From 1f4441e46b63ae6ff01067780b26d49916c267a0 Mon Sep 17 00:00:00 2001 From: AllanZhengYP Date: Thu, 7 Oct 2021 16:22:01 -0700 Subject: [PATCH] feat(clients): update clients as of 10/07/2021 (#2879) * chore(model): update service models as of 10/07/2021 * chore(model): update endpoints model as of 10/07/2021 * feat(clients): update clients as of 10/07/2021 --- .../src/models/models_0.ts | 5 + .../src/protocols/Aws_restJson1.ts | 4 + .../client-application-auto-scaling/README.md | 5 +- .../src/ApplicationAutoScaling.ts | 12 +- .../src/ApplicationAutoScalingClient.ts | 5 +- .../commands/RegisterScalableTargetCommand.ts | 7 + .../src/models/models_0.ts | 291 +- clients/client-backup/src/Backup.ts | 86 +- clients/client-backup/src/BackupClient.ts | 12 + .../src/commands/CreateFrameworkCommand.ts | 3 +- ...leteBackupVaultLockConfigurationCommand.ts | 106 + .../PutBackupVaultLockConfigurationCommand.ts | 105 + clients/client-backup/src/index.ts | 2 + clients/client-backup/src/models/models_0.ts | 240 +- .../src/protocols/Aws_restJson1.ts | 301 + .../commands/GetSipMediaApplicationCommand.ts | 3 +- ...aApplicationLoggingConfigurationCommand.ts | 2 +- .../src/commands/GetSipRuleCommand.ts | 2 +- .../src/commands/GetUserCommand.ts | 2 +- .../src/commands/GetUserSettingsCommand.ts | 3 +- clients/client-chime/src/models/models_0.ts | 419 +- clients/client-chime/src/models/models_1.ts | 217 +- .../src/protocols/Aws_restJson1.ts | 241 +- .../client-codebuild/src/models/models_0.ts | 36 +- .../src/protocols/Aws_json1_1.ts | 3 + clients/client-ec2/src/EC2.ts | 167 + clients/client-ec2/src/EC2Client.ts | 24 + .../CancelCapacityReservationFleetsCommand.ts | 117 + .../CreateCapacityReservationFleetCommand.ts | 104 + .../CreateInstanceEventWindowCommand.ts | 3 +- .../CreateInstanceExportTaskCommand.ts | 2 +- .../commands/CreateInternetGatewayCommand.ts | 3 +- .../commands/CreateVpnConnectionCommand.ts | 3 +- .../CreateVpnConnectionRouteCommand.ts | 2 +- .../src/commands/CreateVpnGatewayCommand.ts | 2 +- .../commands/DeleteCarrierGatewayCommand.ts | 3 +- ...escribeCapacityReservationFleetsCommand.ts | 103 + .../DescribeImportImageTasksCommand.ts | 3 +- .../DescribeImportSnapshotTasksCommand.ts | 2 +- .../DescribeInstanceAttributeCommand.ts | 2 +- ...ribeInstanceCreditSpecificationsCommand.ts | 2 +- .../commands/DescribeVolumeStatusCommand.ts | 3 +- .../src/commands/DescribeVolumesCommand.ts | 2 +- .../DescribeVolumesModificationsCommand.ts | 2 +- .../ModifyCapacityReservationFleetCommand.ts | 107 + .../ModifyTrafficMirrorSessionCommand.ts | 3 +- .../commands/ModifyTransitGatewayCommand.ts | 2 +- ...ransitGatewayPrefixListReferenceCommand.ts | 2 +- ...odifyTransitGatewayVpcAttachmentCommand.ts | 2 +- .../commands/ModifyVolumeAttributeCommand.ts | 2 +- .../src/commands/ModifyVolumeCommand.ts | 2 +- .../src/commands/ModifyVpcAttributeCommand.ts | 2 +- .../src/commands/ModifyVpcEndpointCommand.ts | 2 +- ...pcEndpointConnectionNotificationCommand.ts | 2 +- clients/client-ec2/src/index.ts | 5 + clients/client-ec2/src/models/models_0.ts | 3126 ++-- clients/client-ec2/src/models/models_1.ts | 588 +- clients/client-ec2/src/models/models_2.ts | 1143 +- clients/client-ec2/src/models/models_3.ts | 12243 ++++++++-------- clients/client-ec2/src/models/models_4.ts | 9625 ++++++------ clients/client-ec2/src/models/models_5.ts | 591 +- ...cribeCapacityReservationFleetsPaginator.ts | 59 + clients/client-ec2/src/protocols/Aws_ec2.ts | 967 +- .../src/waiters/waitForSnapshotCompleted.ts | 14 + .../client-efs/src/protocols/Aws_restJson1.ts | 8 + .../client-firehose/src/models/models_0.ts | 1057 +- .../src/protocols/Aws_json1_1.ts | 182 + clients/client-fsx/src/models/models_0.ts | 45 +- .../client-fsx/src/protocols/Aws_json1_1.ts | 5 + clients/client-glue/src/models/models_0.ts | 5 + clients/client-glue/src/models/models_1.ts | 3 + .../client-glue/src/protocols/Aws_json1_1.ts | 1 + clients/client-grafana/.gitignore | 9 + clients/client-grafana/.npmignore | 4 + clients/client-grafana/LICENSE | 201 + clients/client-grafana/README.md | 209 + clients/client-grafana/jest.config.js | 4 + clients/client-grafana/package.json | 96 + clients/client-grafana/src/Grafana.ts | 442 + clients/client-grafana/src/GrafanaClient.ts | 284 + .../src/commands/AssociateLicenseCommand.ts | 97 + .../src/commands/CreateWorkspaceCommand.ts | 99 + .../src/commands/DeleteWorkspaceCommand.ts | 95 + .../DescribeWorkspaceAuthenticationCommand.ts | 103 + .../src/commands/DescribeWorkspaceCommand.ts | 95 + .../commands/DisassociateLicenseCommand.ts | 95 + .../src/commands/ListPermissionsCommand.ts | 101 + .../src/commands/ListWorkspacesCommand.ts | 96 + .../src/commands/UpdatePermissionsCommand.ts | 95 + .../UpdateWorkspaceAuthenticationCommand.ts | 103 + .../src/commands/UpdateWorkspaceCommand.ts | 100 + clients/client-grafana/src/endpoints.ts | 98 + clients/client-grafana/src/index.ts | 17 + clients/client-grafana/src/models/index.ts | 1 + clients/client-grafana/src/models/models_0.ts | 1632 ++ .../src/pagination/Interfaces.ts | 8 + .../pagination/ListPermissionsPaginator.ts | 59 + .../src/pagination/ListWorkspacesPaginator.ts | 59 + .../src/protocols/Aws_restJson1.ts | 2240 +++ .../src/runtimeConfig.browser.ts | 41 + .../src/runtimeConfig.native.ts | 17 + .../src/runtimeConfig.shared.ts | 17 + clients/client-grafana/src/runtimeConfig.ts | 46 + clients/client-grafana/tsconfig.es.json | 10 + clients/client-grafana/tsconfig.json | 32 + clients/client-grafana/tsconfig.types.json | 9 + clients/client-kendra/src/Kendra.ts | 13 +- .../src/commands/CreateDataSourceCommand.ts | 7 +- .../commands/PutPrincipalMappingCommand.ts | 6 +- clients/client-kendra/src/endpoints.ts | 18 +- clients/client-kendra/src/models/models_0.ts | 224 +- .../src/protocols/Aws_json1_1.ts | 45 + clients/client-kms/README.md | 15 +- clients/client-kms/src/KMS.ts | 730 +- clients/client-kms/src/KMSClient.ts | 15 +- .../src/commands/CancelKeyDeletionCommand.ts | 10 +- .../commands/ConnectCustomKeyStoreCommand.ts | 6 +- .../src/commands/CreateAliasCommand.ts | 18 +- .../src/commands/CreateGrantCommand.ts | 25 +- .../src/commands/CreateKeyCommand.ts | 30 +- .../client-kms/src/commands/DecryptCommand.ts | 45 +- .../src/commands/DeleteAliasCommand.ts | 18 +- .../commands/DeleteCustomKeyStoreCommand.ts | 21 +- .../DeleteImportedKeyMaterialCommand.ts | 11 +- .../DescribeCustomKeyStoresCommand.ts | 8 +- .../src/commands/DescribeKeyCommand.ts | 22 +- .../src/commands/DisableKeyCommand.ts | 9 +- .../src/commands/DisableKeyRotationCommand.ts | 3 +- .../DisconnectCustomKeyStoreCommand.ts | 10 +- .../src/commands/EnableKeyCommand.ts | 6 +- .../src/commands/EnableKeyRotationCommand.ts | 3 +- .../client-kms/src/commands/EncryptCommand.ts | 26 +- .../src/commands/GenerateDataKeyCommand.ts | 27 +- .../commands/GenerateDataKeyPairCommand.ts | 28 +- ...erateDataKeyPairWithoutPlaintextCommand.ts | 29 +- .../GenerateDataKeyWithoutPlaintextCommand.ts | 20 +- .../src/commands/GenerateRandomCommand.ts | 3 +- .../commands/GetKeyRotationStatusCommand.ts | 3 +- .../commands/GetParametersForImportCommand.ts | 15 +- .../src/commands/GetPublicKeyCommand.ts | 12 +- .../src/commands/ImportKeyMaterialCommand.ts | 26 +- .../src/commands/ListAliasesCommand.ts | 23 +- .../src/commands/ListGrantsCommand.ts | 4 +- .../src/commands/ListKeyPoliciesCommand.ts | 6 +- .../src/commands/ListKeysCommand.ts | 3 +- .../commands/ListRetirableGrantsCommand.ts | 13 +- .../src/commands/ReEncryptCommand.ts | 60 +- .../src/commands/ReplicateKeyCommand.ts | 10 +- .../src/commands/RetireGrantCommand.ts | 12 +- .../src/commands/RevokeGrantCommand.ts | 3 +- .../commands/ScheduleKeyDeletionCommand.ts | 34 +- .../client-kms/src/commands/SignCommand.ts | 19 +- .../src/commands/TagResourceCommand.ts | 10 +- .../src/commands/UntagResourceCommand.ts | 6 +- .../src/commands/UpdateAliasCommand.ts | 26 +- .../commands/UpdateCustomKeyStoreCommand.ts | 34 +- .../commands/UpdateKeyDescriptionCommand.ts | 6 +- .../commands/UpdatePrimaryRegionCommand.ts | 2 +- .../client-kms/src/commands/VerifyCommand.ts | 10 +- clients/client-kms/src/models/models_0.ts | 545 +- clients/client-location/src/Location.ts | 12 +- .../BatchUpdateDevicePositionCommand.ts | 12 +- .../client-location/src/models/models_0.ts | 128 +- .../src/protocols/Aws_restJson1.ts | 8 + clients/client-sagemaker/src/SageMaker.ts | 8 +- .../src/commands/CreateDomainCommand.ts | 2 +- .../src/commands/CreateEndpointCommand.ts | 4 +- .../CreatePresignedDomainUrlCommand.ts | 2 +- .../client-sagemaker/src/models/models_0.ts | 173 +- .../client-sagemaker/src/models/models_1.ts | 8 +- .../client-sagemaker/src/models/models_2.ts | 2 +- clients/client-sso-oidc/src/endpoints.ts | 4 + clients/client-workmail/src/WorkMail.ts | 74 + clients/client-workmail/src/WorkMailClient.ts | 12 + .../DescribeInboundDmarcSettingsCommand.ts | 100 + .../PutInboundDmarcSettingsCommand.ts | 95 + clients/client-workmail/src/index.ts | 2 + .../client-workmail/src/models/models_0.ts | 64 + .../src/protocols/Aws_json1_1.ts | 199 + .../aws-models/amplifybackend.2020-08-11.json | 7 + .../application-auto-scaling.2016-02-06.json | 84 +- .../aws-models/backup.2018-11-15.json | 213 +- .../aws-models/chime.2018-05-01.json | 239 +- .../aws-models/codebuild.2016-10-06.json | 27 +- .../aws-models/ec2.2016-11-15.json | 875 +- .../aws-models/efs.2015-02-01.json | 3 + .../aws-models/firehose.2015-08-04.json | 275 + .../aws-models/fsx.2018-03-01.json | 36 +- .../aws-models/glue.2017-03-31.json | 11 +- .../aws-models/grafana.2020-08-18.json | 2311 +++ .../aws-models/kendra.2019-02-03.json | 155 +- .../aws-models/kms.2014-11-01.json | 288 +- .../aws-models/location.2020-11-19.json | 79 +- .../aws-models/sagemaker.2017-07-24.json | 32 +- .../aws-models/workmail.2017-10-01.json | 100 + .../aws/typescript/codegen/endpoints.json | 140 + 196 files changed, 31640 insertions(+), 15545 deletions(-) create mode 100644 clients/client-backup/src/commands/DeleteBackupVaultLockConfigurationCommand.ts create mode 100644 clients/client-backup/src/commands/PutBackupVaultLockConfigurationCommand.ts create mode 100644 clients/client-ec2/src/commands/CancelCapacityReservationFleetsCommand.ts create mode 100644 clients/client-ec2/src/commands/CreateCapacityReservationFleetCommand.ts create mode 100644 clients/client-ec2/src/commands/DescribeCapacityReservationFleetsCommand.ts create mode 100644 clients/client-ec2/src/commands/ModifyCapacityReservationFleetCommand.ts create mode 100644 clients/client-ec2/src/pagination/DescribeCapacityReservationFleetsPaginator.ts create mode 100644 clients/client-grafana/.gitignore create mode 100644 clients/client-grafana/.npmignore create mode 100644 clients/client-grafana/LICENSE create mode 100644 clients/client-grafana/README.md create mode 100644 clients/client-grafana/jest.config.js create mode 100644 clients/client-grafana/package.json create mode 100644 clients/client-grafana/src/Grafana.ts create mode 100644 clients/client-grafana/src/GrafanaClient.ts create mode 100644 clients/client-grafana/src/commands/AssociateLicenseCommand.ts create mode 100644 clients/client-grafana/src/commands/CreateWorkspaceCommand.ts create mode 100644 clients/client-grafana/src/commands/DeleteWorkspaceCommand.ts create mode 100644 clients/client-grafana/src/commands/DescribeWorkspaceAuthenticationCommand.ts create mode 100644 clients/client-grafana/src/commands/DescribeWorkspaceCommand.ts create mode 100644 clients/client-grafana/src/commands/DisassociateLicenseCommand.ts create mode 100644 clients/client-grafana/src/commands/ListPermissionsCommand.ts create mode 100644 clients/client-grafana/src/commands/ListWorkspacesCommand.ts create mode 100644 clients/client-grafana/src/commands/UpdatePermissionsCommand.ts create mode 100644 clients/client-grafana/src/commands/UpdateWorkspaceAuthenticationCommand.ts create mode 100644 clients/client-grafana/src/commands/UpdateWorkspaceCommand.ts create mode 100644 clients/client-grafana/src/endpoints.ts create mode 100644 clients/client-grafana/src/index.ts create mode 100644 clients/client-grafana/src/models/index.ts create mode 100644 clients/client-grafana/src/models/models_0.ts create mode 100644 clients/client-grafana/src/pagination/Interfaces.ts create mode 100644 clients/client-grafana/src/pagination/ListPermissionsPaginator.ts create mode 100644 clients/client-grafana/src/pagination/ListWorkspacesPaginator.ts create mode 100644 clients/client-grafana/src/protocols/Aws_restJson1.ts create mode 100644 clients/client-grafana/src/runtimeConfig.browser.ts create mode 100644 clients/client-grafana/src/runtimeConfig.native.ts create mode 100644 clients/client-grafana/src/runtimeConfig.shared.ts create mode 100644 clients/client-grafana/src/runtimeConfig.ts create mode 100644 clients/client-grafana/tsconfig.es.json create mode 100644 clients/client-grafana/tsconfig.json create mode 100644 clients/client-grafana/tsconfig.types.json create mode 100644 clients/client-workmail/src/commands/DescribeInboundDmarcSettingsCommand.ts create mode 100644 clients/client-workmail/src/commands/PutInboundDmarcSettingsCommand.ts create mode 100644 codegen/sdk-codegen/aws-models/grafana.2020-08-18.json diff --git a/clients/client-amplifybackend/src/models/models_0.ts b/clients/client-amplifybackend/src/models/models_0.ts index 4998b7e4de3a..57d35944f1cd 100644 --- a/clients/client-amplifybackend/src/models/models_0.ts +++ b/clients/client-amplifybackend/src/models/models_0.ts @@ -1463,6 +1463,11 @@ export namespace GetBackendRequest { } export interface GetBackendResponse { + /** + *

A stringified version of the cli.json file for your Amplify project.

+ */ + AmplifyFeatureFlags?: string; + /** *

A stringified version of the current configs for your Amplify project.

*/ diff --git a/clients/client-amplifybackend/src/protocols/Aws_restJson1.ts b/clients/client-amplifybackend/src/protocols/Aws_restJson1.ts index 15211a8407b9..80938561b135 100644 --- a/clients/client-amplifybackend/src/protocols/Aws_restJson1.ts +++ b/clients/client-amplifybackend/src/protocols/Aws_restJson1.ts @@ -2191,6 +2191,7 @@ export const deserializeAws_restJson1GetBackendCommand = async ( } const contents: GetBackendCommandOutput = { $metadata: deserializeMetadata(output), + AmplifyFeatureFlags: undefined, AmplifyMetaConfig: undefined, AppId: undefined, AppName: undefined, @@ -2199,6 +2200,9 @@ export const deserializeAws_restJson1GetBackendCommand = async ( Error: undefined, }; const data: { [key: string]: any } = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + if (data.amplifyFeatureFlags !== undefined && data.amplifyFeatureFlags !== null) { + contents.AmplifyFeatureFlags = __expectString(data.amplifyFeatureFlags); + } if (data.amplifyMetaConfig !== undefined && data.amplifyMetaConfig !== null) { contents.AmplifyMetaConfig = __expectString(data.amplifyMetaConfig); } diff --git a/clients/client-application-auto-scaling/README.md b/clients/client-application-auto-scaling/README.md index dbcaf87a4ae4..76de7c82a355 100644 --- a/clients/client-application-auto-scaling/README.md +++ b/clients/client-application-auto-scaling/README.md @@ -41,10 +41,13 @@ resources:

Amazon Managed Streaming for Apache Kafka broker storage

  • +

    Amazon Neptune clusters

    +
    • +

  • Amazon SageMaker endpoint variants

  • -

    Spot Fleet (Amazon EC2) requests

    +

    Spot Fleets (Amazon EC2)

  • Custom resources provided by your own applications or services

    diff --git a/clients/client-application-auto-scaling/src/ApplicationAutoScaling.ts b/clients/client-application-auto-scaling/src/ApplicationAutoScaling.ts index f757b6759592..425e2515107c 100644 --- a/clients/client-application-auto-scaling/src/ApplicationAutoScaling.ts +++ b/clients/client-application-auto-scaling/src/ApplicationAutoScaling.ts @@ -87,10 +87,13 @@ import { *

    Amazon Managed Streaming for Apache Kafka broker storage

    *
    • *
  • + *

    Amazon Neptune clusters

    + *
    • + *
  • *

    Amazon SageMaker endpoint variants

    *
    • *
  • - *

    Spot Fleet (Amazon EC2) requests

    + *

    Spot Fleets (Amazon EC2)

    *
    • *
  • *

    Custom resources provided by your own applications or services

    @@ -491,6 +494,13 @@ export class ApplicationAutoScaling extends ApplicationAutoScalingClient { *

    To update a scalable target, specify the parameters that you want to change. Include the * parameters that identify the scalable target: resource ID, scalable dimension, and * namespace. Any parameters that you don't specify are not changed by this update request.

    + * + *

    If you call the RegisterScalableTarget API to update an existing + * scalable target, Application Auto Scaling retrieves the current capacity of the resource. If it is below + * the minimum capacity or above the maximum capacity, Application Auto Scaling adjusts the capacity of the + * scalable target to place it within these bounds, even if you don't include the + * MinCapacity or MaxCapacity request parameters.

    + *     */ public registerScalableTarget( args: RegisterScalableTargetCommandInput, diff --git a/clients/client-application-auto-scaling/src/ApplicationAutoScalingClient.ts b/clients/client-application-auto-scaling/src/ApplicationAutoScalingClient.ts index 5f7d82fb165f..3dbc921238a1 100644 --- a/clients/client-application-auto-scaling/src/ApplicationAutoScalingClient.ts +++ b/clients/client-application-auto-scaling/src/ApplicationAutoScalingClient.ts @@ -282,10 +282,13 @@ export interface ApplicationAutoScalingClientResolvedConfig extends ApplicationA *

    Amazon Managed Streaming for Apache Kafka broker storage

    *
    • *
  • + *

    Amazon Neptune clusters

    + *
    • + *
  • *

    Amazon SageMaker endpoint variants

    *
    • *
  • - *

    Spot Fleet (Amazon EC2) requests

    + *

    Spot Fleets (Amazon EC2)

    *
    • *
  • *

    Custom resources provided by your own applications or services

    diff --git a/clients/client-application-auto-scaling/src/commands/RegisterScalableTargetCommand.ts b/clients/client-application-auto-scaling/src/commands/RegisterScalableTargetCommand.ts index c388d8ed8601..1f5b6fa62b63 100644 --- a/clients/client-application-auto-scaling/src/commands/RegisterScalableTargetCommand.ts +++ b/clients/client-application-auto-scaling/src/commands/RegisterScalableTargetCommand.ts @@ -41,6 +41,13 @@ export interface RegisterScalableTargetCommandOutput extends RegisterScalableTar *

    To update a scalable target, specify the parameters that you want to change. Include the * parameters that identify the scalable target: resource ID, scalable dimension, and * namespace. Any parameters that you don't specify are not changed by this update request.

    + * + *

    If you call the RegisterScalableTarget API to update an existing + * scalable target, Application Auto Scaling retrieves the current capacity of the resource. If it is below + * the minimum capacity or above the maximum capacity, Application Auto Scaling adjusts the capacity of the + * scalable target to place it within these bounds, even if you don't include the + * MinCapacity or MaxCapacity request parameters.

    + *     * @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-application-auto-scaling/src/models/models_0.ts b/clients/client-application-auto-scaling/src/models/models_0.ts index 034e02934b29..b7d8a4ee7b47 100644 --- a/clients/client-application-auto-scaling/src/models/models_0.ts +++ b/clients/client-application-auto-scaling/src/models/models_0.ts @@ -67,6 +67,7 @@ export enum ScalableDimension { ElastiCacheReplicationGroupReplicas = "elasticache:replication-group:Replicas", KafkaBrokerStorageVolumeSize = "kafka:broker-storage:VolumeSize", LambdaFunctionProvisionedConcurrency = "lambda:function:ProvisionedConcurrency", + NeptuneClusterReadReplicaCount = "neptune:cluster:ReadReplicaCount", RDSClusterReadReplicaCount = "rds:cluster:ReadReplicaCount", SageMakerVariantDesiredInstanceCount = "sagemaker:variant:DesiredInstanceCount", } @@ -83,6 +84,7 @@ export enum ServiceNamespace { EMR = "elasticmapreduce", KAFKA = "kafka", LAMBDA = "lambda", + NEPTUNE = "neptune", RDS = "rds", SAGEMAKER = "sagemaker", } @@ -108,7 +110,7 @@ export interface DeleteScalingPolicyRequest { * and service name. Example: service/default/sample-webapp.

    *
    • *
  • - *

    Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the + *

    Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the * Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

    *
    • *
  • @@ -132,7 +134,7 @@ export interface DeleteScalingPolicyRequest { * Example: cluster:my-db-cluster.

    *
    • *
  • - *

    Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. + *

    SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. * Example: endpoint/my-end-point/variant/KMeansClustering.

    *
    • *
  • @@ -162,6 +164,9 @@ export interface DeleteScalingPolicyRequest { *

    Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name. * Example: replication-group/mycluster.

    *
    • + *
  • + *

    Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

    + *
    • * */ ResourceId: string | undefined; @@ -179,7 +184,7 @@ export interface DeleteScalingPolicyRequest { * *
  • *

    - * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

    + * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

    *
    • *
  • *

    @@ -207,7 +212,7 @@ export interface DeleteScalingPolicyRequest { *

    • *
  • *

    - * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

    + * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

    *
    • *
  • *

    @@ -245,6 +250,10 @@ export interface DeleteScalingPolicyRequest { *

    * elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

    *
    • + *
  • + *

    + * neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

    + *
    • * */ ScalableDimension: ScalableDimension | string | undefined; @@ -350,7 +359,7 @@ export interface DeleteScheduledActionRequest { * and service name. Example: service/default/sample-webapp.

    * *
  • - *

    Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the + *

    Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the * Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

    *
    • *
  • @@ -374,7 +383,7 @@ export interface DeleteScheduledActionRequest { * Example: cluster:my-db-cluster.

    *
    • *
  • - *

    Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. + *

    SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. * Example: endpoint/my-end-point/variant/KMeansClustering.

    *
    • *
  • @@ -404,6 +413,9 @@ export interface DeleteScheduledActionRequest { *

    Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name. * Example: replication-group/mycluster.

    *
    • + *
  • + *

    Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

    + *
    • * */ ResourceId: string | undefined; @@ -421,7 +433,7 @@ export interface DeleteScheduledActionRequest { * *
  • *

    - * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

    + * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

    *
    • *
  • *

    @@ -449,7 +461,7 @@ export interface DeleteScheduledActionRequest { *

    • *
  • *

    - * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

    + * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

    *
    • *
  • *

    @@ -487,6 +499,10 @@ export interface DeleteScheduledActionRequest { *

    * elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

    *
    • + *
  • + *

    + * neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

    + *
    • * */ ScalableDimension: ScalableDimension | string | undefined; @@ -528,7 +544,7 @@ export interface DeregisterScalableTargetRequest { * and service name. Example: service/default/sample-webapp.

    * *
  • - *

    Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the + *

    Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the * Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

    *
    • *
  • @@ -552,7 +568,7 @@ export interface DeregisterScalableTargetRequest { * Example: cluster:my-db-cluster.

    *
    • *
  • - *

    Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. + *

    SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. * Example: endpoint/my-end-point/variant/KMeansClustering.

    *
    • *
  • @@ -582,6 +598,9 @@ export interface DeregisterScalableTargetRequest { *

    Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name. * Example: replication-group/mycluster.

    *
    • + *
  • + *

    Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

    + *
    • * */ ResourceId: string | undefined; @@ -600,7 +619,7 @@ export interface DeregisterScalableTargetRequest { * *
  • *

    - * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

    + * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

    *
    • *
  • *

    @@ -628,7 +647,7 @@ export interface DeregisterScalableTargetRequest { *

    • *
  • *

    - * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

    + * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

    *
    • *
  • *

    @@ -666,6 +685,10 @@ export interface DeregisterScalableTargetRequest { *

    * elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

    *
    • + *
  • + *

    + * neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

    + *
    • * */ ScalableDimension: ScalableDimension | string | undefined; @@ -707,7 +730,7 @@ export interface DescribeScalableTargetsRequest { * and service name. Example: service/default/sample-webapp.

    * *
  • - *

    Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the + *

    Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the * Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

    *
    • *
  • @@ -731,7 +754,7 @@ export interface DescribeScalableTargetsRequest { * Example: cluster:my-db-cluster.

    *
    • *
  • - *

    Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. + *

    SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. * Example: endpoint/my-end-point/variant/KMeansClustering.

    *
    • *
  • @@ -761,6 +784,9 @@ export interface DescribeScalableTargetsRequest { *

    Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name. * Example: replication-group/mycluster.

