 @@ func (s *RecommendationJobInputConfig) SetEndpointConfigurations(v []*EndpointIn return s } +// SetEndpoints sets the Endpoints field's value. +func (s *RecommendationJobInputConfig) SetEndpoints(v []*EndpointInfo) *RecommendationJobInputConfig { + s.Endpoints = v + return s +} + // SetJobDurationInSeconds sets the JobDurationInSeconds field's value. func (s *RecommendationJobInputConfig) SetJobDurationInSeconds(v int64) *RecommendationJobInputConfig { s.JobDurationInSeconds = &v @@ -93776,8 +93946,9 @@ func (s *TransformOutput) SetS3OutputPath(v string) *TransformOutput { type TransformResources struct { _ struct{} `type:"structure"` - // The number of ML compute instances to use in the transform job. For distributed - // transform jobs, specify a value greater than 1. The default value is 1. + // The number of ML compute instances to use in the transform job. The default + // value is 1, and the maximum is 100. For distributed transform jobs, specify + // a value greater than 1. // // InstanceCount is a required field InstanceCount *int64 `min:"1" type:"integer" required:"true"`