    *
    • + *
  • + *

    Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

    + *
    • * */ ResourceIds?: string[]; @@ -779,7 +805,7 @@ export interface DescribeScalableTargetsRequest { * *
  • *

    - * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

    + * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

    *
    • *
  • *

    @@ -807,7 +833,7 @@ export interface DescribeScalableTargetsRequest { *

    • *
  • *

    - * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

    + * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

    *
    • *
  • *

    @@ -845,6 +871,10 @@ export interface DescribeScalableTargetsRequest { *

    * elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

    *
    • + *
  • + *

    + * neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

    + *
    • * */ ScalableDimension?: ScalableDimension | string; @@ -930,7 +960,7 @@ export interface ScalableTarget { * and service name. Example: service/default/sample-webapp.

    * *
  • - *

    Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the + *

    Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the * Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

    *
    • *
  • @@ -954,7 +984,7 @@ export interface ScalableTarget { * Example: cluster:my-db-cluster.

    *
    • *
  • - *

    Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. + *

    SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. * Example: endpoint/my-end-point/variant/KMeansClustering.

    *
    • *
  • @@ -984,6 +1014,9 @@ export interface ScalableTarget { *

    Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name. * Example: replication-group/mycluster.

    *
    • + *
  • + *

    Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

    + *
    • * */ ResourceId: string | undefined; @@ -1002,7 +1035,7 @@ export interface ScalableTarget { * *
  • *

    - * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

    + * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

    *
    • *
  • *

    @@ -1030,7 +1063,7 @@ export interface ScalableTarget { *

    • *
  • *

    - * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

    + * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

    *
    • *
  • *

    @@ -1068,6 +1101,10 @@ export interface ScalableTarget { *

    * elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

    *
    • + *
  • + *

    + * neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

    + *
    • * */ ScalableDimension: ScalableDimension | string | undefined; @@ -1165,7 +1202,7 @@ export interface DescribeScalingActivitiesRequest { * and service name. Example: service/default/sample-webapp.

    * *
  • - *

    Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the + *

    Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the * Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

    *
    • *
  • @@ -1189,7 +1226,7 @@ export interface DescribeScalingActivitiesRequest { * Example: cluster:my-db-cluster.

    *
    • *
  • - *

    Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. + *

    SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. * Example: endpoint/my-end-point/variant/KMeansClustering.

    *
    • *
  • @@ -1219,6 +1256,9 @@ export interface DescribeScalingActivitiesRequest { *

    Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name. * Example: replication-group/mycluster.

    *
    • + *
  • + *

    Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

    + *
    • * */ ResourceId?: string; @@ -1237,7 +1277,7 @@ export interface DescribeScalingActivitiesRequest { * *
  • *

    - * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

    + * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

    *
    • *
  • *

    @@ -1265,7 +1305,7 @@ export interface DescribeScalingActivitiesRequest { *

    • *
  • *

    - * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

    + * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

    *
    • *
  • *

    @@ -1303,6 +1343,10 @@ export interface DescribeScalingActivitiesRequest { *

    * elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

    *
    • + *
  • + *

    + * neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

    + *
    • * */ ScalableDimension?: ScalableDimension | string; @@ -1366,7 +1410,7 @@ export interface ScalingActivity { * and service name. Example: service/default/sample-webapp.

    * *
  • - *

    Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the + *

    Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the * Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

    *
    • *
  • @@ -1390,7 +1434,7 @@ export interface ScalingActivity { * Example: cluster:my-db-cluster.

    *
    • *
  • - *

    Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. + *

    SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. * Example: endpoint/my-end-point/variant/KMeansClustering.

    *
    • *
  • @@ -1420,6 +1464,9 @@ export interface ScalingActivity { *

    Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name. * Example: replication-group/mycluster.

    *
    • + *
  • + *

    Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

    + *
    • * */ ResourceId: string | undefined; @@ -1437,7 +1484,7 @@ export interface ScalingActivity { * *
  • *

    - * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

    + * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

    *
    • *
  • *

    @@ -1465,7 +1512,7 @@ export interface ScalingActivity { *

    • *
  • *

    - * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

    + * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

    *
    • *
  • *

    @@ -1503,6 +1550,10 @@ export interface ScalingActivity { *

    * elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

    *
    • + *
  • + *

    + * neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

    + *
    • * */ ScalableDimension: ScalableDimension | string | undefined; @@ -1595,7 +1646,7 @@ export interface DescribeScalingPoliciesRequest { * and service name. Example: service/default/sample-webapp.

    * *
  • - *

    Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the + *

    Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the * Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

    *
    • *
  • @@ -1619,7 +1670,7 @@ export interface DescribeScalingPoliciesRequest { * Example: cluster:my-db-cluster.

    *
    • *
  • - *

    Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. + *

    SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. * Example: endpoint/my-end-point/variant/KMeansClustering.

    *
    • *
  • @@ -1649,6 +1700,9 @@ export interface DescribeScalingPoliciesRequest { *

    Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name. * Example: replication-group/mycluster.

    *
    • + *
  • + *

    Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

    + *
    • * */ ResourceId?: string; @@ -1667,7 +1721,7 @@ export interface DescribeScalingPoliciesRequest { * *
  • *

    - * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

    + * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

    *
    • *
  • *

    @@ -1695,7 +1749,7 @@ export interface DescribeScalingPoliciesRequest { *

    • *
  • *

    - * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

    + * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

    *
    • *
  • *

    @@ -1733,18 +1787,22 @@ export interface DescribeScalingPoliciesRequest { *

    * elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

    *
    • + *
  • + *

    + * neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

    + *
    • * */ ScalableDimension?: ScalableDimension | string; /** - *

    The maximum number of scalable targets. This value can be between 1 and - * 50. The default value is 50.

    + *

    The maximum number of scalable targets. This value can be between 1 and 10. The default + * value is 10.

    *

    If this parameter is used, the operation returns up to MaxResults results * at a time, along with a NextToken value. To get the next set of results, * include the NextToken value in a subsequent call. If this parameter is not - * used, the operation returns up to 50 results and a - * NextToken value, if applicable.

    + * used, the operation returns up to 10 results and a NextToken value, if + * applicable.

    */ MaxResults?: number; @@ -1901,22 +1959,25 @@ export interface StepScalingPolicyConfiguration { * and a default value of 300 for the following scalable targets:

    * */ ResourceId?: string; @@ -2634,7 +2703,7 @@ export interface DescribeScheduledActionsRequest { * *
  • *

    - * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

    + * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

    *
    • *
  • *

    @@ -2662,7 +2731,7 @@ export interface DescribeScheduledActionsRequest { *

    • *
  • *

    - * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

    + * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

    *
    • *
  • *

    @@ -2700,6 +2769,10 @@ export interface DescribeScheduledActionsRequest { *

    * elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

    *
    • + *
  • + *

    + * neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

    + *
    • * */ ScalableDimension?: ScalableDimension | string; @@ -2824,7 +2897,7 @@ export interface ScheduledAction { * and service name. Example: service/default/sample-webapp.

    * *
  • - *

    Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the + *

    Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the * Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

    *
    • *
  • @@ -2848,7 +2921,7 @@ export interface ScheduledAction { * Example: cluster:my-db-cluster.

    *
    • *
  • - *

    Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. + *

    SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. * Example: endpoint/my-end-point/variant/KMeansClustering.

    *
    • *
  • @@ -2878,6 +2951,9 @@ export interface ScheduledAction { *

    Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name. * Example: replication-group/mycluster.

    *
    • + *
  • + *

    Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

    + *
    • * */ ResourceId: string | undefined; @@ -2895,7 +2971,7 @@ export interface ScheduledAction { * *
  • *

    - * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

    + * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

    *
    • *
  • *

    @@ -2923,7 +2999,7 @@ export interface ScheduledAction { *

    • *
  • *

    - * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

    + * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

    *
    • *
  • *

    @@ -2961,6 +3037,10 @@ export interface ScheduledAction { *

    * elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

    *
    • + *
  • + *

    + * neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

    + *
    • * */ ScalableDimension?: ScalableDimension | string; @@ -3059,7 +3139,7 @@ export interface PutScalingPolicyRequest { * and service name. Example: service/default/sample-webapp.

    * *
  • - *

    Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the + *

    Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the * Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

    *
    • *
  • @@ -3083,7 +3163,7 @@ export interface PutScalingPolicyRequest { * Example: cluster:my-db-cluster.

    *
    • *
  • - *

    Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. + *

    SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. * Example: endpoint/my-end-point/variant/KMeansClustering.

    *
    • *
  • @@ -3113,6 +3193,9 @@ export interface PutScalingPolicyRequest { *

    Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name. * Example: replication-group/mycluster.

    *
    • + *
  • + *

    Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

    + *
    • * */ ResourceId: string | undefined; @@ -3130,7 +3213,7 @@ export interface PutScalingPolicyRequest { * *
  • *

    - * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

    + * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

    *
    • *
  • *

    @@ -3158,7 +3241,7 @@ export interface PutScalingPolicyRequest { *

    • *
  • *

    - * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

    + * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

    *
    • *
  • *

    @@ -3196,6 +3279,10 @@ export interface PutScalingPolicyRequest { *

    * elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

    *
    • + *
  • + *

    + * neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

    + *
    • * */ ScalableDimension: ScalableDimension | string | undefined; @@ -3206,8 +3293,8 @@ export interface PutScalingPolicyRequest { *

    * TargetTrackingScaling—Not supported for Amazon EMR

    *

    - * StepScaling—Not supported for DynamoDB, Amazon Comprehend, Lambda, Amazon Keyspaces (for Apache - * Cassandra), Amazon MSK, or Amazon ElastiCache for Redis.

    + * StepScaling—Not supported for DynamoDB, Amazon Comprehend, Lambda, Amazon Keyspaces, Amazon MSK, Amazon ElastiCache, or + * Neptune.

    *

    For more information, see Target * tracking scaling policies and Step scaling policies in the Application Auto Scaling User Guide.

    */ @@ -3315,7 +3402,7 @@ export interface PutScheduledActionRequest { * and service name. Example: service/default/sample-webapp.

    * *
  • - *

    Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the + *

    Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the * Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

    *
    • *
  • @@ -3339,7 +3426,7 @@ export interface PutScheduledActionRequest { * Example: cluster:my-db-cluster.

    *
    • *
  • - *

    Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. + *

    SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. * Example: endpoint/my-end-point/variant/KMeansClustering.

    *
    • *
  • @@ -3369,6 +3456,9 @@ export interface PutScheduledActionRequest { *

    Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name. * Example: replication-group/mycluster.

    *
    • + *
  • + *

    Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

    + *
    • * */ ResourceId: string | undefined; @@ -3386,7 +3476,7 @@ export interface PutScheduledActionRequest { * *
  • *

    - * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

    + * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

    *
    • *
  • *

    @@ -3414,7 +3504,7 @@ export interface PutScheduledActionRequest { *

    • *
  • *

    - * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

    + * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

    *
    • *
  • *

    @@ -3452,6 +3542,10 @@ export interface PutScheduledActionRequest { *

    * elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

    *
    • + *
  • + *

    + * neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

    + *
    • * */ ScalableDimension: ScalableDimension | string | undefined; @@ -3511,7 +3605,7 @@ export interface RegisterScalableTargetRequest { * and service name. Example: service/default/sample-webapp.

    * *
  • - *

    Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the + *

    Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the * Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

    *
    • *
  • @@ -3535,7 +3629,7 @@ export interface RegisterScalableTargetRequest { * Example: cluster:my-db-cluster.

    *
    • *
  • - *

    Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. + *

    SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID. * Example: endpoint/my-end-point/variant/KMeansClustering.

    *
    • *
  • @@ -3565,6 +3659,9 @@ export interface RegisterScalableTargetRequest { *

    Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name. * Example: replication-group/mycluster.

    *
    • + *
  • + *

    Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

    + *
    • * */ ResourceId: string | undefined; @@ -3583,7 +3680,7 @@ export interface RegisterScalableTargetRequest { * *
  • *

    - * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

    + * ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

    *
    • *
  • *

    @@ -3611,7 +3708,7 @@ export interface RegisterScalableTargetRequest { *

    • *
  • *

    - * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

    + * sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

    *
    • *
  • *

    @@ -3649,6 +3746,10 @@ export interface RegisterScalableTargetRequest { *

    * elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

    *
    • + *
  • + *

    + * neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

    + *
    • * */ ScalableDimension: ScalableDimension | string | undefined; diff --git a/clients/client-backup/src/Backup.ts b/clients/client-backup/src/Backup.ts index 708f04fd73a3..45bf19a113b7 100644 --- a/clients/client-backup/src/Backup.ts +++ b/clients/client-backup/src/Backup.ts @@ -46,6 +46,11 @@ import { DeleteBackupVaultCommandInput, DeleteBackupVaultCommandOutput, } from "./commands/DeleteBackupVaultCommand"; +import { + DeleteBackupVaultLockConfigurationCommand, + DeleteBackupVaultLockConfigurationCommandInput, + DeleteBackupVaultLockConfigurationCommandOutput, +} from "./commands/DeleteBackupVaultLockConfigurationCommand"; import { DeleteBackupVaultNotificationsCommand, DeleteBackupVaultNotificationsCommandInput, @@ -247,6 +252,11 @@ import { PutBackupVaultAccessPolicyCommandInput, PutBackupVaultAccessPolicyCommandOutput, } from "./commands/PutBackupVaultAccessPolicyCommand"; +import { + PutBackupVaultLockConfigurationCommand, + PutBackupVaultLockConfigurationCommandInput, + PutBackupVaultLockConfigurationCommandOutput, +} from "./commands/PutBackupVaultLockConfigurationCommand"; import { PutBackupVaultNotificationsCommand, PutBackupVaultNotificationsCommandInput, @@ -472,8 +482,7 @@ export class Backup extends BackupClient { *

    Creates a framework with one or more controls. A framework is a collection of controls * that you can use to evaluate your backup practices. By using pre-built customizable * controls to define your policies, you can evaluate whether your backup practices comply - * with your policies. To get insights into the compliance status of your frameworks, you can - * set up automatic daily reports.

    + * with your policies and which resources are not yet in compliance.

    */ public createFramework( args: CreateFrameworkCommandInput, @@ -671,6 +680,43 @@ export class Backup extends BackupClient { } } + /** + *

    Deletes Backup Vault Lock from a backup vault specified by a backup vault + * name.

    + *

    If the Vault Lock configuration is immutable, then you cannot delete Vault Lock using + * API operations, and you will receive an InvalidRequestException if you attempt + * to do so. For more information, see Vault Lock in the + * Backup Developer Guide.

    + */ + public deleteBackupVaultLockConfiguration( + args: DeleteBackupVaultLockConfigurationCommandInput, + options?: __HttpHandlerOptions + ): Promise; + public deleteBackupVaultLockConfiguration( + args: DeleteBackupVaultLockConfigurationCommandInput, + cb: (err: any, data?: DeleteBackupVaultLockConfigurationCommandOutput) => void + ): void; + public deleteBackupVaultLockConfiguration( + args: DeleteBackupVaultLockConfigurationCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: DeleteBackupVaultLockConfigurationCommandOutput) => void + ): void; + public deleteBackupVaultLockConfiguration( + args: DeleteBackupVaultLockConfigurationCommandInput, + optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: DeleteBackupVaultLockConfigurationCommandOutput) => void), + cb?: (err: any, data?: DeleteBackupVaultLockConfigurationCommandOutput) => void + ): Promise | void { + const command = new DeleteBackupVaultLockConfigurationCommand(args); + if (typeof optionsOrCb === "function") { + this.send(command, optionsOrCb); + } else if (typeof cb === "function") { + if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`); + this.send(command, optionsOrCb || {}, cb); + } else { + return this.send(command, optionsOrCb); + } + } + /** *

    Deletes event notifications for the specified backup vault.

    */ @@ -2017,6 +2063,42 @@ export class Backup extends BackupClient { } } + /** + *

    Applies Backup Vault Lock to a backup vault, preventing attempts to delete + * any recovery point stored in or created in a backup vault. Vault Lock also prevents + * attempts to update the lifecycle policy that controls the retention period of any recovery + * point currently stored in a backup vault. If specified, Vault Lock enforces a minimum and + * maximum retention period for future backup and copy jobs that target a backup vault.

    + */ + public putBackupVaultLockConfiguration( + args: PutBackupVaultLockConfigurationCommandInput, + options?: __HttpHandlerOptions + ): Promise; + public putBackupVaultLockConfiguration( + args: PutBackupVaultLockConfigurationCommandInput, + cb: (err: any, data?: PutBackupVaultLockConfigurationCommandOutput) => void + ): void; + public putBackupVaultLockConfiguration( + args: PutBackupVaultLockConfigurationCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: PutBackupVaultLockConfigurationCommandOutput) => void + ): void; + public putBackupVaultLockConfiguration( + args: PutBackupVaultLockConfigurationCommandInput, + optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: PutBackupVaultLockConfigurationCommandOutput) => void), + cb?: (err: any, data?: PutBackupVaultLockConfigurationCommandOutput) => void + ): Promise | void { + const command = new PutBackupVaultLockConfigurationCommand(args); + if (typeof optionsOrCb === "function") { + this.send(command, optionsOrCb); + } else if (typeof cb === "function") { + if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`); + this.send(command, optionsOrCb || {}, cb); + } else { + return this.send(command, optionsOrCb); + } + } + /** *

    Turns on notifications on a backup vault for the specified topic and events.

    */ diff --git a/clients/client-backup/src/BackupClient.ts b/clients/client-backup/src/BackupClient.ts index a6837dc69be9..245728db3f36 100644 --- a/clients/client-backup/src/BackupClient.ts +++ b/clients/client-backup/src/BackupClient.ts @@ -67,6 +67,10 @@ import { DeleteBackupVaultAccessPolicyCommandOutput, } from "./commands/DeleteBackupVaultAccessPolicyCommand"; import { DeleteBackupVaultCommandInput, DeleteBackupVaultCommandOutput } from "./commands/DeleteBackupVaultCommand"; +import { + DeleteBackupVaultLockConfigurationCommandInput, + DeleteBackupVaultLockConfigurationCommandOutput, +} from "./commands/DeleteBackupVaultLockConfigurationCommand"; import { DeleteBackupVaultNotificationsCommandInput, DeleteBackupVaultNotificationsCommandOutput, @@ -174,6 +178,10 @@ import { PutBackupVaultAccessPolicyCommandInput, PutBackupVaultAccessPolicyCommandOutput, } from "./commands/PutBackupVaultAccessPolicyCommand"; +import { + PutBackupVaultLockConfigurationCommandInput, + PutBackupVaultLockConfigurationCommandOutput, +} from "./commands/PutBackupVaultLockConfigurationCommand"; import { PutBackupVaultNotificationsCommandInput, PutBackupVaultNotificationsCommandOutput, @@ -212,6 +220,7 @@ export type ServiceInputTypes = | DeleteBackupSelectionCommandInput | DeleteBackupVaultAccessPolicyCommandInput | DeleteBackupVaultCommandInput + | DeleteBackupVaultLockConfigurationCommandInput | DeleteBackupVaultNotificationsCommandInput | DeleteFrameworkCommandInput | DeleteRecoveryPointCommandInput @@ -253,6 +262,7 @@ export type ServiceInputTypes = | ListRestoreJobsCommandInput | ListTagsCommandInput | PutBackupVaultAccessPolicyCommandInput + | PutBackupVaultLockConfigurationCommandInput | PutBackupVaultNotificationsCommandInput | StartBackupJobCommandInput | StartCopyJobCommandInput @@ -278,6 +288,7 @@ export type ServiceOutputTypes = | DeleteBackupSelectionCommandOutput | DeleteBackupVaultAccessPolicyCommandOutput | DeleteBackupVaultCommandOutput + | DeleteBackupVaultLockConfigurationCommandOutput | DeleteBackupVaultNotificationsCommandOutput | DeleteFrameworkCommandOutput | DeleteRecoveryPointCommandOutput @@ -319,6 +330,7 @@ export type ServiceOutputTypes = | ListRestoreJobsCommandOutput | ListTagsCommandOutput | PutBackupVaultAccessPolicyCommandOutput + | PutBackupVaultLockConfigurationCommandOutput | PutBackupVaultNotificationsCommandOutput | StartBackupJobCommandOutput | StartCopyJobCommandOutput diff --git a/clients/client-backup/src/commands/CreateFrameworkCommand.ts b/clients/client-backup/src/commands/CreateFrameworkCommand.ts index d68eb7300537..7bb340114216 100644 --- a/clients/client-backup/src/commands/CreateFrameworkCommand.ts +++ b/clients/client-backup/src/commands/CreateFrameworkCommand.ts @@ -25,8 +25,7 @@ export interface CreateFrameworkCommandOutput extends CreateFrameworkOutput, __M *

    Creates a framework with one or more controls. A framework is a collection of controls * that you can use to evaluate your backup practices. By using pre-built customizable * controls to define your policies, you can evaluate whether your backup practices comply - * with your policies. To get insights into the compliance status of your frameworks, you can - * set up automatic daily reports.

    + * with your policies and which resources are not yet in compliance.

    * @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-backup/src/commands/DeleteBackupVaultLockConfigurationCommand.ts b/clients/client-backup/src/commands/DeleteBackupVaultLockConfigurationCommand.ts new file mode 100644 index 000000000000..0d33985e70ad --- /dev/null +++ b/clients/client-backup/src/commands/DeleteBackupVaultLockConfigurationCommand.ts @@ -0,0 +1,106 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { BackupClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../BackupClient"; +import { DeleteBackupVaultLockConfigurationInput } from "../models/models_0"; +import { + deserializeAws_restJson1DeleteBackupVaultLockConfigurationCommand, + serializeAws_restJson1DeleteBackupVaultLockConfigurationCommand, +} from "../protocols/Aws_restJson1"; + +export interface DeleteBackupVaultLockConfigurationCommandInput extends DeleteBackupVaultLockConfigurationInput {} +export interface DeleteBackupVaultLockConfigurationCommandOutput extends __MetadataBearer {} + +/** + *

    Deletes Backup Vault Lock from a backup vault specified by a backup vault + * name.

    + *

    If the Vault Lock configuration is immutable, then you cannot delete Vault Lock using + * API operations, and you will receive an InvalidRequestException if you attempt + * to do so. For more information, see Vault Lock in the + * Backup Developer Guide.

    + * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { BackupClient, DeleteBackupVaultLockConfigurationCommand } from "@aws-sdk/client-backup"; // ES Modules import + * // const { BackupClient, DeleteBackupVaultLockConfigurationCommand } = require("@aws-sdk/client-backup"); // CommonJS import + * const client = new BackupClient(config); + * const command = new DeleteBackupVaultLockConfigurationCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link DeleteBackupVaultLockConfigurationCommandInput} for command's `input` shape. + * @see {@link DeleteBackupVaultLockConfigurationCommandOutput} for command's `response` shape. + * @see {@link BackupClientResolvedConfig | config} for command's `input` shape. + * + */ +export class DeleteBackupVaultLockConfigurationCommand extends $Command< + DeleteBackupVaultLockConfigurationCommandInput, + DeleteBackupVaultLockConfigurationCommandOutput, + BackupClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: DeleteBackupVaultLockConfigurationCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStack, + configuration: BackupClientResolvedConfig, + options?: __HttpHandlerOptions + ): Handler { + this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); + + const stack = clientStack.concat(this.middlewareStack); + + const { logger } = configuration; + const clientName = "BackupClient"; + const commandName = "DeleteBackupVaultLockConfigurationCommand"; + const handlerExecutionContext: HandlerExecutionContext = { + logger, + clientName, + commandName, + inputFilterSensitiveLog: DeleteBackupVaultLockConfigurationInput.filterSensitiveLog, + outputFilterSensitiveLog: (output: any) => output, + }; + const { requestHandler } = configuration; + return stack.resolve( + (request: FinalizeHandlerArguments) => + requestHandler.handle(request.request as __HttpRequest, options || {}), + handlerExecutionContext + ); + } + + private serialize( + input: DeleteBackupVaultLockConfigurationCommandInput, + context: __SerdeContext + ): Promise<__HttpRequest> { + return serializeAws_restJson1DeleteBackupVaultLockConfigurationCommand(input, context); + } + + private deserialize( + output: __HttpResponse, + context: __SerdeContext + ): Promise { + return deserializeAws_restJson1DeleteBackupVaultLockConfigurationCommand(output, context); + } + + // Start section: command_body_extra + // End section: command_body_extra +} diff --git a/clients/client-backup/src/commands/PutBackupVaultLockConfigurationCommand.ts b/clients/client-backup/src/commands/PutBackupVaultLockConfigurationCommand.ts new file mode 100644 index 000000000000..0daca925c669 --- /dev/null +++ b/clients/client-backup/src/commands/PutBackupVaultLockConfigurationCommand.ts @@ -0,0 +1,105 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { BackupClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../BackupClient"; +import { PutBackupVaultLockConfigurationInput } from "../models/models_0"; +import { + deserializeAws_restJson1PutBackupVaultLockConfigurationCommand, + serializeAws_restJson1PutBackupVaultLockConfigurationCommand, +} from "../protocols/Aws_restJson1"; + +export interface PutBackupVaultLockConfigurationCommandInput extends PutBackupVaultLockConfigurationInput {} +export interface PutBackupVaultLockConfigurationCommandOutput extends __MetadataBearer {} + +/** + *

    Applies Backup Vault Lock to a backup vault, preventing attempts to delete + * any recovery point stored in or created in a backup vault. Vault Lock also prevents + * attempts to update the lifecycle policy that controls the retention period of any recovery + * point currently stored in a backup vault. If specified, Vault Lock enforces a minimum and + * maximum retention period for future backup and copy jobs that target a backup vault.

    + * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { BackupClient, PutBackupVaultLockConfigurationCommand } from "@aws-sdk/client-backup"; // ES Modules import + * // const { BackupClient, PutBackupVaultLockConfigurationCommand } = require("@aws-sdk/client-backup"); // CommonJS import + * const client = new BackupClient(config); + * const command = new PutBackupVaultLockConfigurationCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link PutBackupVaultLockConfigurationCommandInput} for command's `input` shape. + * @see {@link PutBackupVaultLockConfigurationCommandOutput} for command's `response` shape. + * @see {@link BackupClientResolvedConfig | config} for command's `input` shape. + * + */ +export class PutBackupVaultLockConfigurationCommand extends $Command< + PutBackupVaultLockConfigurationCommandInput, + PutBackupVaultLockConfigurationCommandOutput, + BackupClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: PutBackupVaultLockConfigurationCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStack, + configuration: BackupClientResolvedConfig, + options?: __HttpHandlerOptions + ): Handler { + this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); + + const stack = clientStack.concat(this.middlewareStack); + + const { logger } = configuration; + const clientName = "BackupClient"; + const commandName = "PutBackupVaultLockConfigurationCommand"; + const handlerExecutionContext: HandlerExecutionContext = { + logger, + clientName, + commandName, + inputFilterSensitiveLog: PutBackupVaultLockConfigurationInput.filterSensitiveLog, + outputFilterSensitiveLog: (output: any) => output, + }; + const { requestHandler } = configuration; + return stack.resolve( + (request: FinalizeHandlerArguments) => + requestHandler.handle(request.request as __HttpRequest, options || {}), + handlerExecutionContext + ); + } + + private serialize( + input: PutBackupVaultLockConfigurationCommandInput, + context: __SerdeContext + ): Promise<__HttpRequest> { + return serializeAws_restJson1PutBackupVaultLockConfigurationCommand(input, context); + } + + private deserialize( + output: __HttpResponse, + context: __SerdeContext + ): Promise { + return deserializeAws_restJson1PutBackupVaultLockConfigurationCommand(output, context); + } + + // Start section: command_body_extra + // End section: command_body_extra +} diff --git a/clients/client-backup/src/index.ts b/clients/client-backup/src/index.ts index 0c2878b64c0b..ce701c31db94 100644 --- a/clients/client-backup/src/index.ts +++ b/clients/client-backup/src/index.ts @@ -9,6 +9,7 @@ export * from "./commands/DeleteBackupPlanCommand"; export * from "./commands/DeleteBackupSelectionCommand"; export * from "./commands/DeleteBackupVaultCommand"; export * from "./commands/DeleteBackupVaultAccessPolicyCommand"; +export * from "./commands/DeleteBackupVaultLockConfigurationCommand"; export * from "./commands/DeleteBackupVaultNotificationsCommand"; export * from "./commands/DeleteFrameworkCommand"; export * from "./commands/DeleteRecoveryPointCommand"; @@ -65,6 +66,7 @@ export * from "./pagination/ListRestoreJobsPaginator"; export * from "./commands/ListTagsCommand"; export * from "./pagination/ListTagsPaginator"; export * from "./commands/PutBackupVaultAccessPolicyCommand"; +export * from "./commands/PutBackupVaultLockConfigurationCommand"; export * from "./commands/PutBackupVaultNotificationsCommand"; export * from "./commands/StartBackupJobCommand"; export * from "./commands/StartCopyJobCommand"; diff --git a/clients/client-backup/src/models/models_0.ts b/clients/client-backup/src/models/models_0.ts index 6429d4613590..b8329180cde9 100644 --- a/clients/client-backup/src/models/models_0.ts +++ b/clients/client-backup/src/models/models_0.ts @@ -535,8 +535,7 @@ export namespace BackupRuleInput { /** *

    Contains an optional backup plan display name and an array of BackupRule * objects, each of which specifies a backup rule. Each rule in a backup plan is a separate - * scheduled task and can back up a different selection of Amazon Web Services resources. - *

    + * scheduled task.

    */ export interface BackupPlanInput { /** @@ -848,6 +847,51 @@ export interface BackupVaultListMember { *

    The number of recovery points that are stored in a backup vault.

    */ NumberOfRecoveryPoints?: number; + + /** + *

    A Boolean value that indicates whether Backup Vault Lock applies to the + * selected backup vault. If true, Vault Lock prevents delete and update + * operations on the recovery points in the selected vault.

    + */ + Locked?: boolean; + + /** + *

    The Backup Vault Lock setting that specifies the minimum retention period + * that the vault retains its recovery points. If this parameter is not specified, Vault Lock + * does not enforce a minimum retention period.

    + *

    If specified, any backup or copy job to the vault must have a lifecycle policy with a + * retention period equal to or longer than the minimum retention period. If the job's + * retention period is shorter than that minimum retention period, then the vault fails the + * backup or copy job, and you should either modify your lifecycle settings or use a different + * vault. Recovery points already stored in the vault prior to Vault Lock are not + * affected.

    + */ + MinRetentionDays?: number; + + /** + *

    The Backup Vault Lock setting that specifies the maximum retention period + * that the vault retains its recovery points. If this parameter is not specified, Vault Lock + * does not enforce a maximum retention period on the recovery points in the vault (allowing + * indefinite storage).

    + *

    If specified, any backup or copy job to the vault must have a lifecycle policy with a + * retention period equal to or shorter than the maximum retention period. If the job's + * retention period is longer than that maximum retention period, then the vault fails the + * backup or copy job, and you should either modify your lifecycle settings or use a different + * vault. Recovery points already stored in the vault prior to Vault Lock are not + * affected.

    + */ + MaxRetentionDays?: number; + + /** + *

    The date and time when Backup Vault Lock configuration becomes immutable, + * meaning it cannot be changed or deleted.

    + *

    If you applied Vault Lock to your vault without specifying a lock date, you can change + * your Vault Lock settings, or delete Vault Lock from the vault entirely, at any time.

    + *

    This value is in Unix format, Coordinated Universal Time (UTC), and accurate to + * milliseconds. For example, the value 1516925490.087 represents Friday, January 26, 2018 + * 12:11:30.087 AM.

    + */ + LockDate?: Date; } export namespace BackupVaultListMember { @@ -901,7 +945,14 @@ export interface ConflictException extends __SmithyException, $MetadataBearer { $fault: "client"; Code?: string; Message?: string; + /** + *

    + */ Type?: string; + + /** + *

    + */ Context?: string; } @@ -954,8 +1005,8 @@ export namespace ControlInputParameter { */ export interface ControlScope { /** - *

    Describes whether the control scope includes a specific resource identified by its - * unique Amazon Resource Name (ARN).

    + *

    The ID of the only Amazon Web Services resource that you want your control scope to + * contain.

    */ ComplianceResourceIds?: string[]; @@ -1545,10 +1596,21 @@ export interface ReportSetting { *

    Identifies the report template for the report. Reports are built using a report * template. The report templates are:

    *

    - * BACKUP_JOB_REPORT | COPY_JOB_REPORT | RESTORE_JOB_REPORT + * RESOURCE_COMPLIANCE_REPORT | CONTROL_COMPLIANCE_REPORT | BACKUP_JOB_REPORT | + * COPY_JOB_REPORT | RESTORE_JOB_REPORT *

    */ ReportTemplate: string | undefined; + + /** + *

    The Amazon Resource Names (ARNs) of the frameworks a report covers.

    + */ + FrameworkArns?: string[]; + + /** + *

    The number of frameworks a report covers.

    + */ + NumberOfFrameworks?: number; } export namespace ReportSetting { @@ -1584,13 +1646,17 @@ export interface CreateReportPlanInput { *

    Identifies the report template for the report. Reports are built using a report * template. The report templates are:

    *

    - * BACKUP_JOB_REPORT | COPY_JOB_REPORT | RESTORE_JOB_REPORT + * RESOURCE_COMPLIANCE_REPORT | CONTROL_COMPLIANCE_REPORT | BACKUP_JOB_REPORT | + * COPY_JOB_REPORT | RESTORE_JOB_REPORT *

    + *

    If the report template is RESOURCE_COMPLIANCE_REPORT or + * CONTROL_COMPLIANCE_REPORT, this API resource also describes the report + * coverage by Amazon Web Services Regions and frameworks.

    */ ReportSetting: ReportSetting | undefined; /** - *

    Metadata that you can assign to help organize the frameworks that you create. Each tag + *

    Metadata that you can assign to help organize the report plans that you create. Each tag * is a key-value pair.

    */ ReportPlanTags?: { [key: string]: string }; @@ -1623,6 +1689,14 @@ export interface CreateReportPlanOutput { * depends on the resource type.

    */ ReportPlanArn?: string; + + /** + *

    The date and time a backup vault is created, in Unix format and Coordinated Universal + * Time (UTC). The value of CreationTime is accurate to milliseconds. For + * example, the value 1516925490.087 represents Friday, January 26, 2018 12:11:30.087 + * AM.

    + */ + CreationTime?: Date; } export namespace CreateReportPlanOutput { @@ -1803,6 +1877,22 @@ export namespace DeleteBackupVaultAccessPolicyInput { }); } +export interface DeleteBackupVaultLockConfigurationInput { + /** + *

    The name of the backup vault from which to delete Backup Vault Lock.

    + */ + BackupVaultName: string | undefined; +} + +export namespace DeleteBackupVaultLockConfigurationInput { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DeleteBackupVaultLockConfigurationInput): any => ({ + ...obj, + }); +} + export interface DeleteBackupVaultNotificationsInput { /** *

    The name of a logical container where backups are stored. Backup vaults are identified @@ -2147,6 +2237,52 @@ export interface DescribeBackupVaultOutput { *

    The number of recovery points that are stored in a backup vault.

    */ NumberOfRecoveryPoints?: number; + + /** + *

    A Boolean that indicates whether Backup Vault Lock is currently protecting + * the backup vault. True means that Vault Lock causes delete or update + * operations on the recovery points stored in the vault to fail.

    + */ + Locked?: boolean; + + /** + *

    The Backup Vault Lock setting that specifies the minimum retention period + * that the vault retains its recovery points. If this parameter is not specified, Vault Lock + * does not enforce a minimum retention period.

    + *

    If specified, any backup or copy job to the vault must have a lifecycle policy with a + * retention period equal to or longer than the minimum retention period. If the job's + * retention period is shorter than that minimum retention period, then the vault fails the + * backup or copy job, and you should either modify your lifecycle settings or use a different + * vault. Recovery points already stored in the vault prior to Vault Lock are not + * affected.

    + */ + MinRetentionDays?: number; + + /** + *

    The Backup Vault Lock setting that specifies the maximum retention period + * that the vault retains its recovery points. If this parameter is not specified, Vault Lock + * does not enforce a maximum retention period on the recovery points in the vault (allowing + * indefinite storage).

    + *

    If specified, any backup or copy job to the vault must have a lifecycle policy with a + * retention period equal to or shorter than the maximum retention period. If the job's + * retention period is longer than that maximum retention period, then the vault fails the + * backup or copy job, and you should either modify your lifecycle settings or use a different + * vault. Recovery points already stored in the vault prior to Vault Lock are not + * affected.

    + */ + MaxRetentionDays?: number; + + /** + *

    The date and time when Backup Vault Lock configuration cannot be changed or + * deleted.

    + *

    If you applied Vault Lock to your vault without specifying a lock date, you can change + * any of your Vault Lock settings, or delete Vault Lock from the vault entirely, at any + * time.

    + *

    This value is in Unix format, Coordinated Universal Time (UTC), and accurate to + * milliseconds. For example, the value 1516925490.087 represents Friday, January 26, 2018 + * 12:11:30.087 AM.

    + */ + LockDate?: Date; } export namespace DescribeBackupVaultOutput { @@ -2652,7 +2788,8 @@ export interface ReportJob { *

    Identifies the report template for the report. Reports are built using a report * template. The report templates are:

    *

    - * BACKUP_JOB_REPORT | COPY_JOB_REPORT | RESTORE_JOB_REPORT + * RESOURCE_COMPLIANCE_REPORT | CONTROL_COMPLIANCE_REPORT | BACKUP_JOB_REPORT | + * COPY_JOB_REPORT | RESTORE_JOB_REPORT *

    */ ReportTemplate?: string; @@ -2766,8 +2903,12 @@ export interface ReportPlan { *

    Identifies the report template for the report. Reports are built using a report * template. The report templates are:

    *

    - * BACKUP_JOB_REPORT | COPY_JOB_REPORT | RESTORE_JOB_REPORT + * RESOURCE_COMPLIANCE_REPORT | CONTROL_COMPLIANCE_REPORT | BACKUP_JOB_REPORT | + * COPY_JOB_REPORT | RESTORE_JOB_REPORT *

    + *

    If the report template is RESOURCE_COMPLIANCE_REPORT or + * CONTROL_COMPLIANCE_REPORT, this API resource also describes the report + * coverage by Amazon Web Services Regions and frameworks.

    */ ReportSetting?: ReportSetting; @@ -3400,6 +3541,10 @@ export interface GetSupportedResourceTypesOutput { *
      *
    • *

      + * Aurora for Amazon Aurora

      + *
      • + *
    • + *

      * DynamoDB for Amazon DynamoDB

      *
      • *
    • @@ -3416,11 +3561,11 @@ export interface GetSupportedResourceTypesOutput { *
      • *
    • *

      - * RDS for Amazon Relational Database Service

      + * FSX for Amazon FSx

      *
      • *
    • *

      - * Aurora for Amazon Aurora

      + * RDS for Amazon Relational Database Service

      *
      • *
    • *

      @@ -4830,6 +4975,73 @@ export namespace PutBackupVaultAccessPolicyInput { }); } +export interface PutBackupVaultLockConfigurationInput { + /** + *

      The Backup Vault Lock configuration that specifies the name of the backup + * vault it protects.

      + */ + BackupVaultName: string | undefined; + + /** + *

      The Backup Vault Lock configuration that specifies the minimum retention + * period that the vault retains its recovery points. This setting can be useful if, for + * example, your organization's policies require you to retain certain data for at least seven + * years (2555 days).

      + *

      If this parameter is not specified, Vault Lock will not enforce a minimum retention + * period.

      + *

      If this parameter is specified, any backup or copy job to the vault must have a + * lifecycle policy with a retention period equal to or longer than the minimum retention + * period. If the job's retention period is shorter than that minimum retention period, then + * the vault fails that backup or copy job, and you should either modify your lifecycle + * settings or use a different vault. Recovery points already saved in the vault prior to + * Vault Lock are not affected.

      + */ + MinRetentionDays?: number; + + /** + *

      The Backup Vault Lock configuration that specifies the maximum retention + * period that the vault retains its recovery points. This setting can be useful if, for + * example, your organization's policies require you to destroy certain data after retaining + * it for four years (1460 days).

      + *

      If this parameter is not included, Vault Lock does not enforce a maximum retention + * period on the recovery points in the vault. If this parameter is included without a value, + * Vault Lock will not enforce a maximum retention period.

      + *

      If this parameter is specified, any backup or copy job to the vault must have a + * lifecycle policy with a retention period equal to or shorter than the maximum retention + * period. If the job's retention period is longer than that maximum retention period, then + * the vault fails the backup or copy job, and you should either modify your lifecycle + * settings or use a different vault. Recovery points already saved in the vault prior to + * Vault Lock are not affected.

      + */ + MaxRetentionDays?: number; + + /** + *

      The Backup Vault Lock configuration that specifies the number of days before + * the lock date. For example, setting ChangeableForDays to 30 on Jan. 1, 2022 at + * 8pm UTC will set the lock date to Jan. 31, 2022 at 8pm UTC.

      + *

      Backup enforces a 72-hour cooling-off period before Vault Lock takes effect + * and becomes immutable. Therefore, you must set ChangeableForDays to 3 or + * greater.

      + *

      Before the lock date, you can delete Vault Lock from the vault using + * DeleteBackupVaultLockConfiguration or change the Vault Lock configuration + * using PutBackupVaultLockConfiguration. On and after the lock date, the Vault + * Lock becomes immutable and cannot be changed or deleted.

      + *

      If this parameter is not specified, you can delete Vault Lock from the vault using + * DeleteBackupVaultLockConfiguration or change the Vault Lock configuration + * using PutBackupVaultLockConfiguration at any time.

      + */ + ChangeableForDays?: number; +} + +export namespace PutBackupVaultLockConfigurationInput { + /** + * @internal + */ + export const filterSensitiveLog = (obj: PutBackupVaultLockConfigurationInput): any => ({ + ...obj, + }); +} + export interface PutBackupVaultNotificationsInput { /** *

      The name of a logical container where backups are stored. Backup vaults are identified @@ -5569,8 +5781,12 @@ export interface UpdateReportPlanInput { *

      Identifies the report template for the report. Reports are built using a report * template. The report templates are:

      *

      - * BACKUP_JOB_REPORT | COPY_JOB_REPORT | RESTORE_JOB_REPORT + * RESOURCE_COMPLIANCE_REPORT | CONTROL_COMPLIANCE_REPORT | BACKUP_JOB_REPORT | + * COPY_JOB_REPORT | RESTORE_JOB_REPORT *

      + *

      If the report template is RESOURCE_COMPLIANCE_REPORT or + * CONTROL_COMPLIANCE_REPORT, this API resource also describes the report + * coverage by Amazon Web Services Regions and frameworks.

      */ ReportSetting?: ReportSetting; diff --git a/clients/client-backup/src/protocols/Aws_restJson1.ts b/clients/client-backup/src/protocols/Aws_restJson1.ts index f9c9c0358723..10cc4534a781 100644 --- a/clients/client-backup/src/protocols/Aws_restJson1.ts +++ b/clients/client-backup/src/protocols/Aws_restJson1.ts @@ -37,6 +37,10 @@ import { DeleteBackupVaultAccessPolicyCommandOutput, } from "../commands/DeleteBackupVaultAccessPolicyCommand"; import { DeleteBackupVaultCommandInput, DeleteBackupVaultCommandOutput } from "../commands/DeleteBackupVaultCommand"; +import { + DeleteBackupVaultLockConfigurationCommandInput, + DeleteBackupVaultLockConfigurationCommandOutput, +} from "../commands/DeleteBackupVaultLockConfigurationCommand"; import { DeleteBackupVaultNotificationsCommandInput, DeleteBackupVaultNotificationsCommandOutput, @@ -144,6 +148,10 @@ import { PutBackupVaultAccessPolicyCommandInput, PutBackupVaultAccessPolicyCommandOutput, } from "../commands/PutBackupVaultAccessPolicyCommand"; +import { + PutBackupVaultLockConfigurationCommandInput, + PutBackupVaultLockConfigurationCommandOutput, +} from "../commands/PutBackupVaultLockConfigurationCommand"; import { PutBackupVaultNotificationsCommandInput, PutBackupVaultNotificationsCommandOutput, @@ -523,6 +531,36 @@ export const serializeAws_restJson1DeleteBackupVaultAccessPolicyCommand = async }); }; +export const serializeAws_restJson1DeleteBackupVaultLockConfigurationCommand = async ( + input: DeleteBackupVaultLockConfigurationCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const { hostname, protocol = "https", port, path: basePath } = await context.endpoint(); + const headers: any = {}; + let resolvedPath = + `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + + "/backup-vaults/{BackupVaultName}/vault-lock"; + if (input.BackupVaultName !== undefined) { + const labelValue: string = input.BackupVaultName; + if (labelValue.length <= 0) { + throw new Error("Empty value provided for input HTTP label: BackupVaultName."); + } + resolvedPath = resolvedPath.replace("{BackupVaultName}", __extendedEncodeURIComponent(labelValue)); + } else { + throw new Error("No value provided for input HTTP label: BackupVaultName."); + } + let body: any; + return new __HttpRequest({ + protocol, + hostname, + port, + method: "DELETE", + headers, + path: resolvedPath, + body, + }); +}; + export const serializeAws_restJson1DeleteBackupVaultNotificationsCommand = async ( input: DeleteBackupVaultNotificationsCommandInput, context: __SerdeContext @@ -1774,6 +1812,46 @@ export const serializeAws_restJson1PutBackupVaultAccessPolicyCommand = async ( }); }; +export const serializeAws_restJson1PutBackupVaultLockConfigurationCommand = async ( + input: PutBackupVaultLockConfigurationCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const { hostname, protocol = "https", port, path: basePath } = await context.endpoint(); + const headers: any = { + "content-type": "application/json", + }; + let resolvedPath = + `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + + "/backup-vaults/{BackupVaultName}/vault-lock"; + if (input.BackupVaultName !== undefined) { + const labelValue: string = input.BackupVaultName; + if (labelValue.length <= 0) { + throw new Error("Empty value provided for input HTTP label: BackupVaultName."); + } + resolvedPath = resolvedPath.replace("{BackupVaultName}", __extendedEncodeURIComponent(labelValue)); + } else { + throw new Error("No value provided for input HTTP label: BackupVaultName."); + } + let body: any; + body = JSON.stringify({ + ...(input.ChangeableForDays !== undefined && + input.ChangeableForDays !== null && { ChangeableForDays: input.ChangeableForDays }), + ...(input.MaxRetentionDays !== undefined && + input.MaxRetentionDays !== null && { MaxRetentionDays: input.MaxRetentionDays }), + ...(input.MinRetentionDays !== undefined && + input.MinRetentionDays !== null && { MinRetentionDays: input.MinRetentionDays }), + }); + return new __HttpRequest({ + protocol, + hostname, + port, + method: "PUT", + headers, + path: resolvedPath, + body, + }); +}; + export const serializeAws_restJson1PutBackupVaultNotificationsCommand = async ( input: PutBackupVaultNotificationsCommandInput, context: __SerdeContext @@ -2668,10 +2746,14 @@ export const deserializeAws_restJson1CreateReportPlanCommand = async ( } const contents: CreateReportPlanCommandOutput = { $metadata: deserializeMetadata(output), + CreationTime: undefined, ReportPlanArn: undefined, ReportPlanName: undefined, }; const data: { [key: string]: any } = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + if (data.CreationTime !== undefined && data.CreationTime !== null) { + contents.CreationTime = __expectNonNull(__parseEpochTimestamp(__expectNumber(data.CreationTime))); + } if (data.ReportPlanArn !== undefined && data.ReportPlanArn !== null) { contents.ReportPlanArn = __expectString(data.ReportPlanArn); } @@ -3082,6 +3164,89 @@ const deserializeAws_restJson1DeleteBackupVaultAccessPolicyCommandError = async return Promise.reject(Object.assign(new Error(message), response)); }; +export const deserializeAws_restJson1DeleteBackupVaultLockConfigurationCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return deserializeAws_restJson1DeleteBackupVaultLockConfigurationCommandError(output, context); + } + const contents: DeleteBackupVaultLockConfigurationCommandOutput = { + $metadata: deserializeMetadata(output), + }; + await collectBody(output.body, context); + return Promise.resolve(contents); +}; + +const deserializeAws_restJson1DeleteBackupVaultLockConfigurationCommandError = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + const parsedOutput: any = { + ...output, + body: await parseBody(output.body, context), + }; + let response: __SmithyException & __MetadataBearer & { [key: string]: any }; + let errorCode = "UnknownError"; + errorCode = loadRestJsonErrorCode(output, parsedOutput.body); + switch (errorCode) { + case "InvalidParameterValueException": + case "com.amazonaws.backup#InvalidParameterValueException": + response = { + ...(await deserializeAws_restJson1InvalidParameterValueExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "InvalidRequestException": + case "com.amazonaws.backup#InvalidRequestException": + response = { + ...(await deserializeAws_restJson1InvalidRequestExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "MissingParameterValueException": + case "com.amazonaws.backup#MissingParameterValueException": + response = { + ...(await deserializeAws_restJson1MissingParameterValueExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ResourceNotFoundException": + case "com.amazonaws.backup#ResourceNotFoundException": + response = { + ...(await deserializeAws_restJson1ResourceNotFoundExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ServiceUnavailableException": + case "com.amazonaws.backup#ServiceUnavailableException": + response = { + ...(await deserializeAws_restJson1ServiceUnavailableExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + default: + const parsedBody = parsedOutput.body; + errorCode = parsedBody.code || parsedBody.Code || errorCode; + response = { + ...parsedBody, + name: `${errorCode}`, + message: parsedBody.message || parsedBody.Message || errorCode, + $fault: "client", + $metadata: deserializeMetadata(output), + } as any; + } + const message = response.message || response.Message || errorCode; + response.message = message; + delete response.Message; + return Promise.reject(Object.assign(new Error(message), response)); +}; + export const deserializeAws_restJson1DeleteBackupVaultNotificationsCommand = async ( output: __HttpResponse, context: __SerdeContext @@ -3593,6 +3758,10 @@ export const deserializeAws_restJson1DescribeBackupVaultCommand = async ( CreationDate: undefined, CreatorRequestId: undefined, EncryptionKeyArn: undefined, + LockDate: undefined, + Locked: undefined, + MaxRetentionDays: undefined, + MinRetentionDays: undefined, NumberOfRecoveryPoints: undefined, }; const data: { [key: string]: any } = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); @@ -3611,6 +3780,18 @@ export const deserializeAws_restJson1DescribeBackupVaultCommand = async ( if (data.EncryptionKeyArn !== undefined && data.EncryptionKeyArn !== null) { contents.EncryptionKeyArn = __expectString(data.EncryptionKeyArn); } + if (data.LockDate !== undefined && data.LockDate !== null) { + contents.LockDate = __expectNonNull(__parseEpochTimestamp(__expectNumber(data.LockDate))); + } + if (data.Locked !== undefined && data.Locked !== null) { + contents.Locked = __expectBoolean(data.Locked); + } + if (data.MaxRetentionDays !== undefined && data.MaxRetentionDays !== null) { + contents.MaxRetentionDays = __expectLong(data.MaxRetentionDays); + } + if (data.MinRetentionDays !== undefined && data.MinRetentionDays !== null) { + contents.MinRetentionDays = __expectLong(data.MinRetentionDays); + } if (data.NumberOfRecoveryPoints !== undefined && data.NumberOfRecoveryPoints !== null) { contents.NumberOfRecoveryPoints = __expectLong(data.NumberOfRecoveryPoints); } @@ -6607,6 +6788,89 @@ const deserializeAws_restJson1PutBackupVaultAccessPolicyCommandError = async ( return Promise.reject(Object.assign(new Error(message), response)); }; +export const deserializeAws_restJson1PutBackupVaultLockConfigurationCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return deserializeAws_restJson1PutBackupVaultLockConfigurationCommandError(output, context); + } + const contents: PutBackupVaultLockConfigurationCommandOutput = { + $metadata: deserializeMetadata(output), + }; + await collectBody(output.body, context); + return Promise.resolve(contents); +}; + +const deserializeAws_restJson1PutBackupVaultLockConfigurationCommandError = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + const parsedOutput: any = { + ...output, + body: await parseBody(output.body, context), + }; + let response: __SmithyException & __MetadataBearer & { [key: string]: any }; + let errorCode = "UnknownError"; + errorCode = loadRestJsonErrorCode(output, parsedOutput.body); + switch (errorCode) { + case "InvalidParameterValueException": + case "com.amazonaws.backup#InvalidParameterValueException": + response = { + ...(await deserializeAws_restJson1InvalidParameterValueExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "InvalidRequestException": + case "com.amazonaws.backup#InvalidRequestException": + response = { + ...(await deserializeAws_restJson1InvalidRequestExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "MissingParameterValueException": + case "com.amazonaws.backup#MissingParameterValueException": + response = { + ...(await deserializeAws_restJson1MissingParameterValueExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ResourceNotFoundException": + case "com.amazonaws.backup#ResourceNotFoundException": + response = { + ...(await deserializeAws_restJson1ResourceNotFoundExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ServiceUnavailableException": + case "com.amazonaws.backup#ServiceUnavailableException": + response = { + ...(await deserializeAws_restJson1ServiceUnavailableExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + default: + const parsedBody = parsedOutput.body; + errorCode = parsedBody.code || parsedBody.Code || errorCode; + response = { + ...parsedBody, + name: `${errorCode}`, + message: parsedBody.message || parsedBody.Message || errorCode, + $fault: "client", + $metadata: deserializeMetadata(output), + } as any; + } + const message = response.message || response.Message || errorCode; + response.message = message; + delete response.Message; + return Promise.reject(Object.assign(new Error(message), response)); +}; + export const deserializeAws_restJson1PutBackupVaultNotificationsCommand = async ( output: __HttpResponse, context: __SerdeContext @@ -7419,6 +7683,14 @@ const deserializeAws_restJson1UpdateFrameworkCommandError = async ( let errorCode = "UnknownError"; errorCode = loadRestJsonErrorCode(output, parsedOutput.body); switch (errorCode) { + case "AlreadyExistsException": + case "com.amazonaws.backup#AlreadyExistsException": + response = { + ...(await deserializeAws_restJson1AlreadyExistsExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; case "ConflictException": case "com.amazonaws.backup#ConflictException": response = { @@ -8379,6 +8651,12 @@ const serializeAws_restJson1ReportDeliveryChannel = (input: ReportDeliveryChanne const serializeAws_restJson1ReportSetting = (input: ReportSetting, context: __SerdeContext): any => { return { + ...(input.FrameworkArns !== undefined && + input.FrameworkArns !== null && { + FrameworkArns: serializeAws_restJson1stringList(input.FrameworkArns, context), + }), + ...(input.NumberOfFrameworks !== undefined && + input.NumberOfFrameworks !== null && { NumberOfFrameworks: input.NumberOfFrameworks }), ...(input.ReportTemplate !== undefined && input.ReportTemplate !== null && { ReportTemplate: input.ReportTemplate }), }; @@ -8421,6 +8699,17 @@ const serializeAws_restJson1ResourceTypeOptInPreference = ( }, {}); }; +const serializeAws_restJson1stringList = (input: string[], context: __SerdeContext): any => { + return input + .filter((e: any) => e != null) + .map((entry) => { + if (entry === null) { + return null as any; + } + return entry; + }); +}; + const serializeAws_restJson1stringMap = (input: { [key: string]: string }, context: __SerdeContext): any => { return Object.entries(input).reduce((acc: { [key: string]: any }, [key, value]: [string, any]) => { if (value === null) { @@ -8751,6 +9040,13 @@ const deserializeAws_restJson1BackupVaultListMember = (output: any, context: __S : undefined, CreatorRequestId: __expectString(output.CreatorRequestId), EncryptionKeyArn: __expectString(output.EncryptionKeyArn), + LockDate: + output.LockDate !== undefined && output.LockDate !== null + ? __expectNonNull(__parseEpochTimestamp(__expectNumber(output.LockDate))) + : undefined, + Locked: __expectBoolean(output.Locked), + MaxRetentionDays: __expectLong(output.MaxRetentionDays), + MinRetentionDays: __expectLong(output.MinRetentionDays), NumberOfRecoveryPoints: __expectLong(output.NumberOfRecoveryPoints), } as any; }; @@ -9206,6 +9502,11 @@ const deserializeAws_restJson1ReportPlanList = (output: any, context: __SerdeCon const deserializeAws_restJson1ReportSetting = (output: any, context: __SerdeContext): ReportSetting => { return { + FrameworkArns: + output.FrameworkArns !== undefined && output.FrameworkArns !== null + ? deserializeAws_restJson1stringList(output.FrameworkArns, context) + : undefined, + NumberOfFrameworks: __expectInt32(output.NumberOfFrameworks), ReportTemplate: __expectString(output.ReportTemplate), } as any; }; diff --git a/clients/client-chime/src/commands/GetSipMediaApplicationCommand.ts b/clients/client-chime/src/commands/GetSipMediaApplicationCommand.ts index c6d7c0fa51c5..c855df9da8e7 100644 --- a/clients/client-chime/src/commands/GetSipMediaApplicationCommand.ts +++ b/clients/client-chime/src/commands/GetSipMediaApplicationCommand.ts @@ -12,7 +12,8 @@ import { } from "@aws-sdk/types"; import { ChimeClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../ChimeClient"; -import { GetSipMediaApplicationRequest, GetSipMediaApplicationResponse } from "../models/models_0"; +import { GetSipMediaApplicationRequest } from "../models/models_0"; +import { GetSipMediaApplicationResponse } from "../models/models_1"; import { deserializeAws_restJson1GetSipMediaApplicationCommand, serializeAws_restJson1GetSipMediaApplicationCommand, diff --git a/clients/client-chime/src/commands/GetSipMediaApplicationLoggingConfigurationCommand.ts b/clients/client-chime/src/commands/GetSipMediaApplicationLoggingConfigurationCommand.ts index 9f59955a608d..c6fc99b419c3 100644 --- a/clients/client-chime/src/commands/GetSipMediaApplicationLoggingConfigurationCommand.ts +++ b/clients/client-chime/src/commands/GetSipMediaApplicationLoggingConfigurationCommand.ts @@ -15,7 +15,7 @@ import { ChimeClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from import { GetSipMediaApplicationLoggingConfigurationRequest, GetSipMediaApplicationLoggingConfigurationResponse, -} from "../models/models_0"; +} from "../models/models_1"; import { deserializeAws_restJson1GetSipMediaApplicationLoggingConfigurationCommand, serializeAws_restJson1GetSipMediaApplicationLoggingConfigurationCommand, diff --git a/clients/client-chime/src/commands/GetSipRuleCommand.ts b/clients/client-chime/src/commands/GetSipRuleCommand.ts index ebbff6958bc3..6311c3893391 100644 --- a/clients/client-chime/src/commands/GetSipRuleCommand.ts +++ b/clients/client-chime/src/commands/GetSipRuleCommand.ts @@ -12,7 +12,7 @@ import { } from "@aws-sdk/types"; import { ChimeClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../ChimeClient"; -import { GetSipRuleRequest, GetSipRuleResponse } from "../models/models_0"; +import { GetSipRuleRequest, GetSipRuleResponse } from "../models/models_1"; import { deserializeAws_restJson1GetSipRuleCommand, serializeAws_restJson1GetSipRuleCommand, diff --git a/clients/client-chime/src/commands/GetUserCommand.ts b/clients/client-chime/src/commands/GetUserCommand.ts index 3f36d891da2d..82ed9e6deb2f 100644 --- a/clients/client-chime/src/commands/GetUserCommand.ts +++ b/clients/client-chime/src/commands/GetUserCommand.ts @@ -12,7 +12,7 @@ import { } from "@aws-sdk/types"; import { ChimeClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../ChimeClient"; -import { GetUserRequest, GetUserResponse } from "../models/models_0"; +import { GetUserRequest, GetUserResponse } from "../models/models_1"; import { deserializeAws_restJson1GetUserCommand, serializeAws_restJson1GetUserCommand, diff --git a/clients/client-chime/src/commands/GetUserSettingsCommand.ts b/clients/client-chime/src/commands/GetUserSettingsCommand.ts index 33706584767a..c9cbbfd4090b 100644 --- a/clients/client-chime/src/commands/GetUserSettingsCommand.ts +++ b/clients/client-chime/src/commands/GetUserSettingsCommand.ts @@ -12,8 +12,7 @@ import { } from "@aws-sdk/types"; import { ChimeClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../ChimeClient"; -import { GetUserSettingsRequest } from "../models/models_0"; -import { GetUserSettingsResponse } from "../models/models_1"; +import { GetUserSettingsRequest, GetUserSettingsResponse } from "../models/models_1"; import { deserializeAws_restJson1GetUserSettingsCommand, serializeAws_restJson1GetUserSettingsCommand, diff --git a/clients/client-chime/src/models/models_0.ts b/clients/client-chime/src/models/models_0.ts index d0e822fdb16e..056deec3f453 100644 --- a/clients/client-chime/src/models/models_0.ts +++ b/clients/client-chime/src/models/models_0.ts @@ -505,6 +505,120 @@ export namespace AppInstanceUserMembershipSummary { }); } +export enum AudioMuxType { + AudioOnly = "AudioOnly", + AudioWithActiveSpeakerVideo = "AudioWithActiveSpeakerVideo", +} + +/** + *

      The audio artifact configuration object.

      + */ +export interface AudioArtifactsConfiguration { + /** + *

      The MUX type of the audio artifact configuration object.

      + */ + MuxType: AudioMuxType | string | undefined; +} + +export namespace AudioArtifactsConfiguration { + /** + * @internal + */ + export const filterSensitiveLog = (obj: AudioArtifactsConfiguration): any => ({ + ...obj, + }); +} + +export enum ContentMuxType { + ContentOnly = "ContentOnly", +} + +export enum ArtifactsState { + Disabled = "Disabled", + Enabled = "Enabled", +} + +/** + *

      The content artifact object.

      + */ +export interface ContentArtifactsConfiguration { + /** + *

      Indicates whether the content artifact is enabled or disabled.

      + */ + State: ArtifactsState | string | undefined; + + /** + *

      The MUX type of the artifact configuration.

      + */ + MuxType?: ContentMuxType | string; +} + +export namespace ContentArtifactsConfiguration { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ContentArtifactsConfiguration): any => ({ + ...obj, + }); +} + +export enum VideoMuxType { + VideoOnly = "VideoOnly", +} + +/** + *

      The video artifact configuration object.

      + */ +export interface VideoArtifactsConfiguration { + /** + *

      Indicates whether the video artifact is enabled or disabled.

      + */ + State: ArtifactsState | string | undefined; + + /** + *

      The MUX type of the video artifact configuration object.

      + */ + MuxType?: VideoMuxType | string; +} + +export namespace VideoArtifactsConfiguration { + /** + * @internal + */ + export const filterSensitiveLog = (obj: VideoArtifactsConfiguration): any => ({ + ...obj, + }); +} + +/** + *

      The configuration for the artifacts.

      + */ +export interface ArtifactsConfiguration { + /** + *

      The configuration for the audio artifacts.

      + */ + Audio: AudioArtifactsConfiguration | undefined; + + /** + *

      The configuration for the video artifacts.

      + */ + Video: VideoArtifactsConfiguration | undefined; + + /** + *

      The configuration for the content artifacts.

      + */ + Content: ContentArtifactsConfiguration | undefined; +} + +export namespace ArtifactsConfiguration { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ArtifactsConfiguration): any => ({ + ...obj, + }); +} + export interface AssociatePhoneNumbersWithVoiceConnectorRequest { /** *

      The Amazon Chime Voice Connector ID.

      @@ -2125,6 +2239,80 @@ export namespace ChannelModeratorSummary { }); } +/** + *

      The video streams to capture for a specified media capture pipeline. The total number of video streams can't exceed 25.

      + */ +export interface SelectedVideoStreams { + /** + *

      The attendee IDs of the streams selected for a media capture pipeline.

      + */ + AttendeeIds?: string[]; + + /** + *

      The external user IDs of the streams selected for a media capture pipeline.

      + */ + ExternalUserIds?: string[]; +} + +export namespace SelectedVideoStreams { + /** + * @internal + */ + export const filterSensitiveLog = (obj: SelectedVideoStreams): any => ({ + ...obj, + ...(obj.ExternalUserIds && { ExternalUserIds: SENSITIVE_STRING }), + }); +} + +/** + *

      Source configuration for a specified media capture pipeline.

      + */ +export interface SourceConfiguration { + /** + *

      The selected video streams to capture for a specified media capture pipeline. The number of video streams can't exceed 25.

      + */ + SelectedVideoStreams?: SelectedVideoStreams; +} + +export namespace SourceConfiguration { + /** + * @internal + */ + export const filterSensitiveLog = (obj: SourceConfiguration): any => ({ + ...obj, + ...(obj.SelectedVideoStreams && { + SelectedVideoStreams: SelectedVideoStreams.filterSensitiveLog(obj.SelectedVideoStreams), + }), + }); +} + +/** + *

      The configuration object of the Amazon Chime SDK meeting for a specified media capture pipeline. SourceType must be ChimeSdkMeeting.

      + */ +export interface ChimeSdkMeetingConfiguration { + /** + *

      The source configuration for a specified media capture pipline.

      + */ + SourceConfiguration?: SourceConfiguration; + + /** + *

      The configuration for the artifacts in an Amazon Chime SDK meeting.

      + */ + ArtifactsConfiguration?: ArtifactsConfiguration; +} + +export namespace ChimeSdkMeetingConfiguration { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ChimeSdkMeetingConfiguration): any => ({ + ...obj, + ...(obj.SourceConfiguration && { + SourceConfiguration: SourceConfiguration.filterSensitiveLog(obj.SourceConfiguration), + }), + }); +} + /** *

      The request could not be processed because of conflict in the current state of the * resource.

      @@ -2704,6 +2892,11 @@ export interface CreateMediaCapturePipelineRequest { *

      The token assigned to the client making the pipeline request.

      */ ClientRequestToken?: string; + + /** + *

      The configuration for a specified media capture pipeline. SourceType must be ChimeSdkMeeting.

      + */ + ChimeSdkMeetingConfiguration?: ChimeSdkMeetingConfiguration; } export namespace CreateMediaCapturePipelineRequest { @@ -2715,6 +2908,9 @@ export namespace CreateMediaCapturePipelineRequest { ...(obj.SourceArn && { SourceArn: SENSITIVE_STRING }), ...(obj.SinkArn && { SinkArn: SENSITIVE_STRING }), ...(obj.ClientRequestToken && { ClientRequestToken: SENSITIVE_STRING }), + ...(obj.ChimeSdkMeetingConfiguration && { + ChimeSdkMeetingConfiguration: ChimeSdkMeetingConfiguration.filterSensitiveLog(obj.ChimeSdkMeetingConfiguration), + }), }); } @@ -2727,7 +2923,7 @@ export enum MediaPipelineStatus { } /** - *

      A media capture pipeline object. A string consisting of an ID, source type, a source ARN, a sink type, and a sink ARN.

      + *

      A media capture pipeline object consisting of an ID, source type, source ARN, a sink type, a sink ARN, and a configuration object.

      */ export interface MediaCapturePipeline { /** @@ -2769,6 +2965,11 @@ export interface MediaCapturePipeline { *

      The time at which the capture pipeline was updated, in ISO 8601 format.

      */ UpdatedTimestamp?: Date; + + /** + *

      The configuration for a specified media capture pipeline. SourceType must be ChimeSdkMeeting.

      + */ + ChimeSdkMeetingConfiguration?: ChimeSdkMeetingConfiguration; } export namespace MediaCapturePipeline { @@ -2779,6 +2980,9 @@ export namespace MediaCapturePipeline { ...obj, ...(obj.SourceArn && { SourceArn: SENSITIVE_STRING }), ...(obj.SinkArn && { SinkArn: SENSITIVE_STRING }), + ...(obj.ChimeSdkMeetingConfiguration && { + ChimeSdkMeetingConfiguration: ChimeSdkMeetingConfiguration.filterSensitiveLog(obj.ChimeSdkMeetingConfiguration), + }), }); } @@ -2959,7 +3163,7 @@ export interface MediaPlacement { TurnControlUrl?: string; /** - *

      The URL of the S3 bucket used to store the captured media.

      + *

      The event ingestion URL.

      */ EventIngestionUrl?: string; } @@ -6686,214 +6890,3 @@ export namespace GetSipMediaApplicationRequest { ...obj, }); } - -export interface GetSipMediaApplicationResponse { - /** - *

      The SIP media application details.

      - */ - SipMediaApplication?: SipMediaApplication; -} - -export namespace GetSipMediaApplicationResponse { - /** - * @internal - */ - export const filterSensitiveLog = (obj: GetSipMediaApplicationResponse): any => ({ - ...obj, - ...(obj.SipMediaApplication && { - SipMediaApplication: SipMediaApplication.filterSensitiveLog(obj.SipMediaApplication), - }), - }); -} - -export interface GetSipMediaApplicationLoggingConfigurationRequest { - /** - *

      The SIP media application ID.

      - */ - SipMediaApplicationId: string | undefined; -} - -export namespace GetSipMediaApplicationLoggingConfigurationRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: GetSipMediaApplicationLoggingConfigurationRequest): any => ({ - ...obj, - }); -} - -/** - *

      Logging configuration of the SIP media application.

      - */ -export interface SipMediaApplicationLoggingConfiguration { - /** - *

      Enables application message logs for the SIP media application.

      - */ - EnableSipMediaApplicationMessageLogs?: boolean; -} - -export namespace SipMediaApplicationLoggingConfiguration { - /** - * @internal - */ - export const filterSensitiveLog = (obj: SipMediaApplicationLoggingConfiguration): any => ({ - ...obj, - }); -} - -export interface GetSipMediaApplicationLoggingConfigurationResponse { - /** - *

      The actual logging configuration.

      - */ - SipMediaApplicationLoggingConfiguration?: SipMediaApplicationLoggingConfiguration; -} - -export namespace GetSipMediaApplicationLoggingConfigurationResponse { - /** - * @internal - */ - export const filterSensitiveLog = (obj: GetSipMediaApplicationLoggingConfigurationResponse): any => ({ - ...obj, - }); -} - -export interface GetSipRuleRequest { - /** - *

      The SIP rule ID.

      - */ - SipRuleId: string | undefined; -} - -export namespace GetSipRuleRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: GetSipRuleRequest): any => ({ - ...obj, - }); -} - -export interface GetSipRuleResponse { - /** - *

      The SIP rule details.

      - */ - SipRule?: SipRule; -} - -export namespace GetSipRuleResponse { - /** - * @internal - */ - export const filterSensitiveLog = (obj: GetSipRuleResponse): any => ({ - ...obj, - }); -} - -export interface GetUserRequest { - /** - *

      The Amazon Chime account ID.

      - */ - AccountId: string | undefined; - - /** - *

      The user ID.

      - */ - UserId: string | undefined; -} - -export namespace GetUserRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: GetUserRequest): any => ({ - ...obj, - }); -} - -export interface GetUserResponse { - /** - *

      The user details.

      - */ - User?: User; -} - -export namespace GetUserResponse { - /** - * @internal - */ - export const filterSensitiveLog = (obj: GetUserResponse): any => ({ - ...obj, - ...(obj.User && { User: User.filterSensitiveLog(obj.User) }), - }); -} - -export interface GetUserSettingsRequest { - /** - *

      The Amazon Chime account ID.

      - */ - AccountId: string | undefined; - - /** - *

      The user ID.

      - */ - UserId: string | undefined; -} - -export namespace GetUserSettingsRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: GetUserSettingsRequest): any => ({ - ...obj, - }); -} - -/** - *

      Settings that allow management of telephony permissions for an Amazon Chime user, such as - * inbound and outbound calling and text messaging.

      - */ -export interface TelephonySettings { - /** - *

      Allows or denies inbound calling.

      - */ - InboundCalling: boolean | undefined; - - /** - *

      Allows or denies outbound calling.

      - */ - OutboundCalling: boolean | undefined; - - /** - *

      Allows or denies SMS messaging.

      - */ - SMS: boolean | undefined; -} - -export namespace TelephonySettings { - /** - * @internal - */ - export const filterSensitiveLog = (obj: TelephonySettings): any => ({ - ...obj, - }); -} - -/** - *

      Settings associated with an Amazon Chime user, including inbound and outbound calling and text - * messaging.

      - */ -export interface UserSettings { - /** - *

      The telephony settings associated with the user.

      - */ - Telephony: TelephonySettings | undefined; -} - -export namespace UserSettings { - /** - * @internal - */ - export const filterSensitiveLog = (obj: UserSettings): any => ({ - ...obj, - }); -} diff --git a/clients/client-chime/src/models/models_1.ts b/clients/client-chime/src/models/models_1.ts index b021fe87cc28..e04c8691da3a 100644 --- a/clients/client-chime/src/models/models_1.ts +++ b/clients/client-chime/src/models/models_1.ts @@ -50,12 +50,10 @@ import { SipMediaApplication, SipMediaApplicationCall, SipMediaApplicationEndpoint, - SipMediaApplicationLoggingConfiguration, SipRule, SipRuleTargetApplication, Tag, User, - UserSettings, UserType, VoiceConnector, VoiceConnectorGroup, @@ -63,6 +61,217 @@ import { VoiceConnectorSettings, } from "./models_0"; +export interface GetSipMediaApplicationResponse { + /** + *

      The SIP media application details.

      + */ + SipMediaApplication?: SipMediaApplication; +} + +export namespace GetSipMediaApplicationResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: GetSipMediaApplicationResponse): any => ({ + ...obj, + ...(obj.SipMediaApplication && { + SipMediaApplication: SipMediaApplication.filterSensitiveLog(obj.SipMediaApplication), + }), + }); +} + +export interface GetSipMediaApplicationLoggingConfigurationRequest { + /** + *

      The SIP media application ID.

      + */ + SipMediaApplicationId: string | undefined; +} + +export namespace GetSipMediaApplicationLoggingConfigurationRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: GetSipMediaApplicationLoggingConfigurationRequest): any => ({ + ...obj, + }); +} + +/** + *

      Logging configuration of the SIP media application.

      + */ +export interface SipMediaApplicationLoggingConfiguration { + /** + *

      Enables application message logs for the SIP media application.

      + */ + EnableSipMediaApplicationMessageLogs?: boolean; +} + +export namespace SipMediaApplicationLoggingConfiguration { + /** + * @internal + */ + export const filterSensitiveLog = (obj: SipMediaApplicationLoggingConfiguration): any => ({ + ...obj, + }); +} + +export interface GetSipMediaApplicationLoggingConfigurationResponse { + /** + *

      The actual logging configuration.

      + */ + SipMediaApplicationLoggingConfiguration?: SipMediaApplicationLoggingConfiguration; +} + +export namespace GetSipMediaApplicationLoggingConfigurationResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: GetSipMediaApplicationLoggingConfigurationResponse): any => ({ + ...obj, + }); +} + +export interface GetSipRuleRequest { + /** + *

      The SIP rule ID.

      + */ + SipRuleId: string | undefined; +} + +export namespace GetSipRuleRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: GetSipRuleRequest): any => ({ + ...obj, + }); +} + +export interface GetSipRuleResponse { + /** + *

      The SIP rule details.

      + */ + SipRule?: SipRule; +} + +export namespace GetSipRuleResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: GetSipRuleResponse): any => ({ + ...obj, + }); +} + +export interface GetUserRequest { + /** + *

      The Amazon Chime account ID.

      + */ + AccountId: string | undefined; + + /** + *

      The user ID.

      + */ + UserId: string | undefined; +} + +export namespace GetUserRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: GetUserRequest): any => ({ + ...obj, + }); +} + +export interface GetUserResponse { + /** + *

      The user details.

      + */ + User?: User; +} + +export namespace GetUserResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: GetUserResponse): any => ({ + ...obj, + ...(obj.User && { User: User.filterSensitiveLog(obj.User) }), + }); +} + +export interface GetUserSettingsRequest { + /** + *

      The Amazon Chime account ID.

      + */ + AccountId: string | undefined; + + /** + *

      The user ID.

      + */ + UserId: string | undefined; +} + +export namespace GetUserSettingsRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: GetUserSettingsRequest): any => ({ + ...obj, + }); +} + +/** + *

      Settings that allow management of telephony permissions for an Amazon Chime user, such as + * inbound and outbound calling and text messaging.

      + */ +export interface TelephonySettings { + /** + *

      Allows or denies inbound calling.

      + */ + InboundCalling: boolean | undefined; + + /** + *

      Allows or denies outbound calling.

      + */ + OutboundCalling: boolean | undefined; + + /** + *

      Allows or denies SMS messaging.

      + */ + SMS: boolean | undefined; +} + +export namespace TelephonySettings { + /** + * @internal + */ + export const filterSensitiveLog = (obj: TelephonySettings): any => ({ + ...obj, + }); +} + +/** + *

      Settings associated with an Amazon Chime user, including inbound and outbound calling and text + * messaging.

      + */ +export interface UserSettings { + /** + *

      The telephony settings associated with the user.

      + */ + Telephony: TelephonySettings | undefined; +} + +export namespace UserSettings { + /** + * @internal + */ + export const filterSensitiveLog = (obj: UserSettings): any => ({ + ...obj, + }); +} + export interface GetUserSettingsResponse { /** *

      The user settings.

      @@ -3745,12 +3954,12 @@ export interface UpdateGlobalSettingsRequest { /** *

      The Amazon Chime Business Calling settings.

      */ - BusinessCalling: BusinessCallingSettings | undefined; + BusinessCalling?: BusinessCallingSettings; /** *

      The Amazon Chime Voice Connector settings.

      */ - VoiceConnector: VoiceConnectorSettings | undefined; + VoiceConnector?: VoiceConnectorSettings; } export namespace UpdateGlobalSettingsRequest { diff --git a/clients/client-chime/src/protocols/Aws_restJson1.ts b/clients/client-chime/src/protocols/Aws_restJson1.ts index d48582f0f55a..e266f76c8eee 100644 --- a/clients/client-chime/src/protocols/Aws_restJson1.ts +++ b/clients/client-chime/src/protocols/Aws_restJson1.ts @@ -569,7 +569,9 @@ import { AppInstanceUser, AppInstanceUserMembershipSummary, AppInstanceUserSummary, + ArtifactsConfiguration, Attendee, + AudioArtifactsConfiguration, BadRequestException, BatchChannelMemberships, BatchCreateChannelMembershipError, @@ -589,7 +591,9 @@ import { ChannelModeratorSummary, ChannelRetentionSettings, ChannelSummary, + ChimeSdkMeetingConfiguration, ConflictException, + ContentArtifactsConfiguration, ConversationRetentionSettings, CreateAttendeeError, CreateAttendeeRequestItem, @@ -626,17 +630,17 @@ import { Room, RoomMembership, RoomRetentionSettings, + SelectedVideoStreams, ServiceFailureException, ServiceUnavailableException, SigninDelegateGroup, SipMediaApplication, SipMediaApplicationCall, SipMediaApplicationEndpoint, - SipMediaApplicationLoggingConfiguration, SipRule, SipRuleTargetApplication, + SourceConfiguration, Tag, - TelephonySettings, ThrottledClientException, UnauthorizedClientException, UnprocessableEntityException, @@ -644,7 +648,7 @@ import { UpdateUserRequestItem, User, UserError, - UserSettings, + VideoArtifactsConfiguration, VoiceConnector, VoiceConnectorGroup, VoiceConnectorItem, @@ -657,11 +661,14 @@ import { OriginationRoute, PhoneNumberCountry, Proxy, + SipMediaApplicationLoggingConfiguration, StreamingConfiguration, StreamingNotificationTarget, + TelephonySettings, Termination, TerminationHealth, TranscriptionConfiguration, + UserSettings, } from "../models/models_1"; export const serializeAws_restJson1AssociatePhoneNumbersWithVoiceConnectorCommand = async ( @@ -1551,6 +1558,13 @@ export const serializeAws_restJson1CreateMediaCapturePipelineCommand = async ( `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + "/media-capture-pipelines"; let body: any; body = JSON.stringify({ + ...(input.ChimeSdkMeetingConfiguration !== undefined && + input.ChimeSdkMeetingConfiguration !== null && { + ChimeSdkMeetingConfiguration: serializeAws_restJson1ChimeSdkMeetingConfiguration( + input.ChimeSdkMeetingConfiguration, + context + ), + }), ClientRequestToken: input.ClientRequestToken ?? generateIdempotencyToken(), ...(input.SinkArn !== undefined && input.SinkArn !== null && { SinkArn: input.SinkArn }), ...(input.SinkType !== undefined && input.SinkType !== null && { SinkType: input.SinkType }), @@ -26134,6 +26148,14 @@ const deserializeAws_restJson1UpdatePhoneNumberCommandError = async ( $metadata: deserializeMetadata(output), }; break; + case "ConflictException": + case "com.amazonaws.chime#ConflictException": + response = { + ...(await deserializeAws_restJson1ConflictExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; case "ForbiddenException": case "com.amazonaws.chime#ForbiddenException": response = { @@ -27650,6 +27672,30 @@ const serializeAws_restJson1AppInstanceStreamingConfigurationList = ( }); }; +const serializeAws_restJson1ArtifactsConfiguration = (input: ArtifactsConfiguration, context: __SerdeContext): any => { + return { + ...(input.Audio !== undefined && + input.Audio !== null && { Audio: serializeAws_restJson1AudioArtifactsConfiguration(input.Audio, context) }), + ...(input.Content !== undefined && + input.Content !== null && { + Content: serializeAws_restJson1ContentArtifactsConfiguration(input.Content, context), + }), + ...(input.Video !== undefined && + input.Video !== null && { Video: serializeAws_restJson1VideoArtifactsConfiguration(input.Video, context) }), + }; +}; + +const serializeAws_restJson1AttendeeIdList = (input: string[], context: __SerdeContext): any => { + return input + .filter((e: any) => e != null) + .map((entry) => { + if (entry === null) { + return null as any; + } + return entry; + }); +}; + const serializeAws_restJson1AttendeeTagKeyList = (input: string[], context: __SerdeContext): any => { return input .filter((e: any) => e != null) @@ -27672,6 +27718,15 @@ const serializeAws_restJson1AttendeeTagList = (input: Tag[], context: __SerdeCon }); }; +const serializeAws_restJson1AudioArtifactsConfiguration = ( + input: AudioArtifactsConfiguration, + context: __SerdeContext +): any => { + return { + ...(input.MuxType !== undefined && input.MuxType !== null && { MuxType: input.MuxType }), + }; +}; + const serializeAws_restJson1BusinessCallingSettings = ( input: BusinessCallingSettings, context: __SerdeContext @@ -27712,6 +27767,32 @@ const serializeAws_restJson1ChannelRetentionSettings = ( }; }; +const serializeAws_restJson1ChimeSdkMeetingConfiguration = ( + input: ChimeSdkMeetingConfiguration, + context: __SerdeContext +): any => { + return { + ...(input.ArtifactsConfiguration !== undefined && + input.ArtifactsConfiguration !== null && { + ArtifactsConfiguration: serializeAws_restJson1ArtifactsConfiguration(input.ArtifactsConfiguration, context), + }), + ...(input.SourceConfiguration !== undefined && + input.SourceConfiguration !== null && { + SourceConfiguration: serializeAws_restJson1SourceConfiguration(input.SourceConfiguration, context), + }), + }; +}; + +const serializeAws_restJson1ContentArtifactsConfiguration = ( + input: ContentArtifactsConfiguration, + context: __SerdeContext +): any => { + return { + ...(input.MuxType !== undefined && input.MuxType !== null && { MuxType: input.MuxType }), + ...(input.State !== undefined && input.State !== null && { State: input.State }), + }; +}; + const serializeAws_restJson1ConversationRetentionSettings = ( input: ConversationRetentionSettings, context: __SerdeContext @@ -27871,6 +27952,17 @@ const serializeAws_restJson1EngineTranscribeSettings = ( }; }; +const serializeAws_restJson1ExternalUserIdList = (input: string[], context: __SerdeContext): any => { + return input + .filter((e: any) => e != null) + .map((entry) => { + if (entry === null) { + return null as any; + } + return entry; + }); +}; + const serializeAws_restJson1GeoMatchParams = (input: GeoMatchParams, context: __SerdeContext): any => { return { ...(input.AreaCode !== undefined && input.AreaCode !== null && { AreaCode: input.AreaCode }), @@ -28018,6 +28110,17 @@ const serializeAws_restJson1RoomRetentionSettings = (input: RoomRetentionSetting }; }; +const serializeAws_restJson1SelectedVideoStreams = (input: SelectedVideoStreams, context: __SerdeContext): any => { + return { + ...(input.AttendeeIds !== undefined && + input.AttendeeIds !== null && { AttendeeIds: serializeAws_restJson1AttendeeIdList(input.AttendeeIds, context) }), + ...(input.ExternalUserIds !== undefined && + input.ExternalUserIds !== null && { + ExternalUserIds: serializeAws_restJson1ExternalUserIdList(input.ExternalUserIds, context), + }), + }; +}; + const serializeAws_restJson1SensitiveStringList = (input: string[], context: __SerdeContext): any => { return input .filter((e: any) => e != null) @@ -28134,6 +28237,15 @@ const serializeAws_restJson1SMAUpdateCallArgumentsMap = ( }, {}); }; +const serializeAws_restJson1SourceConfiguration = (input: SourceConfiguration, context: __SerdeContext): any => { + return { + ...(input.SelectedVideoStreams !== undefined && + input.SelectedVideoStreams !== null && { + SelectedVideoStreams: serializeAws_restJson1SelectedVideoStreams(input.SelectedVideoStreams, context), + }), + }; +}; + const serializeAws_restJson1StreamingConfiguration = (input: StreamingConfiguration, context: __SerdeContext): any => { return { ...(input.DataRetentionInHours !== undefined && @@ -28345,6 +28457,16 @@ const serializeAws_restJson1UserSettings = (input: UserSettings, context: __Serd }; }; +const serializeAws_restJson1VideoArtifactsConfiguration = ( + input: VideoArtifactsConfiguration, + context: __SerdeContext +): any => { + return { + ...(input.MuxType !== undefined && input.MuxType !== null && { MuxType: input.MuxType }), + ...(input.State !== undefined && input.State !== null && { State: input.State }), + }; +}; + const serializeAws_restJson1VoiceConnectorItem = (input: VoiceConnectorItem, context: __SerdeContext): any => { return { ...(input.Priority !== undefined && input.Priority !== null && { Priority: input.Priority }), @@ -28586,6 +28708,26 @@ const deserializeAws_restJson1AppInstanceUserSummary = ( } as any; }; +const deserializeAws_restJson1ArtifactsConfiguration = ( + output: any, + context: __SerdeContext +): ArtifactsConfiguration => { + return { + Audio: + output.Audio !== undefined && output.Audio !== null + ? deserializeAws_restJson1AudioArtifactsConfiguration(output.Audio, context) + : undefined, + Content: + output.Content !== undefined && output.Content !== null + ? deserializeAws_restJson1ContentArtifactsConfiguration(output.Content, context) + : undefined, + Video: + output.Video !== undefined && output.Video !== null + ? deserializeAws_restJson1VideoArtifactsConfiguration(output.Video, context) + : undefined, + } as any; +}; + const deserializeAws_restJson1Attendee = (output: any, context: __SerdeContext): Attendee => { return { AttendeeId: __expectString(output.AttendeeId), @@ -28594,6 +28736,17 @@ const deserializeAws_restJson1Attendee = (output: any, context: __SerdeContext): } as any; }; +const deserializeAws_restJson1AttendeeIdList = (output: any, context: __SerdeContext): string[] => { + return (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return __expectString(entry) as any; + }); +}; + const deserializeAws_restJson1AttendeeList = (output: any, context: __SerdeContext): Attendee[] => { return (output || []) .filter((e: any) => e != null) @@ -28605,6 +28758,15 @@ const deserializeAws_restJson1AttendeeList = (output: any, context: __SerdeConte }); }; +const deserializeAws_restJson1AudioArtifactsConfiguration = ( + output: any, + context: __SerdeContext +): AudioArtifactsConfiguration => { + return { + MuxType: __expectString(output.MuxType), + } as any; +}; + const deserializeAws_restJson1BatchChannelMemberships = ( output: any, context: __SerdeContext @@ -29039,6 +29201,32 @@ const deserializeAws_restJson1ChannelSummaryList = (output: any, context: __Serd }); }; +const deserializeAws_restJson1ChimeSdkMeetingConfiguration = ( + output: any, + context: __SerdeContext +): ChimeSdkMeetingConfiguration => { + return { + ArtifactsConfiguration: + output.ArtifactsConfiguration !== undefined && output.ArtifactsConfiguration !== null + ? deserializeAws_restJson1ArtifactsConfiguration(output.ArtifactsConfiguration, context) + : undefined, + SourceConfiguration: + output.SourceConfiguration !== undefined && output.SourceConfiguration !== null + ? deserializeAws_restJson1SourceConfiguration(output.SourceConfiguration, context) + : undefined, + } as any; +}; + +const deserializeAws_restJson1ContentArtifactsConfiguration = ( + output: any, + context: __SerdeContext +): ContentArtifactsConfiguration => { + return { + MuxType: __expectString(output.MuxType), + State: __expectString(output.State), + } as any; +}; + const deserializeAws_restJson1ConversationRetentionSettings = ( output: any, context: __SerdeContext @@ -29112,6 +29300,17 @@ const deserializeAws_restJson1EventsConfiguration = (output: any, context: __Ser } as any; }; +const deserializeAws_restJson1ExternalUserIdList = (output: any, context: __SerdeContext): string[] => { + return (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return __expectString(entry) as any; + }); +}; + const deserializeAws_restJson1GeoMatchParams = (output: any, context: __SerdeContext): GeoMatchParams => { return { AreaCode: __expectString(output.AreaCode), @@ -29165,6 +29364,10 @@ const deserializeAws_restJson1LoggingConfiguration = (output: any, context: __Se const deserializeAws_restJson1MediaCapturePipeline = (output: any, context: __SerdeContext): MediaCapturePipeline => { return { + ChimeSdkMeetingConfiguration: + output.ChimeSdkMeetingConfiguration !== undefined && output.ChimeSdkMeetingConfiguration !== null + ? deserializeAws_restJson1ChimeSdkMeetingConfiguration(output.ChimeSdkMeetingConfiguration, context) + : undefined, CreatedTimestamp: output.CreatedTimestamp !== undefined && output.CreatedTimestamp !== null ? __expectNonNull(__parseRfc3339DateTime(output.CreatedTimestamp)) @@ -29655,6 +29858,19 @@ const deserializeAws_restJson1RoomRetentionSettings = (output: any, context: __S } as any; }; +const deserializeAws_restJson1SelectedVideoStreams = (output: any, context: __SerdeContext): SelectedVideoStreams => { + return { + AttendeeIds: + output.AttendeeIds !== undefined && output.AttendeeIds !== null + ? deserializeAws_restJson1AttendeeIdList(output.AttendeeIds, context) + : undefined, + ExternalUserIds: + output.ExternalUserIds !== undefined && output.ExternalUserIds !== null + ? deserializeAws_restJson1ExternalUserIdList(output.ExternalUserIds, context) + : undefined, + } as any; +}; + const deserializeAws_restJson1SensitiveStringList = (output: any, context: __SerdeContext): string[] => { return (output || []) .filter((e: any) => e != null) @@ -29819,6 +30035,15 @@ const deserializeAws_restJson1SipRuleTargetApplicationList = ( }); }; +const deserializeAws_restJson1SourceConfiguration = (output: any, context: __SerdeContext): SourceConfiguration => { + return { + SelectedVideoStreams: + output.SelectedVideoStreams !== undefined && output.SelectedVideoStreams !== null + ? deserializeAws_restJson1SelectedVideoStreams(output.SelectedVideoStreams, context) + : undefined, + } as any; +}; + const deserializeAws_restJson1StreamingConfiguration = ( output: any, context: __SerdeContext @@ -29985,6 +30210,16 @@ const deserializeAws_restJson1UserSettings = (output: any, context: __SerdeConte } as any; }; +const deserializeAws_restJson1VideoArtifactsConfiguration = ( + output: any, + context: __SerdeContext +): VideoArtifactsConfiguration => { + return { + MuxType: __expectString(output.MuxType), + State: __expectString(output.State), + } as any; +}; + const deserializeAws_restJson1VoiceConnector = (output: any, context: __SerdeContext): VoiceConnector => { return { AwsRegion: __expectString(output.AwsRegion), diff --git a/clients/client-codebuild/src/models/models_0.ts b/clients/client-codebuild/src/models/models_0.ts index 73565e9dc5c1..5a4097dccfcb 100644 --- a/clients/client-codebuild/src/models/models_0.ts +++ b/clients/client-codebuild/src/models/models_0.ts @@ -247,6 +247,11 @@ export namespace BuildArtifacts { }); } +export enum BatchReportModeType { + REPORT_AGGREGATED_BATCH = "REPORT_AGGREGATED_BATCH", + REPORT_INDIVIDUAL_BUILDS = "REPORT_INDIVIDUAL_BUILDS", +} + /** *

      Specifies restrictions for the batch build.

      */ @@ -299,6 +304,23 @@ export interface ProjectBuildBatchConfig { *

      Specifies the maximum amount of time, in minutes, that the batch build must be completed in.

      */ timeoutInMins?: number; + + /** + *

      Specifies how build status reports are sent to the source provider for the batch build. This property is only used + * when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, + * and your project is configured to report build statuses to the source provider.

      + *
      + *
      REPORT_AGGREGATED_BATCH
      + *
      + *

      (Default) Aggregate all of the build statuses into a single status report.

      + *
      + *
      REPORT_INDIVIDUAL_BUILDS
      + *
      + *

      Send a separate status report for each individual build.

      + *
      + *
      + */ + batchReportMode?: BatchReportModeType | string; } export namespace ProjectBuildBatchConfig { @@ -5169,19 +5191,17 @@ export interface ListBuildsForProjectInput { projectName: string | undefined; /** - *

      The order to list results in. The results are sorted by build number, not the build - * identifier.

      + *

      The order to sort the results in. The results are sorted by build number, not the build + * identifier. If this is not specified, the results are sorted in descending order.

      *

      Valid values include:

      *
        *
      • *

        - * ASCENDING: List the build IDs in ascending order by build - * ID.

        + * ASCENDING: List the build identifiers in ascending order, by build number.

        *
        • *
      • *

        - * DESCENDING: List the build IDs in descending order by build - * ID.

        + * DESCENDING: List the build identifiers in descending order, by build number.

        *
        • *
      *

      If the project has more than 100 builds, setting the sort order will result in an @@ -5211,7 +5231,7 @@ export namespace ListBuildsForProjectInput { export interface ListBuildsForProjectOutput { /** - *

      A list of build IDs for the specified build project, with each build ID representing a + *

      A list of build identifiers for the specified build project, with each build ID representing a * single build.

      */ ids?: string[]; @@ -6804,7 +6824,7 @@ export interface UpdateProjectInput { artifacts?: ProjectArtifacts; /** - *

      An array of ProjectSource objects.

      + *

      An array of ProjectArtifact objects.

      */ secondaryArtifacts?: ProjectArtifacts[]; diff --git a/clients/client-codebuild/src/protocols/Aws_json1_1.ts b/clients/client-codebuild/src/protocols/Aws_json1_1.ts index 1a68d65e844c..53c72f4174d6 100644 --- a/clients/client-codebuild/src/protocols/Aws_json1_1.ts +++ b/clients/client-codebuild/src/protocols/Aws_json1_1.ts @@ -4128,6 +4128,8 @@ const serializeAws_json1_1ProjectArtifactsList = (input: ProjectArtifacts[], con const serializeAws_json1_1ProjectBuildBatchConfig = (input: ProjectBuildBatchConfig, context: __SerdeContext): any => { return { + ...(input.batchReportMode !== undefined && + input.batchReportMode !== null && { batchReportMode: input.batchReportMode }), ...(input.combineArtifacts !== undefined && input.combineArtifacts !== null && { combineArtifacts: input.combineArtifacts }), ...(input.restrictions !== undefined && @@ -5953,6 +5955,7 @@ const deserializeAws_json1_1ProjectBuildBatchConfig = ( context: __SerdeContext ): ProjectBuildBatchConfig => { return { + batchReportMode: __expectString(output.batchReportMode), combineArtifacts: __expectBoolean(output.combineArtifacts), restrictions: output.restrictions !== undefined && output.restrictions !== null diff --git a/clients/client-ec2/src/EC2.ts b/clients/client-ec2/src/EC2.ts index ad135c294f1d..61217dd854f6 100644 --- a/clients/client-ec2/src/EC2.ts +++ b/clients/client-ec2/src/EC2.ts @@ -175,6 +175,11 @@ import { CancelCapacityReservationCommandInput, CancelCapacityReservationCommandOutput, } from "./commands/CancelCapacityReservationCommand"; +import { + CancelCapacityReservationFleetsCommand, + CancelCapacityReservationFleetsCommandInput, + CancelCapacityReservationFleetsCommandOutput, +} from "./commands/CancelCapacityReservationFleetsCommand"; import { CancelConversionTaskCommand, CancelConversionTaskCommandInput, @@ -226,6 +231,11 @@ import { CreateCapacityReservationCommandInput, CreateCapacityReservationCommandOutput, } from "./commands/CreateCapacityReservationCommand"; +import { + CreateCapacityReservationFleetCommand, + CreateCapacityReservationFleetCommandInput, + CreateCapacityReservationFleetCommandOutput, +} from "./commands/CreateCapacityReservationFleetCommand"; import { CreateCarrierGatewayCommand, CreateCarrierGatewayCommandInput, @@ -849,6 +859,11 @@ import { DescribeByoipCidrsCommandInput, DescribeByoipCidrsCommandOutput, } from "./commands/DescribeByoipCidrsCommand"; +import { + DescribeCapacityReservationFleetsCommand, + DescribeCapacityReservationFleetsCommandInput, + DescribeCapacityReservationFleetsCommandOutput, +} from "./commands/DescribeCapacityReservationFleetsCommand"; import { DescribeCapacityReservationsCommand, DescribeCapacityReservationsCommandInput, @@ -1791,6 +1806,11 @@ import { ModifyCapacityReservationCommandInput, ModifyCapacityReservationCommandOutput, } from "./commands/ModifyCapacityReservationCommand"; +import { + ModifyCapacityReservationFleetCommand, + ModifyCapacityReservationFleetCommandInput, + ModifyCapacityReservationFleetCommandOutput, +} from "./commands/ModifyCapacityReservationFleetCommand"; import { ModifyClientVpnEndpointCommand, ModifyClientVpnEndpointCommandInput, @@ -3633,6 +3653,52 @@ export class EC2 extends EC2Client { } } + /** + *

      Cancels one or more Capacity Reservation Fleets. When you cancel a Capacity Reservation + * Fleet, the following happens:

      + *
        + *
      • + *

        The Capacity Reservation Fleet's status changes to cancelled.

        + *
        • + *
      • + *

        The individual Capacity Reservations in the Fleet are cancelled. Instances running + * in the Capacity Reservations at the time of cancelling the Fleet continue to run in + * shared capacity.

        + *
        • + *
      • + *

        The Fleet stops creating new Capacity Reservations.

        + *
        • + *
      + */ + public cancelCapacityReservationFleets( + args: CancelCapacityReservationFleetsCommandInput, + options?: __HttpHandlerOptions + ): Promise; + public cancelCapacityReservationFleets( + args: CancelCapacityReservationFleetsCommandInput, + cb: (err: any, data?: CancelCapacityReservationFleetsCommandOutput) => void + ): void; + public cancelCapacityReservationFleets( + args: CancelCapacityReservationFleetsCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: CancelCapacityReservationFleetsCommandOutput) => void + ): void; + public cancelCapacityReservationFleets( + args: CancelCapacityReservationFleetsCommandInput, + optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: CancelCapacityReservationFleetsCommandOutput) => void), + cb?: (err: any, data?: CancelCapacityReservationFleetsCommandOutput) => void + ): Promise | void { + const command = new CancelCapacityReservationFleetsCommand(args); + if (typeof optionsOrCb === "function") { + this.send(command, optionsOrCb); + } else if (typeof cb === "function") { + if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`); + this.send(command, optionsOrCb || {}, cb); + } else { + return this.send(command, optionsOrCb); + } + } + /** *

      Cancels an active conversion task. The task can be the import of an instance or volume. The action removes all * artifacts of the conversion, including a partially uploaded volume or instance. If the conversion is complete or is @@ -4056,6 +4122,39 @@ export class EC2 extends EC2Client { } } + /** + *

      Creates a Capacity Reservation Fleet. For more information, see Create a Capacity + * Reservation Fleet in the Amazon EC2 User Guide.

      + */ + public createCapacityReservationFleet( + args: CreateCapacityReservationFleetCommandInput, + options?: __HttpHandlerOptions + ): Promise; + public createCapacityReservationFleet( + args: CreateCapacityReservationFleetCommandInput, + cb: (err: any, data?: CreateCapacityReservationFleetCommandOutput) => void + ): void; + public createCapacityReservationFleet( + args: CreateCapacityReservationFleetCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: CreateCapacityReservationFleetCommandOutput) => void + ): void; + public createCapacityReservationFleet( + args: CreateCapacityReservationFleetCommandInput, + optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: CreateCapacityReservationFleetCommandOutput) => void), + cb?: (err: any, data?: CreateCapacityReservationFleetCommandOutput) => void + ): Promise | void { + const command = new CreateCapacityReservationFleetCommand(args); + if (typeof optionsOrCb === "function") { + this.send(command, optionsOrCb); + } else if (typeof cb === "function") { + if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`); + this.send(command, optionsOrCb || {}, cb); + } else { + return this.send(command, optionsOrCb); + } + } + /** *

      Creates a carrier gateway. For more information about carrier gateways, see Carrier gateways in the Amazon Web Services Wavelength Developer Guide.

      */ @@ -8891,6 +8990,38 @@ export class EC2 extends EC2Client { } } + /** + *

      Describes one or more Capacity Reservation Fleets.

      + */ + public describeCapacityReservationFleets( + args: DescribeCapacityReservationFleetsCommandInput, + options?: __HttpHandlerOptions + ): Promise; + public describeCapacityReservationFleets( + args: DescribeCapacityReservationFleetsCommandInput, + cb: (err: any, data?: DescribeCapacityReservationFleetsCommandOutput) => void + ): void; + public describeCapacityReservationFleets( + args: DescribeCapacityReservationFleetsCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: DescribeCapacityReservationFleetsCommandOutput) => void + ): void; + public describeCapacityReservationFleets( + args: DescribeCapacityReservationFleetsCommandInput, + optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: DescribeCapacityReservationFleetsCommandOutput) => void), + cb?: (err: any, data?: DescribeCapacityReservationFleetsCommandOutput) => void + ): Promise | void { + const command = new DescribeCapacityReservationFleetsCommand(args); + if (typeof optionsOrCb === "function") { + this.send(command, optionsOrCb); + } else if (typeof cb === "function") { + if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`); + this.send(command, optionsOrCb || {}, cb); + } else { + return this.send(command, optionsOrCb); + } + } + /** *

      Describes one or more of your Capacity Reservations. The results describe only the Capacity Reservations in the * Amazon Web Services Region that you're currently using.

      @@ -15591,6 +15722,42 @@ export class EC2 extends EC2Client { } } + /** + *

      Modifies a Capacity Reservation Fleet.

      + *

      When you modify the total target capacity of a Capacity Reservation Fleet, the Fleet automatically + * creates new Capacity Reservations, or modifies or cancels existing Capacity Reservations in the Fleet + * to meet the new total target capacity. When you modify the end date for the Fleet, the end dates for + * all of the individual Capacity Reservations in the Fleet are updated accordingly.

      + */ + public modifyCapacityReservationFleet( + args: ModifyCapacityReservationFleetCommandInput, + options?: __HttpHandlerOptions + ): Promise; + public modifyCapacityReservationFleet( + args: ModifyCapacityReservationFleetCommandInput, + cb: (err: any, data?: ModifyCapacityReservationFleetCommandOutput) => void + ): void; + public modifyCapacityReservationFleet( + args: ModifyCapacityReservationFleetCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: ModifyCapacityReservationFleetCommandOutput) => void + ): void; + public modifyCapacityReservationFleet( + args: ModifyCapacityReservationFleetCommandInput, + optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: ModifyCapacityReservationFleetCommandOutput) => void), + cb?: (err: any, data?: ModifyCapacityReservationFleetCommandOutput) => void + ): Promise | void { + const command = new ModifyCapacityReservationFleetCommand(args); + if (typeof optionsOrCb === "function") { + this.send(command, optionsOrCb); + } else if (typeof cb === "function") { + if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`); + this.send(command, optionsOrCb || {}, cb); + } else { + return this.send(command, optionsOrCb); + } + } + /** *

      Modifies the specified Client VPN endpoint. Modifying the DNS server resets existing client connections.

      */ diff --git a/clients/client-ec2/src/EC2Client.ts b/clients/client-ec2/src/EC2Client.ts index 32456a8fc98c..d926719cc6fd 100644 --- a/clients/client-ec2/src/EC2Client.ts +++ b/clients/client-ec2/src/EC2Client.ts @@ -165,6 +165,10 @@ import { CancelCapacityReservationCommandInput, CancelCapacityReservationCommandOutput, } from "./commands/CancelCapacityReservationCommand"; +import { + CancelCapacityReservationFleetsCommandInput, + CancelCapacityReservationFleetsCommandOutput, +} from "./commands/CancelCapacityReservationFleetsCommand"; import { CancelConversionTaskCommandInput, CancelConversionTaskCommandOutput, @@ -194,6 +198,10 @@ import { CreateCapacityReservationCommandInput, CreateCapacityReservationCommandOutput, } from "./commands/CreateCapacityReservationCommand"; +import { + CreateCapacityReservationFleetCommandInput, + CreateCapacityReservationFleetCommandOutput, +} from "./commands/CreateCapacityReservationFleetCommand"; import { CreateCarrierGatewayCommandInput, CreateCarrierGatewayCommandOutput, @@ -604,6 +612,10 @@ import { DescribeBundleTasksCommandOutput, } from "./commands/DescribeBundleTasksCommand"; import { DescribeByoipCidrsCommandInput, DescribeByoipCidrsCommandOutput } from "./commands/DescribeByoipCidrsCommand"; +import { + DescribeCapacityReservationFleetsCommandInput, + DescribeCapacityReservationFleetsCommandOutput, +} from "./commands/DescribeCapacityReservationFleetsCommand"; import { DescribeCapacityReservationsCommandInput, DescribeCapacityReservationsCommandOutput, @@ -1280,6 +1292,10 @@ import { ModifyCapacityReservationCommandInput, ModifyCapacityReservationCommandOutput, } from "./commands/ModifyCapacityReservationCommand"; +import { + ModifyCapacityReservationFleetCommandInput, + ModifyCapacityReservationFleetCommandOutput, +} from "./commands/ModifyCapacityReservationFleetCommand"; import { ModifyClientVpnEndpointCommandInput, ModifyClientVpnEndpointCommandOutput, @@ -1652,6 +1668,7 @@ export type ServiceInputTypes = | BundleInstanceCommandInput | CancelBundleTaskCommandInput | CancelCapacityReservationCommandInput + | CancelCapacityReservationFleetsCommandInput | CancelConversionTaskCommandInput | CancelExportTaskCommandInput | CancelImportTaskCommandInput @@ -1663,6 +1680,7 @@ export type ServiceInputTypes = | CopyImageCommandInput | CopySnapshotCommandInput | CreateCapacityReservationCommandInput + | CreateCapacityReservationFleetCommandInput | CreateCarrierGatewayCommandInput | CreateClientVpnEndpointCommandInput | CreateClientVpnRouteCommandInput @@ -1794,6 +1812,7 @@ export type ServiceInputTypes = | DescribeAvailabilityZonesCommandInput | DescribeBundleTasksCommandInput | DescribeByoipCidrsCommandInput + | DescribeCapacityReservationFleetsCommandInput | DescribeCapacityReservationsCommandInput | DescribeCarrierGatewaysCommandInput | DescribeClassicLinkInstancesCommandInput @@ -1984,6 +2003,7 @@ export type ServiceInputTypes = | ModifyAddressAttributeCommandInput | ModifyAvailabilityZoneGroupCommandInput | ModifyCapacityReservationCommandInput + | ModifyCapacityReservationFleetCommandInput | ModifyClientVpnEndpointCommandInput | ModifyDefaultCreditSpecificationCommandInput | ModifyEbsDefaultKmsKeyIdCommandInput @@ -2121,6 +2141,7 @@ export type ServiceOutputTypes = | BundleInstanceCommandOutput | CancelBundleTaskCommandOutput | CancelCapacityReservationCommandOutput + | CancelCapacityReservationFleetsCommandOutput | CancelConversionTaskCommandOutput | CancelExportTaskCommandOutput | CancelImportTaskCommandOutput @@ -2132,6 +2153,7 @@ export type ServiceOutputTypes = | CopyImageCommandOutput | CopySnapshotCommandOutput | CreateCapacityReservationCommandOutput + | CreateCapacityReservationFleetCommandOutput | CreateCarrierGatewayCommandOutput | CreateClientVpnEndpointCommandOutput | CreateClientVpnRouteCommandOutput @@ -2263,6 +2285,7 @@ export type ServiceOutputTypes = | DescribeAvailabilityZonesCommandOutput | DescribeBundleTasksCommandOutput | DescribeByoipCidrsCommandOutput + | DescribeCapacityReservationFleetsCommandOutput | DescribeCapacityReservationsCommandOutput | DescribeCarrierGatewaysCommandOutput | DescribeClassicLinkInstancesCommandOutput @@ -2453,6 +2476,7 @@ export type ServiceOutputTypes = | ModifyAddressAttributeCommandOutput | ModifyAvailabilityZoneGroupCommandOutput | ModifyCapacityReservationCommandOutput + | ModifyCapacityReservationFleetCommandOutput | ModifyClientVpnEndpointCommandOutput | ModifyDefaultCreditSpecificationCommandOutput | ModifyEbsDefaultKmsKeyIdCommandOutput diff --git a/clients/client-ec2/src/commands/CancelCapacityReservationFleetsCommand.ts b/clients/client-ec2/src/commands/CancelCapacityReservationFleetsCommand.ts new file mode 100644 index 000000000000..8f23aa220062 --- /dev/null +++ b/clients/client-ec2/src/commands/CancelCapacityReservationFleetsCommand.ts @@ -0,0 +1,117 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; +import { CancelCapacityReservationFleetsRequest, CancelCapacityReservationFleetsResult } from "../models/models_0"; +import { + deserializeAws_ec2CancelCapacityReservationFleetsCommand, + serializeAws_ec2CancelCapacityReservationFleetsCommand, +} from "../protocols/Aws_ec2"; + +export interface CancelCapacityReservationFleetsCommandInput extends CancelCapacityReservationFleetsRequest {} +export interface CancelCapacityReservationFleetsCommandOutput + extends CancelCapacityReservationFleetsResult, + __MetadataBearer {} + +/** + *

      Cancels one or more Capacity Reservation Fleets. When you cancel a Capacity Reservation + * Fleet, the following happens:

      + *
        + *
      • + *

        The Capacity Reservation Fleet's status changes to cancelled.

        + *
        • + *
      • + *

        The individual Capacity Reservations in the Fleet are cancelled. Instances running + * in the Capacity Reservations at the time of cancelling the Fleet continue to run in + * shared capacity.

        + *
        • + *
      • + *

        The Fleet stops creating new Capacity Reservations.

        + *
        • + *
      + * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { EC2Client, CancelCapacityReservationFleetsCommand } from "@aws-sdk/client-ec2"; // ES Modules import + * // const { EC2Client, CancelCapacityReservationFleetsCommand } = require("@aws-sdk/client-ec2"); // CommonJS import + * const client = new EC2Client(config); + * const command = new CancelCapacityReservationFleetsCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link CancelCapacityReservationFleetsCommandInput} for command's `input` shape. + * @see {@link CancelCapacityReservationFleetsCommandOutput} for command's `response` shape. + * @see {@link EC2ClientResolvedConfig | config} for command's `input` shape. + * + */ +export class CancelCapacityReservationFleetsCommand extends $Command< + CancelCapacityReservationFleetsCommandInput, + CancelCapacityReservationFleetsCommandOutput, + EC2ClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: CancelCapacityReservationFleetsCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStack, + configuration: EC2ClientResolvedConfig, + options?: __HttpHandlerOptions + ): Handler { + this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); + + const stack = clientStack.concat(this.middlewareStack); + + const { logger } = configuration; + const clientName = "EC2Client"; + const commandName = "CancelCapacityReservationFleetsCommand"; + const handlerExecutionContext: HandlerExecutionContext = { + logger, + clientName, + commandName, + inputFilterSensitiveLog: CancelCapacityReservationFleetsRequest.filterSensitiveLog, + outputFilterSensitiveLog: CancelCapacityReservationFleetsResult.filterSensitiveLog, + }; + const { requestHandler } = configuration; + return stack.resolve( + (request: FinalizeHandlerArguments) => + requestHandler.handle(request.request as __HttpRequest, options || {}), + handlerExecutionContext + ); + } + + private serialize( + input: CancelCapacityReservationFleetsCommandInput, + context: __SerdeContext + ): Promise<__HttpRequest> { + return serializeAws_ec2CancelCapacityReservationFleetsCommand(input, context); + } + + private deserialize( + output: __HttpResponse, + context: __SerdeContext + ): Promise { + return deserializeAws_ec2CancelCapacityReservationFleetsCommand(output, context); + } + + // Start section: command_body_extra + // End section: command_body_extra +} diff --git a/clients/client-ec2/src/commands/CreateCapacityReservationFleetCommand.ts b/clients/client-ec2/src/commands/CreateCapacityReservationFleetCommand.ts new file mode 100644 index 000000000000..caca705dbd08 --- /dev/null +++ b/clients/client-ec2/src/commands/CreateCapacityReservationFleetCommand.ts @@ -0,0 +1,104 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; +import { CreateCapacityReservationFleetRequest, CreateCapacityReservationFleetResult } from "../models/models_0"; +import { + deserializeAws_ec2CreateCapacityReservationFleetCommand, + serializeAws_ec2CreateCapacityReservationFleetCommand, +} from "../protocols/Aws_ec2"; + +export interface CreateCapacityReservationFleetCommandInput extends CreateCapacityReservationFleetRequest {} +export interface CreateCapacityReservationFleetCommandOutput + extends CreateCapacityReservationFleetResult, + __MetadataBearer {} + +/** + *

      Creates a Capacity Reservation Fleet. For more information, see Create a Capacity + * Reservation Fleet in the Amazon EC2 User Guide.

      + * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { EC2Client, CreateCapacityReservationFleetCommand } from "@aws-sdk/client-ec2"; // ES Modules import + * // const { EC2Client, CreateCapacityReservationFleetCommand } = require("@aws-sdk/client-ec2"); // CommonJS import + * const client = new EC2Client(config); + * const command = new CreateCapacityReservationFleetCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link CreateCapacityReservationFleetCommandInput} for command's `input` shape. + * @see {@link CreateCapacityReservationFleetCommandOutput} for command's `response` shape. + * @see {@link EC2ClientResolvedConfig | config} for command's `input` shape. + * + */ +export class CreateCapacityReservationFleetCommand extends $Command< + CreateCapacityReservationFleetCommandInput, + CreateCapacityReservationFleetCommandOutput, + EC2ClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: CreateCapacityReservationFleetCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStack, + configuration: EC2ClientResolvedConfig, + options?: __HttpHandlerOptions + ): Handler { + this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); + + const stack = clientStack.concat(this.middlewareStack); + + const { logger } = configuration; + const clientName = "EC2Client"; + const commandName = "CreateCapacityReservationFleetCommand"; + const handlerExecutionContext: HandlerExecutionContext = { + logger, + clientName, + commandName, + inputFilterSensitiveLog: CreateCapacityReservationFleetRequest.filterSensitiveLog, + outputFilterSensitiveLog: CreateCapacityReservationFleetResult.filterSensitiveLog, + }; + const { requestHandler } = configuration; + return stack.resolve( + (request: FinalizeHandlerArguments) => + requestHandler.handle(request.request as __HttpRequest, options || {}), + handlerExecutionContext + ); + } + + private serialize( + input: CreateCapacityReservationFleetCommandInput, + context: __SerdeContext + ): Promise<__HttpRequest> { + return serializeAws_ec2CreateCapacityReservationFleetCommand(input, context); + } + + private deserialize( + output: __HttpResponse, + context: __SerdeContext + ): Promise { + return deserializeAws_ec2CreateCapacityReservationFleetCommand(output, context); + } + + // Start section: command_body_extra + // End section: command_body_extra +} diff --git a/clients/client-ec2/src/commands/CreateInstanceEventWindowCommand.ts b/clients/client-ec2/src/commands/CreateInstanceEventWindowCommand.ts index df8151f39957..fad8c8afd9c5 100644 --- a/clients/client-ec2/src/commands/CreateInstanceEventWindowCommand.ts +++ b/clients/client-ec2/src/commands/CreateInstanceEventWindowCommand.ts @@ -12,7 +12,8 @@ import { } from "@aws-sdk/types"; import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; -import { CreateInstanceEventWindowRequest, CreateInstanceEventWindowResult } from "../models/models_0"; +import { CreateInstanceEventWindowRequest } from "../models/models_0"; +import { CreateInstanceEventWindowResult } from "../models/models_1"; import { deserializeAws_ec2CreateInstanceEventWindowCommand, serializeAws_ec2CreateInstanceEventWindowCommand, diff --git a/clients/client-ec2/src/commands/CreateInstanceExportTaskCommand.ts b/clients/client-ec2/src/commands/CreateInstanceExportTaskCommand.ts index 02c006731181..415192f3b334 100644 --- a/clients/client-ec2/src/commands/CreateInstanceExportTaskCommand.ts +++ b/clients/client-ec2/src/commands/CreateInstanceExportTaskCommand.ts @@ -12,7 +12,7 @@ import { } from "@aws-sdk/types"; import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; -import { CreateInstanceExportTaskRequest, CreateInstanceExportTaskResult } from "../models/models_0"; +import { CreateInstanceExportTaskRequest, CreateInstanceExportTaskResult } from "../models/models_1"; import { deserializeAws_ec2CreateInstanceExportTaskCommand, serializeAws_ec2CreateInstanceExportTaskCommand, diff --git a/clients/client-ec2/src/commands/CreateInternetGatewayCommand.ts b/clients/client-ec2/src/commands/CreateInternetGatewayCommand.ts index 256c428ace30..37b313da1449 100644 --- a/clients/client-ec2/src/commands/CreateInternetGatewayCommand.ts +++ b/clients/client-ec2/src/commands/CreateInternetGatewayCommand.ts @@ -12,8 +12,7 @@ import { } from "@aws-sdk/types"; import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; -import { CreateInternetGatewayRequest } from "../models/models_0"; -import { CreateInternetGatewayResult } from "../models/models_1"; +import { CreateInternetGatewayRequest, CreateInternetGatewayResult } from "../models/models_1"; import { deserializeAws_ec2CreateInternetGatewayCommand, serializeAws_ec2CreateInternetGatewayCommand, diff --git a/clients/client-ec2/src/commands/CreateVpnConnectionCommand.ts b/clients/client-ec2/src/commands/CreateVpnConnectionCommand.ts index 3c438d35f518..6ef2d62afbc9 100644 --- a/clients/client-ec2/src/commands/CreateVpnConnectionCommand.ts +++ b/clients/client-ec2/src/commands/CreateVpnConnectionCommand.ts @@ -12,7 +12,8 @@ import { } from "@aws-sdk/types"; import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; -import { CreateVpnConnectionRequest, CreateVpnConnectionResult } from "../models/models_1"; +import { CreateVpnConnectionRequest } from "../models/models_1"; +import { CreateVpnConnectionResult } from "../models/models_2"; import { deserializeAws_ec2CreateVpnConnectionCommand, serializeAws_ec2CreateVpnConnectionCommand, diff --git a/clients/client-ec2/src/commands/CreateVpnConnectionRouteCommand.ts b/clients/client-ec2/src/commands/CreateVpnConnectionRouteCommand.ts index f26be1c1cd1e..87ed318b279a 100644 --- a/clients/client-ec2/src/commands/CreateVpnConnectionRouteCommand.ts +++ b/clients/client-ec2/src/commands/CreateVpnConnectionRouteCommand.ts @@ -12,7 +12,7 @@ import { } from "@aws-sdk/types"; import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; -import { CreateVpnConnectionRouteRequest } from "../models/models_1"; +import { CreateVpnConnectionRouteRequest } from "../models/models_2"; import { deserializeAws_ec2CreateVpnConnectionRouteCommand, serializeAws_ec2CreateVpnConnectionRouteCommand, diff --git a/clients/client-ec2/src/commands/CreateVpnGatewayCommand.ts b/clients/client-ec2/src/commands/CreateVpnGatewayCommand.ts index c9289cc60ac3..e1f29dea0972 100644 --- a/clients/client-ec2/src/commands/CreateVpnGatewayCommand.ts +++ b/clients/client-ec2/src/commands/CreateVpnGatewayCommand.ts @@ -12,7 +12,7 @@ import { } from "@aws-sdk/types"; import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; -import { CreateVpnGatewayRequest, CreateVpnGatewayResult } from "../models/models_1"; +import { CreateVpnGatewayRequest, CreateVpnGatewayResult } from "../models/models_2"; import { deserializeAws_ec2CreateVpnGatewayCommand, serializeAws_ec2CreateVpnGatewayCommand, diff --git a/clients/client-ec2/src/commands/DeleteCarrierGatewayCommand.ts b/clients/client-ec2/src/commands/DeleteCarrierGatewayCommand.ts index 476ea01a5e53..6d11e38191c7 100644 --- a/clients/client-ec2/src/commands/DeleteCarrierGatewayCommand.ts +++ b/clients/client-ec2/src/commands/DeleteCarrierGatewayCommand.ts @@ -12,8 +12,7 @@ import { } from "@aws-sdk/types"; import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; -import { DeleteCarrierGatewayRequest } from "../models/models_1"; -import { DeleteCarrierGatewayResult } from "../models/models_2"; +import { DeleteCarrierGatewayRequest, DeleteCarrierGatewayResult } from "../models/models_2"; import { deserializeAws_ec2DeleteCarrierGatewayCommand, serializeAws_ec2DeleteCarrierGatewayCommand, diff --git a/clients/client-ec2/src/commands/DescribeCapacityReservationFleetsCommand.ts b/clients/client-ec2/src/commands/DescribeCapacityReservationFleetsCommand.ts new file mode 100644 index 000000000000..090209938658 --- /dev/null +++ b/clients/client-ec2/src/commands/DescribeCapacityReservationFleetsCommand.ts @@ -0,0 +1,103 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; +import { DescribeCapacityReservationFleetsRequest, DescribeCapacityReservationFleetsResult } from "../models/models_2"; +import { + deserializeAws_ec2DescribeCapacityReservationFleetsCommand, + serializeAws_ec2DescribeCapacityReservationFleetsCommand, +} from "../protocols/Aws_ec2"; + +export interface DescribeCapacityReservationFleetsCommandInput extends DescribeCapacityReservationFleetsRequest {} +export interface DescribeCapacityReservationFleetsCommandOutput + extends DescribeCapacityReservationFleetsResult, + __MetadataBearer {} + +/** + *

      Describes one or more Capacity Reservation Fleets.

      + * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { EC2Client, DescribeCapacityReservationFleetsCommand } from "@aws-sdk/client-ec2"; // ES Modules import + * // const { EC2Client, DescribeCapacityReservationFleetsCommand } = require("@aws-sdk/client-ec2"); // CommonJS import + * const client = new EC2Client(config); + * const command = new DescribeCapacityReservationFleetsCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link DescribeCapacityReservationFleetsCommandInput} for command's `input` shape. + * @see {@link DescribeCapacityReservationFleetsCommandOutput} for command's `response` shape. + * @see {@link EC2ClientResolvedConfig | config} for command's `input` shape. + * + */ +export class DescribeCapacityReservationFleetsCommand extends $Command< + DescribeCapacityReservationFleetsCommandInput, + DescribeCapacityReservationFleetsCommandOutput, + EC2ClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: DescribeCapacityReservationFleetsCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStack, + configuration: EC2ClientResolvedConfig, + options?: __HttpHandlerOptions + ): Handler { + this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); + + const stack = clientStack.concat(this.middlewareStack); + + const { logger } = configuration; + const clientName = "EC2Client"; + const commandName = "DescribeCapacityReservationFleetsCommand"; + const handlerExecutionContext: HandlerExecutionContext = { + logger, + clientName, + commandName, + inputFilterSensitiveLog: DescribeCapacityReservationFleetsRequest.filterSensitiveLog, + outputFilterSensitiveLog: DescribeCapacityReservationFleetsResult.filterSensitiveLog, + }; + const { requestHandler } = configuration; + return stack.resolve( + (request: FinalizeHandlerArguments) => + requestHandler.handle(request.request as __HttpRequest, options || {}), + handlerExecutionContext + ); + } + + private serialize( + input: DescribeCapacityReservationFleetsCommandInput, + context: __SerdeContext + ): Promise<__HttpRequest> { + return serializeAws_ec2DescribeCapacityReservationFleetsCommand(input, context); + } + + private deserialize( + output: __HttpResponse, + context: __SerdeContext + ): Promise { + return deserializeAws_ec2DescribeCapacityReservationFleetsCommand(output, context); + } + + // Start section: command_body_extra + // End section: command_body_extra +} diff --git a/clients/client-ec2/src/commands/DescribeImportImageTasksCommand.ts b/clients/client-ec2/src/commands/DescribeImportImageTasksCommand.ts index 3e3375e220c6..45849eb6f1cb 100644 --- a/clients/client-ec2/src/commands/DescribeImportImageTasksCommand.ts +++ b/clients/client-ec2/src/commands/DescribeImportImageTasksCommand.ts @@ -12,7 +12,8 @@ import { } from "@aws-sdk/types"; import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; -import { DescribeImportImageTasksRequest, DescribeImportImageTasksResult } from "../models/models_2"; +import { DescribeImportImageTasksRequest } from "../models/models_2"; +import { DescribeImportImageTasksResult } from "../models/models_3"; import { deserializeAws_ec2DescribeImportImageTasksCommand, serializeAws_ec2DescribeImportImageTasksCommand, diff --git a/clients/client-ec2/src/commands/DescribeImportSnapshotTasksCommand.ts b/clients/client-ec2/src/commands/DescribeImportSnapshotTasksCommand.ts index 7f2ad152cd45..fca662f753b2 100644 --- a/clients/client-ec2/src/commands/DescribeImportSnapshotTasksCommand.ts +++ b/clients/client-ec2/src/commands/DescribeImportSnapshotTasksCommand.ts @@ -12,7 +12,7 @@ import { } from "@aws-sdk/types"; import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; -import { DescribeImportSnapshotTasksRequest, DescribeImportSnapshotTasksResult } from "../models/models_2"; +import { DescribeImportSnapshotTasksRequest, DescribeImportSnapshotTasksResult } from "../models/models_3"; import { deserializeAws_ec2DescribeImportSnapshotTasksCommand, serializeAws_ec2DescribeImportSnapshotTasksCommand, diff --git a/clients/client-ec2/src/commands/DescribeInstanceAttributeCommand.ts b/clients/client-ec2/src/commands/DescribeInstanceAttributeCommand.ts index 6cfb48928ffc..ed698c3f119f 100644 --- a/clients/client-ec2/src/commands/DescribeInstanceAttributeCommand.ts +++ b/clients/client-ec2/src/commands/DescribeInstanceAttributeCommand.ts @@ -12,7 +12,7 @@ import { } from "@aws-sdk/types"; import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; -import { DescribeInstanceAttributeRequest, InstanceAttribute } from "../models/models_2"; +import { DescribeInstanceAttributeRequest, InstanceAttribute } from "../models/models_3"; import { deserializeAws_ec2DescribeInstanceAttributeCommand, serializeAws_ec2DescribeInstanceAttributeCommand, diff --git a/clients/client-ec2/src/commands/DescribeInstanceCreditSpecificationsCommand.ts b/clients/client-ec2/src/commands/DescribeInstanceCreditSpecificationsCommand.ts index a5abaf2e084c..f90bb431f7a4 100644 --- a/clients/client-ec2/src/commands/DescribeInstanceCreditSpecificationsCommand.ts +++ b/clients/client-ec2/src/commands/DescribeInstanceCreditSpecificationsCommand.ts @@ -15,7 +15,7 @@ import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from " import { DescribeInstanceCreditSpecificationsRequest, DescribeInstanceCreditSpecificationsResult, -} from "../models/models_2"; +} from "../models/models_3"; import { deserializeAws_ec2DescribeInstanceCreditSpecificationsCommand, serializeAws_ec2DescribeInstanceCreditSpecificationsCommand, diff --git a/clients/client-ec2/src/commands/DescribeVolumeStatusCommand.ts b/clients/client-ec2/src/commands/DescribeVolumeStatusCommand.ts index 7b5012334012..f161cf842232 100644 --- a/clients/client-ec2/src/commands/DescribeVolumeStatusCommand.ts +++ b/clients/client-ec2/src/commands/DescribeVolumeStatusCommand.ts @@ -12,8 +12,7 @@ import { } from "@aws-sdk/types"; import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; -import { DescribeVolumeStatusRequest } from "../models/models_3"; -import { DescribeVolumeStatusResult } from "../models/models_4"; +import { DescribeVolumeStatusRequest, DescribeVolumeStatusResult } from "../models/models_4"; import { deserializeAws_ec2DescribeVolumeStatusCommand, serializeAws_ec2DescribeVolumeStatusCommand, diff --git a/clients/client-ec2/src/commands/DescribeVolumesCommand.ts b/clients/client-ec2/src/commands/DescribeVolumesCommand.ts index f26b2d58f56e..053b9238b51d 100644 --- a/clients/client-ec2/src/commands/DescribeVolumesCommand.ts +++ b/clients/client-ec2/src/commands/DescribeVolumesCommand.ts @@ -12,7 +12,7 @@ import { } from "@aws-sdk/types"; import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; -import { DescribeVolumesRequest, DescribeVolumesResult } from "../models/models_3"; +import { DescribeVolumesRequest, DescribeVolumesResult } from "../models/models_4"; import { deserializeAws_ec2DescribeVolumesCommand, serializeAws_ec2DescribeVolumesCommand } from "../protocols/Aws_ec2"; export interface DescribeVolumesCommandInput extends DescribeVolumesRequest {} diff --git a/clients/client-ec2/src/commands/DescribeVolumesModificationsCommand.ts b/clients/client-ec2/src/commands/DescribeVolumesModificationsCommand.ts index 6892d19ae2a1..06ca47018808 100644 --- a/clients/client-ec2/src/commands/DescribeVolumesModificationsCommand.ts +++ b/clients/client-ec2/src/commands/DescribeVolumesModificationsCommand.ts @@ -12,7 +12,7 @@ import { } from "@aws-sdk/types"; import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; -import { DescribeVolumesModificationsRequest, DescribeVolumesModificationsResult } from "../models/models_3"; +import { DescribeVolumesModificationsRequest, DescribeVolumesModificationsResult } from "../models/models_4"; import { deserializeAws_ec2DescribeVolumesModificationsCommand, serializeAws_ec2DescribeVolumesModificationsCommand, diff --git a/clients/client-ec2/src/commands/ModifyCapacityReservationFleetCommand.ts b/clients/client-ec2/src/commands/ModifyCapacityReservationFleetCommand.ts new file mode 100644 index 000000000000..fb2a757689f3 --- /dev/null +++ b/clients/client-ec2/src/commands/ModifyCapacityReservationFleetCommand.ts @@ -0,0 +1,107 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; +import { ModifyCapacityReservationFleetRequest, ModifyCapacityReservationFleetResult } from "../models/models_4"; +import { + deserializeAws_ec2ModifyCapacityReservationFleetCommand, + serializeAws_ec2ModifyCapacityReservationFleetCommand, +} from "../protocols/Aws_ec2"; + +export interface ModifyCapacityReservationFleetCommandInput extends ModifyCapacityReservationFleetRequest {} +export interface ModifyCapacityReservationFleetCommandOutput + extends ModifyCapacityReservationFleetResult, + __MetadataBearer {} + +/** + *

      Modifies a Capacity Reservation Fleet.

      + *

      When you modify the total target capacity of a Capacity Reservation Fleet, the Fleet automatically + * creates new Capacity Reservations, or modifies or cancels existing Capacity Reservations in the Fleet + * to meet the new total target capacity. When you modify the end date for the Fleet, the end dates for + * all of the individual Capacity Reservations in the Fleet are updated accordingly.

      + * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { EC2Client, ModifyCapacityReservationFleetCommand } from "@aws-sdk/client-ec2"; // ES Modules import + * // const { EC2Client, ModifyCapacityReservationFleetCommand } = require("@aws-sdk/client-ec2"); // CommonJS import + * const client = new EC2Client(config); + * const command = new ModifyCapacityReservationFleetCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link ModifyCapacityReservationFleetCommandInput} for command's `input` shape. + * @see {@link ModifyCapacityReservationFleetCommandOutput} for command's `response` shape. + * @see {@link EC2ClientResolvedConfig | config} for command's `input` shape. + * + */ +export class ModifyCapacityReservationFleetCommand extends $Command< + ModifyCapacityReservationFleetCommandInput, + ModifyCapacityReservationFleetCommandOutput, + EC2ClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: ModifyCapacityReservationFleetCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStack, + configuration: EC2ClientResolvedConfig, + options?: __HttpHandlerOptions + ): Handler { + this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); + + const stack = clientStack.concat(this.middlewareStack); + + const { logger } = configuration; + const clientName = "EC2Client"; + const commandName = "ModifyCapacityReservationFleetCommand"; + const handlerExecutionContext: HandlerExecutionContext = { + logger, + clientName, + commandName, + inputFilterSensitiveLog: ModifyCapacityReservationFleetRequest.filterSensitiveLog, + outputFilterSensitiveLog: ModifyCapacityReservationFleetResult.filterSensitiveLog, + }; + const { requestHandler } = configuration; + return stack.resolve( + (request: FinalizeHandlerArguments) => + requestHandler.handle(request.request as __HttpRequest, options || {}), + handlerExecutionContext + ); + } + + private serialize( + input: ModifyCapacityReservationFleetCommandInput, + context: __SerdeContext + ): Promise<__HttpRequest> { + return serializeAws_ec2ModifyCapacityReservationFleetCommand(input, context); + } + + private deserialize( + output: __HttpResponse, + context: __SerdeContext + ): Promise { + return deserializeAws_ec2ModifyCapacityReservationFleetCommand(output, context); + } + + // Start section: command_body_extra + // End section: command_body_extra +} diff --git a/clients/client-ec2/src/commands/ModifyTrafficMirrorSessionCommand.ts b/clients/client-ec2/src/commands/ModifyTrafficMirrorSessionCommand.ts index 7975bd3ece85..eec505fc7ceb 100644 --- a/clients/client-ec2/src/commands/ModifyTrafficMirrorSessionCommand.ts +++ b/clients/client-ec2/src/commands/ModifyTrafficMirrorSessionCommand.ts @@ -12,7 +12,8 @@ import { } from "@aws-sdk/types"; import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; -import { ModifyTrafficMirrorSessionRequest, ModifyTrafficMirrorSessionResult } from "../models/models_4"; +import { ModifyTrafficMirrorSessionRequest } from "../models/models_4"; +import { ModifyTrafficMirrorSessionResult } from "../models/models_5"; import { deserializeAws_ec2ModifyTrafficMirrorSessionCommand, serializeAws_ec2ModifyTrafficMirrorSessionCommand, diff --git a/clients/client-ec2/src/commands/ModifyTransitGatewayCommand.ts b/clients/client-ec2/src/commands/ModifyTransitGatewayCommand.ts index aaeedfe19a6c..54d8a9272765 100644 --- a/clients/client-ec2/src/commands/ModifyTransitGatewayCommand.ts +++ b/clients/client-ec2/src/commands/ModifyTransitGatewayCommand.ts @@ -12,7 +12,7 @@ import { } from "@aws-sdk/types"; import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; -import { ModifyTransitGatewayRequest, ModifyTransitGatewayResult } from "../models/models_4"; +import { ModifyTransitGatewayRequest, ModifyTransitGatewayResult } from "../models/models_5"; import { deserializeAws_ec2ModifyTransitGatewayCommand, serializeAws_ec2ModifyTransitGatewayCommand, diff --git a/clients/client-ec2/src/commands/ModifyTransitGatewayPrefixListReferenceCommand.ts b/clients/client-ec2/src/commands/ModifyTransitGatewayPrefixListReferenceCommand.ts index 2dbc73053b67..939181c4d60d 100644 --- a/clients/client-ec2/src/commands/ModifyTransitGatewayPrefixListReferenceCommand.ts +++ b/clients/client-ec2/src/commands/ModifyTransitGatewayPrefixListReferenceCommand.ts @@ -15,7 +15,7 @@ import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from " import { ModifyTransitGatewayPrefixListReferenceRequest, ModifyTransitGatewayPrefixListReferenceResult, -} from "../models/models_4"; +} from "../models/models_5"; import { deserializeAws_ec2ModifyTransitGatewayPrefixListReferenceCommand, serializeAws_ec2ModifyTransitGatewayPrefixListReferenceCommand, diff --git a/clients/client-ec2/src/commands/ModifyTransitGatewayVpcAttachmentCommand.ts b/clients/client-ec2/src/commands/ModifyTransitGatewayVpcAttachmentCommand.ts index 4048e2fd6767..46915f3738e9 100644 --- a/clients/client-ec2/src/commands/ModifyTransitGatewayVpcAttachmentCommand.ts +++ b/clients/client-ec2/src/commands/ModifyTransitGatewayVpcAttachmentCommand.ts @@ -12,7 +12,7 @@ import { } from "@aws-sdk/types"; import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; -import { ModifyTransitGatewayVpcAttachmentRequest, ModifyTransitGatewayVpcAttachmentResult } from "../models/models_4"; +import { ModifyTransitGatewayVpcAttachmentRequest, ModifyTransitGatewayVpcAttachmentResult } from "../models/models_5"; import { deserializeAws_ec2ModifyTransitGatewayVpcAttachmentCommand, serializeAws_ec2ModifyTransitGatewayVpcAttachmentCommand, diff --git a/clients/client-ec2/src/commands/ModifyVolumeAttributeCommand.ts b/clients/client-ec2/src/commands/ModifyVolumeAttributeCommand.ts index 979c66de477f..f95e17da3ce1 100644 --- a/clients/client-ec2/src/commands/ModifyVolumeAttributeCommand.ts +++ b/clients/client-ec2/src/commands/ModifyVolumeAttributeCommand.ts @@ -12,7 +12,7 @@ import { } from "@aws-sdk/types"; import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; -import { ModifyVolumeAttributeRequest } from "../models/models_4"; +import { ModifyVolumeAttributeRequest } from "../models/models_5"; import { deserializeAws_ec2ModifyVolumeAttributeCommand, serializeAws_ec2ModifyVolumeAttributeCommand, diff --git a/clients/client-ec2/src/commands/ModifyVolumeCommand.ts b/clients/client-ec2/src/commands/ModifyVolumeCommand.ts index 7c85d37054b7..8c05eb70bfff 100644 --- a/clients/client-ec2/src/commands/ModifyVolumeCommand.ts +++ b/clients/client-ec2/src/commands/ModifyVolumeCommand.ts @@ -12,7 +12,7 @@ import { } from "@aws-sdk/types"; import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; -import { ModifyVolumeRequest, ModifyVolumeResult } from "../models/models_4"; +import { ModifyVolumeRequest, ModifyVolumeResult } from "../models/models_5"; import { deserializeAws_ec2ModifyVolumeCommand, serializeAws_ec2ModifyVolumeCommand } from "../protocols/Aws_ec2"; export interface ModifyVolumeCommandInput extends ModifyVolumeRequest {} diff --git a/clients/client-ec2/src/commands/ModifyVpcAttributeCommand.ts b/clients/client-ec2/src/commands/ModifyVpcAttributeCommand.ts index a656b0c06028..31c3350f1da5 100644 --- a/clients/client-ec2/src/commands/ModifyVpcAttributeCommand.ts +++ b/clients/client-ec2/src/commands/ModifyVpcAttributeCommand.ts @@ -12,7 +12,7 @@ import { } from "@aws-sdk/types"; import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; -import { ModifyVpcAttributeRequest } from "../models/models_4"; +import { ModifyVpcAttributeRequest } from "../models/models_5"; import { deserializeAws_ec2ModifyVpcAttributeCommand, serializeAws_ec2ModifyVpcAttributeCommand, diff --git a/clients/client-ec2/src/commands/ModifyVpcEndpointCommand.ts b/clients/client-ec2/src/commands/ModifyVpcEndpointCommand.ts index f6f7741252d7..ac2c6b9331f4 100644 --- a/clients/client-ec2/src/commands/ModifyVpcEndpointCommand.ts +++ b/clients/client-ec2/src/commands/ModifyVpcEndpointCommand.ts @@ -12,7 +12,7 @@ import { } from "@aws-sdk/types"; import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EC2Client"; -import { ModifyVpcEndpointRequest, ModifyVpcEndpointResult } from "../models/models_4"; +import { ModifyVpcEndpointRequest, ModifyVpcEndpointResult } from "../models/models_5"; import { deserializeAws_ec2ModifyVpcEndpointCommand, serializeAws_ec2ModifyVpcEndpointCommand, diff --git a/clients/client-ec2/src/commands/ModifyVpcEndpointConnectionNotificationCommand.ts b/clients/client-ec2/src/commands/ModifyVpcEndpointConnectionNotificationCommand.ts index abfb069dc566..eb07b2a02172 100644 --- a/clients/client-ec2/src/commands/ModifyVpcEndpointConnectionNotificationCommand.ts +++ b/clients/client-ec2/src/commands/ModifyVpcEndpointConnectionNotificationCommand.ts @@ -15,7 +15,7 @@ import { EC2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from " import { ModifyVpcEndpointConnectionNotificationRequest, ModifyVpcEndpointConnectionNotificationResult, -} from "../models/models_4"; +} from "../models/models_5"; import { deserializeAws_ec2ModifyVpcEndpointConnectionNotificationCommand, serializeAws_ec2ModifyVpcEndpointConnectionNotificationCommand, diff --git a/clients/client-ec2/src/index.ts b/clients/client-ec2/src/index.ts index cf0f357a438e..e6f2edb5bc24 100644 --- a/clients/client-ec2/src/index.ts +++ b/clients/client-ec2/src/index.ts @@ -35,6 +35,7 @@ export * from "./commands/AuthorizeSecurityGroupIngressCommand"; export * from "./commands/BundleInstanceCommand"; export * from "./commands/CancelBundleTaskCommand"; export * from "./commands/CancelCapacityReservationCommand"; +export * from "./commands/CancelCapacityReservationFleetsCommand"; export * from "./commands/CancelConversionTaskCommand"; export * from "./commands/CancelExportTaskCommand"; export * from "./commands/CancelImportTaskCommand"; @@ -46,6 +47,7 @@ export * from "./commands/CopyFpgaImageCommand"; export * from "./commands/CopyImageCommand"; export * from "./commands/CopySnapshotCommand"; export * from "./commands/CreateCapacityReservationCommand"; +export * from "./commands/CreateCapacityReservationFleetCommand"; export * from "./commands/CreateCarrierGatewayCommand"; export * from "./commands/CreateClientVpnEndpointCommand"; export * from "./commands/CreateClientVpnRouteCommand"; @@ -180,6 +182,8 @@ export * from "./commands/DescribeBundleTasksCommand"; export * from "./waiters/waitForBundleTaskComplete"; export * from "./commands/DescribeByoipCidrsCommand"; export * from "./pagination/DescribeByoipCidrsPaginator"; +export * from "./commands/DescribeCapacityReservationFleetsCommand"; +export * from "./pagination/DescribeCapacityReservationFleetsPaginator"; export * from "./commands/DescribeCapacityReservationsCommand"; export * from "./pagination/DescribeCapacityReservationsPaginator"; export * from "./commands/DescribeCarrierGatewaysCommand"; @@ -499,6 +503,7 @@ export * from "./commands/ImportVolumeCommand"; export * from "./commands/ModifyAddressAttributeCommand"; export * from "./commands/ModifyAvailabilityZoneGroupCommand"; export * from "./commands/ModifyCapacityReservationCommand"; +export * from "./commands/ModifyCapacityReservationFleetCommand"; export * from "./commands/ModifyClientVpnEndpointCommand"; export * from "./commands/ModifyDefaultCreditSpecificationCommand"; export * from "./commands/ModifyEbsDefaultKmsKeyIdCommand"; diff --git a/clients/client-ec2/src/models/models_0.ts b/clients/client-ec2/src/models/models_0.ts index 7ad859b75e6f..1b3e31734972 100644 --- a/clients/client-ec2/src/models/models_0.ts +++ b/clients/client-ec2/src/models/models_0.ts @@ -4231,6 +4231,137 @@ export namespace CancelCapacityReservationResult { }); } +export interface CancelCapacityReservationFleetsRequest { + /** + *

      Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

      + */ + DryRun?: boolean; + + /** + *

      The IDs of the Capacity Reservation Fleets to cancel.

      + */ + CapacityReservationFleetIds: string[] | undefined; +} + +export namespace CancelCapacityReservationFleetsRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CancelCapacityReservationFleetsRequest): any => ({ + ...obj, + }); +} + +/** + *

      Describes a Capacity Reservation Fleet cancellation error.

      + */ +export interface CancelCapacityReservationFleetError { + /** + *

      The error code.

      + */ + Code?: string; + + /** + *

      The error message.

      + */ + Message?: string; +} + +export namespace CancelCapacityReservationFleetError { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CancelCapacityReservationFleetError): any => ({ + ...obj, + }); +} + +/** + *

      Describes a Capacity Reservation Fleet that could not be cancelled.

      + */ +export interface FailedCapacityReservationFleetCancellationResult { + /** + *

      The ID of the Capacity Reservation Fleet that could not be cancelled.

      + */ + CapacityReservationFleetId?: string; + + /** + *

      Information about the Capacity Reservation Fleet cancellation error.

      + */ + CancelCapacityReservationFleetError?: CancelCapacityReservationFleetError; +} + +export namespace FailedCapacityReservationFleetCancellationResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: FailedCapacityReservationFleetCancellationResult): any => ({ + ...obj, + }); +} + +export enum CapacityReservationFleetState { + ACTIVE = "active", + CANCELLED = "cancelled", + CANCELLING = "cancelling", + EXPIRED = "expired", + EXPIRING = "expiring", + FAILED = "failed", + MODIFYING = "modifying", + PARTIALLY_FULFILLED = "partially_fulfilled", + SUBMITTED = "submitted", +} + +/** + *

      Describes a Capacity Reservation Fleet that was successfully cancelled.

      + */ +export interface CapacityReservationFleetCancellationState { + /** + *

      The current state of the Capacity Reservation Fleet.

      + */ + CurrentFleetState?: CapacityReservationFleetState | string; + + /** + *

      The previous state of the Capacity Reservation Fleet.

      + */ + PreviousFleetState?: CapacityReservationFleetState | string; + + /** + *

      The ID of the Capacity Reservation Fleet that was successfully cancelled.

      + */ + CapacityReservationFleetId?: string; +} + +export namespace CapacityReservationFleetCancellationState { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CapacityReservationFleetCancellationState): any => ({ + ...obj, + }); +} + +export interface CancelCapacityReservationFleetsResult { + /** + *

      Information about the Capacity Reservation Fleets that were successfully cancelled.

      + */ + SuccessfulFleetCancellations?: CapacityReservationFleetCancellationState[]; + + /** + *

      Information about the Capacity Reservation Fleets that could not be cancelled.

      + */ + FailedFleetCancellations?: FailedCapacityReservationFleetCancellationResult[]; +} + +export namespace CancelCapacityReservationFleetsResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CancelCapacityReservationFleetsResult): any => ({ + ...obj, + }); +} + export interface CancelConversionRequest { /** *

      The ID of the conversion task.

      @@ -5415,6 +5546,12 @@ export interface CapacityReservation { * Reservation was created.

      */ OutpostArn?: string; + + /** + *

      The ID of the Capacity Reservation Fleet to which the Capacity Reservation belongs. + * Only valid for Capacity Reservations that were created by a Capacity Reservation Fleet.

      + */ + CapacityReservationFleetId?: string; } export namespace CapacityReservation { @@ -5442,1226 +5579,8 @@ export namespace CreateCapacityReservationResult { }); } -export interface CreateCarrierGatewayRequest { - /** - *

      The ID of the VPC to associate with the carrier gateway.

      - */ - VpcId: string | undefined; - - /** - *

      The tags to associate with the carrier gateway.

      - */ - TagSpecifications?: TagSpecification[]; - - /** - *

      Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

      - */ - DryRun?: boolean; - - /** - *

      Unique, case-sensitive identifier that you provide to ensure the idempotency of the - * request. For more information, see How to ensure - * idempotency.

      - */ - ClientToken?: string; -} - -export namespace CreateCarrierGatewayRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateCarrierGatewayRequest): any => ({ - ...obj, - }); -} - -export type CarrierGatewayState = "available" | "deleted" | "deleting" | "pending"; - -/** - *

      Describes a carrier gateway.

      - */ -export interface CarrierGateway { - /** - *

      The ID of the carrier gateway.

      - */ - CarrierGatewayId?: string; - - /** - *

      The ID of the VPC associated with the carrier gateway.

      - */ - VpcId?: string; - - /** - *

      The state of the carrier gateway.

      - */ - State?: CarrierGatewayState | string; - - /** - *

      The Amazon Web Services account ID of the owner of the carrier gateway.

      - */ - OwnerId?: string; - - /** - *

      The tags assigned to the carrier gateway.

      - */ - Tags?: Tag[]; -} - -export namespace CarrierGateway { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CarrierGateway): any => ({ - ...obj, - }); -} - -export interface CreateCarrierGatewayResult { - /** - *

      Information about the carrier gateway.

      - */ - CarrierGateway?: CarrierGateway; -} - -export namespace CreateCarrierGatewayResult { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateCarrierGatewayResult): any => ({ - ...obj, - }); -} - -/** - *

      Describes the Active Directory to be used for client authentication.

      - */ -export interface DirectoryServiceAuthenticationRequest { - /** - *

      The ID of the Active Directory to be used for authentication.

      - */ - DirectoryId?: string; -} - -export namespace DirectoryServiceAuthenticationRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DirectoryServiceAuthenticationRequest): any => ({ - ...obj, - }); -} - -/** - *

      The IAM SAML identity provider used for federated authentication.

      - */ -export interface FederatedAuthenticationRequest { - /** - *

      The Amazon Resource Name (ARN) of the IAM SAML identity provider.

      - */ - SAMLProviderArn?: string; - - /** - *

      The Amazon Resource Name (ARN) of the IAM SAML identity provider for the self-service portal.

      - */ - SelfServiceSAMLProviderArn?: string; -} - -export namespace FederatedAuthenticationRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: FederatedAuthenticationRequest): any => ({ - ...obj, - }); -} - -/** - *

      Information about the client certificate to be used for authentication.

      - */ -export interface CertificateAuthenticationRequest { - /** - *

      The ARN of the client certificate. The certificate must be signed by a certificate - * authority (CA) and it must be provisioned in Certificate Manager (ACM).

      - */ - ClientRootCertificateChainArn?: string; -} - -export namespace CertificateAuthenticationRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CertificateAuthenticationRequest): any => ({ - ...obj, - }); -} - -export type ClientVpnAuthenticationType = - | "certificate-authentication" - | "directory-service-authentication" - | "federated-authentication"; - -/** - *

      Describes the authentication method to be used by a Client VPN endpoint. For more information, see Authentication - * in the Client VPN Administrator Guide.

      - */ -export interface ClientVpnAuthenticationRequest { - /** - *

      The type of client authentication to be used.

      - */ - Type?: ClientVpnAuthenticationType | string; - - /** - *

      Information about the Active Directory to be used, if applicable. You must provide this information if Type is directory-service-authentication.

      - */ - ActiveDirectory?: DirectoryServiceAuthenticationRequest; - - /** - *

      Information about the authentication certificates to be used, if applicable. You must provide this information if Type is certificate-authentication.

      - */ - MutualAuthentication?: CertificateAuthenticationRequest; - - /** - *

      Information about the IAM SAML identity provider to be used, if applicable. You must provide this information if Type is federated-authentication.

      - */ - FederatedAuthentication?: FederatedAuthenticationRequest; -} - -export namespace ClientVpnAuthenticationRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: ClientVpnAuthenticationRequest): any => ({ - ...obj, - }); -} - -/** - *

      The options for managing connection authorization for new client connections.

      - */ -export interface ClientConnectOptions { - /** - *

      Indicates whether client connect options are enabled. The default is false (not enabled).

      - */ - Enabled?: boolean; - - /** - *

      The Amazon Resource Name (ARN) of the Lambda function used for connection authorization.

      - */ - LambdaFunctionArn?: string; -} - -export namespace ClientConnectOptions { - /** - * @internal - */ - export const filterSensitiveLog = (obj: ClientConnectOptions): any => ({ - ...obj, - }); -} - -/** - *

      Describes the client connection logging options for the Client VPN endpoint.

      - */ -export interface ConnectionLogOptions { - /** - *

      Indicates whether connection logging is enabled.

      - */ - Enabled?: boolean; - - /** - *

      The name of the CloudWatch Logs log group. Required if connection logging is enabled.

      - */ - CloudwatchLogGroup?: string; - - /** - *

      The name of the CloudWatch Logs log stream to which the connection data is published.

      - */ - CloudwatchLogStream?: string; -} - -export namespace ConnectionLogOptions { - /** - * @internal - */ - export const filterSensitiveLog = (obj: ConnectionLogOptions): any => ({ - ...obj, - }); -} - -export type SelfServicePortal = "disabled" | "enabled"; - -export type TransportProtocol = "tcp" | "udp"; - -export interface CreateClientVpnEndpointRequest { - /** - *

      The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. The CIDR block should be /22 or greater.

      - */ - ClientCidrBlock: string | undefined; - - /** - *

      The ARN of the server certificate. For more information, see - * the Certificate Manager User Guide.

      - */ - ServerCertificateArn: string | undefined; - - /** - *

      Information about the authentication method to be used to authenticate clients.

      - */ - AuthenticationOptions: ClientVpnAuthenticationRequest[] | undefined; - - /** - *

      Information about the client connection logging options.

      - *

      If you enable client connection logging, data about client connections is sent to a - * Cloudwatch Logs log stream. The following information is logged:

      - *
        - *
      • - *

        Client connection requests

        - *
        • - *
      • - *

        Client connection results (successful and unsuccessful)

        - *
        • - *
      • - *

        Reasons for unsuccessful client connection requests

        - *
        • - *
      • - *

        Client connection termination time

        - *
        • - *
      - */ - ConnectionLogOptions: ConnectionLogOptions | undefined; - - /** - *

      Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can - * have up to two DNS servers. If no DNS server is specified, the DNS address configured on the device is used for the DNS server.

      - */ - DnsServers?: string[]; - - /** - *

      The transport protocol to be used by the VPN session.

      - *

      Default value: udp - *

      - */ - TransportProtocol?: TransportProtocol | string; - - /** - *

      The port number to assign to the Client VPN endpoint for TCP and UDP traffic.

      - *

      Valid Values: 443 | 1194 - *

      - *

      Default Value: 443 - *

      - */ - VpnPort?: number; - - /** - *

      A brief description of the Client VPN endpoint.

      - */ - Description?: string; - - /** - *

      Indicates whether split-tunnel is enabled on the Client VPN endpoint.

      - *

      By default, split-tunnel on a VPN endpoint is disabled.

      - *

      For information about split-tunnel VPN endpoints, see Split-tunnel Client VPN endpoint in the - * Client VPN Administrator Guide.

      - */ - SplitTunnel?: boolean; - - /** - *

      Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

      - */ - DryRun?: boolean; - - /** - *

      Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to ensure idempotency.

      - */ - ClientToken?: string; - - /** - *

      The tags to apply to the Client VPN endpoint during creation.

      - */ - TagSpecifications?: TagSpecification[]; - - /** - *

      The IDs of one or more security groups to apply to the target network. You must also specify the ID of the VPC that contains the security groups.

      - */ - SecurityGroupIds?: string[]; - - /** - *

      The ID of the VPC to associate with the Client VPN endpoint. If no security group IDs are specified in the request, the default security group for the VPC is applied.

      - */ - VpcId?: string; - - /** - *

      Specify whether to enable the self-service portal for the Client VPN endpoint.

      - *

      Default Value: enabled - *

      - */ - SelfServicePortal?: SelfServicePortal | string; - - /** - *

      The options for managing connection authorization for new client connections.

      - */ - ClientConnectOptions?: ClientConnectOptions; -} - -export namespace CreateClientVpnEndpointRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateClientVpnEndpointRequest): any => ({ - ...obj, - }); -} - -export type ClientVpnEndpointStatusCode = "available" | "deleted" | "deleting" | "pending-associate"; - -/** - *

      Describes the state of a Client VPN endpoint.

      - */ -export interface ClientVpnEndpointStatus { - /** - *

      The state of the Client VPN endpoint. Possible states include:

      - *
        - *
      • - *

        - * pending-associate - The Client VPN endpoint has been created but no target networks - * have been associated. The Client VPN endpoint cannot accept connections.

        - *
        • - *
      • - *

        - * available - The Client VPN endpoint has been created and a target network has been - * associated. The Client VPN endpoint can accept connections.

        - *
        • - *
      • - *

        - * deleting - The Client VPN endpoint is being deleted. The Client VPN endpoint cannot accept - * connections.

        - *
        • - *
      • - *

        - * deleted - The Client VPN endpoint has been deleted. The Client VPN endpoint cannot accept - * connections.

        - *
        • - *
      - */ - Code?: ClientVpnEndpointStatusCode | string; - - /** - *

      A message about the status of the Client VPN endpoint.

      - */ - Message?: string; -} - -export namespace ClientVpnEndpointStatus { - /** - * @internal - */ - export const filterSensitiveLog = (obj: ClientVpnEndpointStatus): any => ({ - ...obj, - }); -} - -export interface CreateClientVpnEndpointResult { - /** - *

      The ID of the Client VPN endpoint.

      - */ - ClientVpnEndpointId?: string; - - /** - *

      The current state of the Client VPN endpoint.

      - */ - Status?: ClientVpnEndpointStatus; - - /** - *

      The DNS name to be used by clients when establishing their VPN session.

      - */ - DnsName?: string; -} - -export namespace CreateClientVpnEndpointResult { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateClientVpnEndpointResult): any => ({ - ...obj, - }); -} - -export interface CreateClientVpnRouteRequest { - /** - *

      The ID of the Client VPN endpoint to which to add the route.

      - */ - ClientVpnEndpointId: string | undefined; - - /** - *

      The IPv4 address range, in CIDR notation, of the route destination. For example:

      - *
        - *
      • - *

        To add a route for Internet access, enter 0.0.0.0/0 - *

        - *
        • - *
      • - *

        To add a route for a peered VPC, enter the peered VPC's IPv4 CIDR range

        - *
        • - *
      • - *

        To add a route for an on-premises network, enter the Amazon Web Services Site-to-Site VPN connection's IPv4 CIDR range

        - *
        • - *
      • - *

        To add a route for the local network, enter the client CIDR range

        - *
        • - *
      - */ - DestinationCidrBlock: string | undefined; - - /** - *

      The ID of the subnet through which you want to route traffic. The specified subnet must be - * an existing target network of the Client VPN endpoint.

      - *

      Alternatively, if you're adding a route for the local network, specify local.

      - */ - TargetVpcSubnetId: string | undefined; - - /** - *

      A brief description of the route.

      - */ - Description?: string; - - /** - *

      Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to ensure idempotency.

      - */ - ClientToken?: string; - - /** - *

      Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

      - */ - DryRun?: boolean; -} - -export namespace CreateClientVpnRouteRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateClientVpnRouteRequest): any => ({ - ...obj, - }); -} - -export type ClientVpnRouteStatusCode = "active" | "creating" | "deleting" | "failed"; - -/** - *

      Describes the state of a Client VPN endpoint route.

      - */ -export interface ClientVpnRouteStatus { - /** - *

      The state of the Client VPN endpoint route.

      - */ - Code?: ClientVpnRouteStatusCode | string; - - /** - *

      A message about the status of the Client VPN endpoint route, if applicable.

      - */ - Message?: string; -} - -export namespace ClientVpnRouteStatus { - /** - * @internal - */ - export const filterSensitiveLog = (obj: ClientVpnRouteStatus): any => ({ - ...obj, - }); -} - -export interface CreateClientVpnRouteResult { - /** - *

      The current state of the route.

      - */ - Status?: ClientVpnRouteStatus; -} - -export namespace CreateClientVpnRouteResult { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateClientVpnRouteResult): any => ({ - ...obj, - }); -} - -export type GatewayType = "ipsec.1"; - -/** - *

      Contains the parameters for CreateCustomerGateway.

      - */ -export interface CreateCustomerGatewayRequest { - /** - *

      For devices that support BGP, the customer gateway's BGP ASN.

      - *

      Default: 65000

      - */ - BgpAsn: number | undefined; - - /** - *

      The Internet-routable IP address for the customer gateway's outside interface. The - * address must be static.

      - */ - PublicIp?: string; - - /** - *

      The Amazon Resource Name (ARN) for the customer gateway certificate.

      - */ - CertificateArn?: string; - - /** - *

      The type of VPN connection that this customer gateway supports - * (ipsec.1).

      - */ - Type: GatewayType | string | undefined; - - /** - *

      The tags to apply to the customer gateway.

      - */ - TagSpecifications?: TagSpecification[]; - - /** - *

      A name for the customer gateway device.

      - *

      Length Constraints: Up to 255 characters.

      - */ - DeviceName?: string; - - /** - *

      Checks whether you have the required permissions for the action, without actually - * making the request, and provides an error response. If you have the required - * permissions, the error response is DryRunOperation. Otherwise, it is - * UnauthorizedOperation.

      - */ - DryRun?: boolean; -} - -export namespace CreateCustomerGatewayRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateCustomerGatewayRequest): any => ({ - ...obj, - }); -} - -/** - *

      Describes a customer gateway.

      - */ -export interface CustomerGateway { - /** - *

      The customer gateway's Border Gateway Protocol (BGP) Autonomous System Number - * (ASN).

      - */ - BgpAsn?: string; - - /** - *

      The ID of the customer gateway.

      - */ - CustomerGatewayId?: string; - - /** - *

      The Internet-routable IP address of the customer gateway's outside interface.

      - */ - IpAddress?: string; - - /** - *

      The Amazon Resource Name (ARN) for the customer gateway certificate.

      - */ - CertificateArn?: string; - - /** - *

      The current state of the customer gateway (pending | available | deleting | - * deleted).

      - */ - State?: string; - - /** - *

      The type of VPN connection the customer gateway supports - * (ipsec.1).

      - */ - Type?: string; - - /** - *

      The name of customer gateway device.

      - */ - DeviceName?: string; - - /** - *

      Any tags assigned to the customer gateway.

      - */ - Tags?: Tag[]; -} - -export namespace CustomerGateway { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CustomerGateway): any => ({ - ...obj, - }); -} - -/** - *

      Contains the output of CreateCustomerGateway.

      - */ -export interface CreateCustomerGatewayResult { - /** - *

      Information about the customer gateway.

      - */ - CustomerGateway?: CustomerGateway; -} - -export namespace CreateCustomerGatewayResult { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateCustomerGatewayResult): any => ({ - ...obj, - }); -} - -export interface CreateDefaultSubnetRequest { - /** - *

      The Availability Zone in which to create the default subnet.

      - */ - AvailabilityZone: string | undefined; - - /** - *

      Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

      - */ - DryRun?: boolean; -} - -export namespace CreateDefaultSubnetRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateDefaultSubnetRequest): any => ({ - ...obj, - }); -} - -export type SubnetState = "available" | "pending"; - -/** - *

      Describes a subnet.

      - */ -export interface Subnet { - /** - *

      The Availability Zone of the subnet.

      - */ - AvailabilityZone?: string; - - /** - *

      The AZ ID of the subnet.

      - */ - AvailabilityZoneId?: string; - - /** - *

      The number of unused private IPv4 addresses in the subnet. The IPv4 addresses for any - * stopped instances are considered unavailable.

      - */ - AvailableIpAddressCount?: number; - - /** - *

      The IPv4 CIDR block assigned to the subnet.

      - */ - CidrBlock?: string; - - /** - *

      Indicates whether this is the default subnet for the Availability Zone.

      - */ - DefaultForAz?: boolean; - - /** - *

      Indicates whether instances launched in this subnet receive a public IPv4 address.

      - */ - MapPublicIpOnLaunch?: boolean; - - /** - *

      Indicates whether a network interface created in this subnet (including a network - * interface created by RunInstances) receives a customer-owned IPv4 address.

      - */ - MapCustomerOwnedIpOnLaunch?: boolean; - - /** - *

      The customer-owned IPv4 address pool associated with the subnet.

      - */ - CustomerOwnedIpv4Pool?: string; - - /** - *

      The current state of the subnet.

      - */ - State?: SubnetState | string; - - /** - *

      The ID of the subnet.

      - */ - SubnetId?: string; - - /** - *

      The ID of the VPC the subnet is in.

      - */ - VpcId?: string; - - /** - *

      The ID of the Amazon Web Services account that owns the subnet.

      - */ - OwnerId?: string; - - /** - *

      Indicates whether a network interface created in this subnet (including a network - * interface created by RunInstances) receives an IPv6 address.

      - */ - AssignIpv6AddressOnCreation?: boolean; - - /** - *

      Information about the IPv6 CIDR blocks associated with the subnet.

      - */ - Ipv6CidrBlockAssociationSet?: SubnetIpv6CidrBlockAssociation[]; - - /** - *

      Any tags assigned to the subnet.

      - */ - Tags?: Tag[]; - - /** - *

      The Amazon Resource Name (ARN) of the subnet.

      - */ - SubnetArn?: string; - - /** - *

      The Amazon Resource Name (ARN) of the Outpost.

      - */ - OutpostArn?: string; -} - -export namespace Subnet { - /** - * @internal - */ - export const filterSensitiveLog = (obj: Subnet): any => ({ - ...obj, - }); -} - -export interface CreateDefaultSubnetResult { - /** - *

      Information about the subnet.

      - */ - Subnet?: Subnet; -} - -export namespace CreateDefaultSubnetResult { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateDefaultSubnetResult): any => ({ - ...obj, - }); -} - -export interface CreateDefaultVpcRequest { - /** - *

      Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

      - */ - DryRun?: boolean; -} - -export namespace CreateDefaultVpcRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateDefaultVpcRequest): any => ({ - ...obj, - }); -} - -export type Tenancy = "dedicated" | "default" | "host"; - -export type VpcState = "available" | "pending"; - -/** - *

      Describes a VPC.

      - */ -export interface Vpc { - /** - *

      The primary IPv4 CIDR block for the VPC.

      - */ - CidrBlock?: string; - - /** - *

      The ID of the set of DHCP options you've associated with the VPC.

      - */ - DhcpOptionsId?: string; - - /** - *

      The current state of the VPC.

      - */ - State?: VpcState | string; - - /** - *

      The ID of the VPC.

      - */ - VpcId?: string; - - /** - *

      The ID of the Amazon Web Services account that owns the VPC.

      - */ - OwnerId?: string; - - /** - *

      The allowed tenancy of instances launched into the VPC.

      - */ - InstanceTenancy?: Tenancy | string; - - /** - *

      Information about the IPv6 CIDR blocks associated with the VPC.

      - */ - Ipv6CidrBlockAssociationSet?: VpcIpv6CidrBlockAssociation[]; - - /** - *

      Information about the IPv4 CIDR blocks associated with the VPC.

      - */ - CidrBlockAssociationSet?: VpcCidrBlockAssociation[]; - - /** - *

      Indicates whether the VPC is the default VPC.

      - */ - IsDefault?: boolean; - - /** - *

      Any tags assigned to the VPC.

      - */ - Tags?: Tag[]; -} - -export namespace Vpc { - /** - * @internal - */ - export const filterSensitiveLog = (obj: Vpc): any => ({ - ...obj, - }); -} - -export interface CreateDefaultVpcResult { - /** - *

      Information about the VPC.

      - */ - Vpc?: Vpc; -} - -export namespace CreateDefaultVpcResult { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateDefaultVpcResult): any => ({ - ...obj, - }); -} - -/** - *

      Describes a DHCP configuration option.

      - */ -export interface NewDhcpConfiguration { - /** - *

      The name of a DHCP option.

      - */ - Key?: string; - - /** - *

      One or more values for the DHCP option.

      - */ - Values?: string[]; -} - -export namespace NewDhcpConfiguration { - /** - * @internal - */ - export const filterSensitiveLog = (obj: NewDhcpConfiguration): any => ({ - ...obj, - }); -} - -export interface CreateDhcpOptionsRequest { - /** - *

      A DHCP configuration option.

      - */ - DhcpConfigurations: NewDhcpConfiguration[] | undefined; - - /** - *

      The tags to assign to the DHCP option.

      - */ - TagSpecifications?: TagSpecification[]; - - /** - *

      Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

      - */ - DryRun?: boolean; -} - -export namespace CreateDhcpOptionsRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateDhcpOptionsRequest): any => ({ - ...obj, - }); -} - -/** - *

      Describes a value for a resource attribute that is a String.

      - */ -export interface AttributeValue { - /** - *

      The attribute value. The value is case-sensitive.

      - */ - Value?: string; -} - -export namespace AttributeValue { - /** - * @internal - */ - export const filterSensitiveLog = (obj: AttributeValue): any => ({ - ...obj, - }); -} - -/** - *

      Describes a DHCP configuration option.

      - */ -export interface DhcpConfiguration { - /** - *

      The name of a DHCP option.

      - */ - Key?: string; - - /** - *

      One or more values for the DHCP option.

      - */ - Values?: AttributeValue[]; -} - -export namespace DhcpConfiguration { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DhcpConfiguration): any => ({ - ...obj, - }); -} - -/** - *

      Describes a set of DHCP options.

      - */ -export interface DhcpOptions { - /** - *

      One or more DHCP options in the set.

      - */ - DhcpConfigurations?: DhcpConfiguration[]; - - /** - *

      The ID of the set of DHCP options.

      - */ - DhcpOptionsId?: string; - - /** - *

      The ID of the Amazon Web Services account that owns the DHCP options set.

      - */ - OwnerId?: string; - - /** - *

      Any tags assigned to the DHCP options set.

      - */ - Tags?: Tag[]; -} - -export namespace DhcpOptions { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DhcpOptions): any => ({ - ...obj, - }); -} - -export interface CreateDhcpOptionsResult { - /** - *

      A set of DHCP options.

      - */ - DhcpOptions?: DhcpOptions; -} - -export namespace CreateDhcpOptionsResult { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateDhcpOptionsResult): any => ({ - ...obj, - }); -} - -export interface CreateEgressOnlyInternetGatewayRequest { - /** - *

      Unique, case-sensitive identifier that you provide to ensure the idempotency of the - * request. For more information, see How to ensure - * idempotency.

      - */ - ClientToken?: string; - - /** - *

      Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

      - */ - DryRun?: boolean; - - /** - *

      The ID of the VPC for which to create the egress-only internet gateway.

      - */ - VpcId: string | undefined; - - /** - *

      The tags to assign to the egress-only internet gateway.

      - */ - TagSpecifications?: TagSpecification[]; -} - -export namespace CreateEgressOnlyInternetGatewayRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateEgressOnlyInternetGatewayRequest): any => ({ - ...obj, - }); -} - -/** - *

      Describes the attachment of a VPC to an internet gateway or an egress-only internet - * gateway.

      - */ -export interface InternetGatewayAttachment { - /** - *

      The current state of the attachment. For an internet gateway, the state is - * available when attached to a VPC; otherwise, this value is not - * returned.

      - */ - State?: AttachmentStatus | string; - - /** - *

      The ID of the VPC.

      - */ - VpcId?: string; -} - -export namespace InternetGatewayAttachment { - /** - * @internal - */ - export const filterSensitiveLog = (obj: InternetGatewayAttachment): any => ({ - ...obj, - }); -} - -/** - *

      Describes an egress-only internet gateway.

      - */ -export interface EgressOnlyInternetGateway { - /** - *

      Information about the attachment of the egress-only internet gateway.

      - */ - Attachments?: InternetGatewayAttachment[]; - - /** - *

      The ID of the egress-only internet gateway.

      - */ - EgressOnlyInternetGatewayId?: string; - - /** - *

      The tags assigned to the egress-only internet gateway.

      - */ - Tags?: Tag[]; -} - -export namespace EgressOnlyInternetGateway { - /** - * @internal - */ - export const filterSensitiveLog = (obj: EgressOnlyInternetGateway): any => ({ - ...obj, - }); -} - -export interface CreateEgressOnlyInternetGatewayResult { - /** - *

      Unique, case-sensitive identifier that you provide to ensure the idempotency of the - * request.

      - */ - ClientToken?: string; - - /** - *

      Information about the egress-only internet gateway.

      - */ - EgressOnlyInternetGateway?: EgressOnlyInternetGateway; -} - -export namespace CreateEgressOnlyInternetGatewayResult { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateEgressOnlyInternetGatewayResult): any => ({ - ...obj, - }); -} - -export enum FleetExcessCapacityTerminationPolicy { - NO_TERMINATION = "no-termination", - TERMINATION = "termination", -} - -/** - *

      Describes the Amazon EC2 launch template and the launch template version that can be used by - * an EC2 Fleet to configure Amazon EC2 instances. For information about launch templates, see Launching - * an instance from a launch template in the - * Amazon EC2 User Guide.

      - */ -export interface FleetLaunchTemplateSpecificationRequest { - /** - *

      The ID of the launch template. If you specify the template ID, you can't specify the template name.

      - */ - LaunchTemplateId?: string; - - /** - *

      The name of the launch template. If you specify the template name, you can't specify the template ID.

      - */ - LaunchTemplateName?: string; - - /** - *

      The launch template version number, $Latest, or $Default. You must specify a value, otherwise the request fails.

      - *

      If the value is $Latest, Amazon EC2 uses the latest version of the launch template.

      - *

      If the value is $Default, Amazon EC2 uses the default version of the launch template.

      - */ - Version?: string; -} - -export namespace FleetLaunchTemplateSpecificationRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: FleetLaunchTemplateSpecificationRequest): any => ({ - ...obj, - }); +export enum FleetInstanceMatchCriteria { + open = "open", } export type _InstanceType = @@ -7086,6 +6005,1528 @@ export type _InstanceType = | "z1d.metal" | "z1d.xlarge"; +/** + *

      Information about an instance type to use in a Capacity Reservation Fleet.

      + */ +export interface ReservationFleetInstanceSpecification { + /** + *

      The instance type for which the Capacity Reservation Fleet reserves capacity.

      + */ + InstanceType?: _InstanceType | string; + + /** + *

      The type of operating system for which the Capacity Reservation Fleet reserves capacity.

      + */ + InstancePlatform?: CapacityReservationInstancePlatform | string; + + /** + *

      The number of capacity units provided by the specified instance type. This value, together with the + * total target capacity that you specify for the Fleet determine the number of instances for which the + * Fleet reserves capacity. Both values are based on units that make sense for your workload. For more + * information, see Total target capacity + * in the Amazon EC2 User Guide.

      + */ + Weight?: number; + + /** + *

      The Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity + * Reservation Fleet can't span Availability Zones. All instance type specifications that you specify + * for the Fleet must use the same Availability Zone.

      + */ + AvailabilityZone?: string; + + /** + *

      The ID of the Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A + * Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you + * specify for the Fleet must use the same Availability Zone.

      + */ + AvailabilityZoneId?: string; + + /** + *

      Indicates whether the Capacity Reservation Fleet supports EBS-optimized instances types. This + * optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack + * to provide optimal I/O performance. This optimization isn't available with all instance types. Additional + * usage charges apply when using EBS-optimized instance types.

      + */ + EbsOptimized?: boolean; + + /** + *

      The priority to assign to the instance type. This value is used to determine which of the instance types + * specified for the Fleet should be prioritized for use. A lower value indicates a high priority. For more + * information, see Instance type priority + * in the Amazon EC2 User Guide.

      + */ + Priority?: number; +} + +export namespace ReservationFleetInstanceSpecification { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ReservationFleetInstanceSpecification): any => ({ + ...obj, + }); +} + +export enum FleetCapacityReservationTenancy { + default = "default", +} + +export interface CreateCapacityReservationFleetRequest { + /** + *

      The strategy used by the Capacity Reservation Fleet to determine which of the + * specified instance types to use. Currently, only the prioritized + * allocation strategy is supported. For more information, see + * Allocation strategy in the Amazon EC2 User Guide.

      + *

      Valid values: prioritized + *

      + */ + AllocationStrategy?: string; + + /** + *

      Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see Ensure Idempotency.

      + */ + ClientToken?: string; + + /** + *

      Information about the instance types for which to reserve the capacity.

      + */ + InstanceTypeSpecifications: ReservationFleetInstanceSpecification[] | undefined; + + /** + *

      Indicates the tenancy of the Capacity Reservation Fleet. All Capacity Reservations + * in the Fleet inherit this tenancy. The Capacity Reservation Fleet can have one of + * the following tenancy settings:

      + *
        + *
      • + *

        + * default - The Capacity Reservation Fleet is created on hardware + * that is shared with other Amazon Web Services accounts.

        + *
        • + *
      • + *

        + * dedicated - The Capacity Reservations are created on single-tenant + * hardware that is dedicated to a single Amazon Web Services account.

        + *
        • + *
      + */ + Tenancy?: FleetCapacityReservationTenancy | string; + + /** + *

      The total number of capacity units to be reserved by the Capacity Reservation Fleet. This + * value, together with the instance type weights that you assign to each instance type used by + * the Fleet determine the number of instances for which the Fleet reserves capacity. Both values + * are based on units that make sense for your workload. For more information, see + * Total target capacity in the Amazon EC2 User Guide.

      + */ + TotalTargetCapacity: number | undefined; + + /** + *

      The date and time at which the Capacity Reservation Fleet expires. When the Capacity + * Reservation Fleet expires, its state changes to expired and all of the Capacity + * Reservations in the Fleet expire.

      + *

      The Capacity Reservation Fleet expires within an hour after the specified time. For example, + * if you specify 5/31/2019, 13:30:55, the Capacity Reservation Fleet + * is guaranteed to expire between 13:30:55 and 14:30:55 on + * 5/31/2019. + *

      + */ + EndDate?: Date; + + /** + *

      Indicates the type of instance launches that the Capacity Reservation Fleet accepts. All + * Capacity Reservations in the Fleet inherit this instance matching criteria.

      + *

      Currently, Capacity Reservation Fleets support open instance matching criteria + * only. This means that instances that have matching attributes (instance type, platform, and + * Availability Zone) run in the Capacity Reservations automatically. Instances do not need to + * explicitly target a Capacity Reservation Fleet to use its reserved capacity.

      + */ + InstanceMatchCriteria?: FleetInstanceMatchCriteria | string; + + /** + *

      The tags to assign to the Capacity Reservation Fleet. The tags are automatically assigned + * to the Capacity Reservations in the Fleet.

      + */ + TagSpecifications?: TagSpecification[]; + + /** + *

      Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

      + */ + DryRun?: boolean; +} + +export namespace CreateCapacityReservationFleetRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateCapacityReservationFleetRequest): any => ({ + ...obj, + }); +} + +/** + *

      Information about a Capacity Reservation in a Capacity Reservation Fleet.

      + */ +export interface FleetCapacityReservation { + /** + *

      The ID of the Capacity Reservation.

      + */ + CapacityReservationId?: string; + + /** + *

      The ID of the Availability Zone in which the Capacity Reservation reserves capacity.

      + */ + AvailabilityZoneId?: string; + + /** + *

      The instance type for which the Capacity Reservation reserves capacity.

      + */ + InstanceType?: _InstanceType | string; + + /** + *

      The type of operating system for which the Capacity Reservation reserves capacity.

      + */ + InstancePlatform?: CapacityReservationInstancePlatform | string; + + /** + *

      The Availability Zone in which the Capacity Reservation reserves capacity.

      + */ + AvailabilityZone?: string; + + /** + *

      The total number of instances for which the Capacity Reservation reserves capacity.

      + */ + TotalInstanceCount?: number; + + /** + *

      The number of capacity units fulfilled by the Capacity Reservation. For more information, see + * + * Total target capacity in the Amazon EC2 User Guide.

      + */ + FulfilledCapacity?: number; + + /** + *

      Indicates whether the Capacity Reservation reserves capacity for EBS-optimized instance types.

      + */ + EbsOptimized?: boolean; + + /** + *

      The date and time at which the Capacity Reservation was created.

      + */ + CreateDate?: Date; + + /** + *

      The weight of the instance type in the Capacity Reservation Fleet. For more information, + * see + * Instance type weight in the Amazon EC2 User Guide.

      + */ + Weight?: number; + + /** + *

      The priority of the instance type in the Capacity Reservation Fleet. For more information, + * see + * Instance type priority in the Amazon EC2 User Guide.

      + */ + Priority?: number; +} + +export namespace FleetCapacityReservation { + /** + * @internal + */ + export const filterSensitiveLog = (obj: FleetCapacityReservation): any => ({ + ...obj, + }); +} + +export interface CreateCapacityReservationFleetResult { + /** + *

      The ID of the Capacity Reservation Fleet.

      + */ + CapacityReservationFleetId?: string; + + /** + *

      The status of the Capacity Reservation Fleet.

      + */ + State?: CapacityReservationFleetState | string; + + /** + *

      The total number of capacity units for which the Capacity Reservation Fleet reserves capacity.

      + */ + TotalTargetCapacity?: number; + + /** + *

      The requested capacity units that have been successfully reserved.

      + */ + TotalFulfilledCapacity?: number; + + /** + *

      The instance matching criteria for the Capacity Reservation Fleet.

      + */ + InstanceMatchCriteria?: FleetInstanceMatchCriteria | string; + + /** + *

      The allocation strategy used by the Capacity Reservation Fleet.

      + */ + AllocationStrategy?: string; + + /** + *

      The date and time at which the Capacity Reservation Fleet was created.

      + */ + CreateTime?: Date; + + /** + *

      The date and time at which the Capacity Reservation Fleet expires.

      + */ + EndDate?: Date; + + /** + *

      Indicates the tenancy of Capacity Reservation Fleet.

      + */ + Tenancy?: FleetCapacityReservationTenancy | string; + + /** + *

      Information about the individual Capacity Reservations in the Capacity Reservation Fleet.

      + */ + FleetCapacityReservations?: FleetCapacityReservation[]; + + /** + *

      The tags assigned to the Capacity Reservation Fleet.

      + */ + Tags?: Tag[]; +} + +export namespace CreateCapacityReservationFleetResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateCapacityReservationFleetResult): any => ({ + ...obj, + }); +} + +export interface CreateCarrierGatewayRequest { + /** + *

      The ID of the VPC to associate with the carrier gateway.

      + */ + VpcId: string | undefined; + + /** + *

      The tags to associate with the carrier gateway.

      + */ + TagSpecifications?: TagSpecification[]; + + /** + *

      Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

      + */ + DryRun?: boolean; + + /** + *

      Unique, case-sensitive identifier that you provide to ensure the idempotency of the + * request. For more information, see How to ensure + * idempotency.

      + */ + ClientToken?: string; +} + +export namespace CreateCarrierGatewayRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateCarrierGatewayRequest): any => ({ + ...obj, + }); +} + +export type CarrierGatewayState = "available" | "deleted" | "deleting" | "pending"; + +/** + *

      Describes a carrier gateway.

      + */ +export interface CarrierGateway { + /** + *

      The ID of the carrier gateway.

      + */ + CarrierGatewayId?: string; + + /** + *

      The ID of the VPC associated with the carrier gateway.

      + */ + VpcId?: string; + + /** + *

      The state of the carrier gateway.

      + */ + State?: CarrierGatewayState | string; + + /** + *

      The Amazon Web Services account ID of the owner of the carrier gateway.

      + */ + OwnerId?: string; + + /** + *

      The tags assigned to the carrier gateway.

      + */ + Tags?: Tag[]; +} + +export namespace CarrierGateway { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CarrierGateway): any => ({ + ...obj, + }); +} + +export interface CreateCarrierGatewayResult { + /** + *

      Information about the carrier gateway.

      + */ + CarrierGateway?: CarrierGateway; +} + +export namespace CreateCarrierGatewayResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateCarrierGatewayResult): any => ({ + ...obj, + }); +} + +/** + *

      Describes the Active Directory to be used for client authentication.

      + */ +export interface DirectoryServiceAuthenticationRequest { + /** + *

      The ID of the Active Directory to be used for authentication.

      + */ + DirectoryId?: string; +} + +export namespace DirectoryServiceAuthenticationRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DirectoryServiceAuthenticationRequest): any => ({ + ...obj, + }); +} + +/** + *

      The IAM SAML identity provider used for federated authentication.

      + */ +export interface FederatedAuthenticationRequest { + /** + *

      The Amazon Resource Name (ARN) of the IAM SAML identity provider.

      + */ + SAMLProviderArn?: string; + + /** + *

      The Amazon Resource Name (ARN) of the IAM SAML identity provider for the self-service portal.

      + */ + SelfServiceSAMLProviderArn?: string; +} + +export namespace FederatedAuthenticationRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: FederatedAuthenticationRequest): any => ({ + ...obj, + }); +} + +/** + *

      Information about the client certificate to be used for authentication.

      + */ +export interface CertificateAuthenticationRequest { + /** + *

      The ARN of the client certificate. The certificate must be signed by a certificate + * authority (CA) and it must be provisioned in Certificate Manager (ACM).

      + */ + ClientRootCertificateChainArn?: string; +} + +export namespace CertificateAuthenticationRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CertificateAuthenticationRequest): any => ({ + ...obj, + }); +} + +export type ClientVpnAuthenticationType = + | "certificate-authentication" + | "directory-service-authentication" + | "federated-authentication"; + +/** + *

      Describes the authentication method to be used by a Client VPN endpoint. For more information, see Authentication + * in the Client VPN Administrator Guide.

      + */ +export interface ClientVpnAuthenticationRequest { + /** + *

      The type of client authentication to be used.

      + */ + Type?: ClientVpnAuthenticationType | string; + + /** + *

      Information about the Active Directory to be used, if applicable. You must provide this information if Type is directory-service-authentication.

      + */ + ActiveDirectory?: DirectoryServiceAuthenticationRequest; + + /** + *

      Information about the authentication certificates to be used, if applicable. You must provide this information if Type is certificate-authentication.

      + */ + MutualAuthentication?: CertificateAuthenticationRequest; + + /** + *

      Information about the IAM SAML identity provider to be used, if applicable. You must provide this information if Type is federated-authentication.

      + */ + FederatedAuthentication?: FederatedAuthenticationRequest; +} + +export namespace ClientVpnAuthenticationRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ClientVpnAuthenticationRequest): any => ({ + ...obj, + }); +} + +/** + *

      The options for managing connection authorization for new client connections.

      + */ +export interface ClientConnectOptions { + /** + *

      Indicates whether client connect options are enabled. The default is false (not enabled).

      + */ + Enabled?: boolean; + + /** + *

      The Amazon Resource Name (ARN) of the Lambda function used for connection authorization.

      + */ + LambdaFunctionArn?: string; +} + +export namespace ClientConnectOptions { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ClientConnectOptions): any => ({ + ...obj, + }); +} + +/** + *

      Describes the client connection logging options for the Client VPN endpoint.

      + */ +export interface ConnectionLogOptions { + /** + *

      Indicates whether connection logging is enabled.

      + */ + Enabled?: boolean; + + /** + *

      The name of the CloudWatch Logs log group. Required if connection logging is enabled.

      + */ + CloudwatchLogGroup?: string; + + /** + *

      The name of the CloudWatch Logs log stream to which the connection data is published.

      + */ + CloudwatchLogStream?: string; +} + +export namespace ConnectionLogOptions { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ConnectionLogOptions): any => ({ + ...obj, + }); +} + +export type SelfServicePortal = "disabled" | "enabled"; + +export type TransportProtocol = "tcp" | "udp"; + +export interface CreateClientVpnEndpointRequest { + /** + *

      The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. The CIDR block should be /22 or greater.

      + */ + ClientCidrBlock: string | undefined; + + /** + *

      The ARN of the server certificate. For more information, see + * the Certificate Manager User Guide.

      + */ + ServerCertificateArn: string | undefined; + + /** + *

      Information about the authentication method to be used to authenticate clients.

      + */ + AuthenticationOptions: ClientVpnAuthenticationRequest[] | undefined; + + /** + *

      Information about the client connection logging options.

      + *

      If you enable client connection logging, data about client connections is sent to a + * Cloudwatch Logs log stream. The following information is logged:

      + *
        + *
      • + *

        Client connection requests

        + *
        • + *
      • + *

        Client connection results (successful and unsuccessful)

        + *
        • + *
      • + *

        Reasons for unsuccessful client connection requests

        + *
        • + *
      • + *

        Client connection termination time

        + *
        • + *
      + */ + ConnectionLogOptions: ConnectionLogOptions | undefined; + + /** + *

      Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can + * have up to two DNS servers. If no DNS server is specified, the DNS address configured on the device is used for the DNS server.

      + */ + DnsServers?: string[]; + + /** + *

      The transport protocol to be used by the VPN session.

      + *

      Default value: udp + *

      + */ + TransportProtocol?: TransportProtocol | string; + + /** + *

      The port number to assign to the Client VPN endpoint for TCP and UDP traffic.

      + *

      Valid Values: 443 | 1194 + *

      + *

      Default Value: 443 + *

      + */ + VpnPort?: number; + + /** + *

      A brief description of the Client VPN endpoint.

      + */ + Description?: string; + + /** + *

      Indicates whether split-tunnel is enabled on the Client VPN endpoint.

      + *

      By default, split-tunnel on a VPN endpoint is disabled.

      + *

      For information about split-tunnel VPN endpoints, see Split-tunnel Client VPN endpoint in the + * Client VPN Administrator Guide.

      + */ + SplitTunnel?: boolean; + + /** + *

      Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

      + */ + DryRun?: boolean; + + /** + *

      Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to ensure idempotency.

      + */ + ClientToken?: string; + + /** + *

      The tags to apply to the Client VPN endpoint during creation.

      + */ + TagSpecifications?: TagSpecification[]; + + /** + *

      The IDs of one or more security groups to apply to the target network. You must also specify the ID of the VPC that contains the security groups.

      + */ + SecurityGroupIds?: string[]; + + /** + *

      The ID of the VPC to associate with the Client VPN endpoint. If no security group IDs are specified in the request, the default security group for the VPC is applied.

      + */ + VpcId?: string; + + /** + *

      Specify whether to enable the self-service portal for the Client VPN endpoint.

      + *

      Default Value: enabled + *

      + */ + SelfServicePortal?: SelfServicePortal | string; + + /** + *

      The options for managing connection authorization for new client connections.

      + */ + ClientConnectOptions?: ClientConnectOptions; +} + +export namespace CreateClientVpnEndpointRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateClientVpnEndpointRequest): any => ({ + ...obj, + }); +} + +export type ClientVpnEndpointStatusCode = "available" | "deleted" | "deleting" | "pending-associate"; + +/** + *

      Describes the state of a Client VPN endpoint.

      + */ +export interface ClientVpnEndpointStatus { + /** + *

      The state of the Client VPN endpoint. Possible states include:

      + *
        + *
      • + *

        + * pending-associate - The Client VPN endpoint has been created but no target networks + * have been associated. The Client VPN endpoint cannot accept connections.

        + *
        • + *
      • + *

        + * available - The Client VPN endpoint has been created and a target network has been + * associated. The Client VPN endpoint can accept connections.

        + *
        • + *
      • + *

        + * deleting - The Client VPN endpoint is being deleted. The Client VPN endpoint cannot accept + * connections.

        + *
        • + *
      • + *

        + * deleted - The Client VPN endpoint has been deleted. The Client VPN endpoint cannot accept + * connections.

        + *
        • + *
      + */ + Code?: ClientVpnEndpointStatusCode | string; + + /** + *

      A message about the status of the Client VPN endpoint.

      + */ + Message?: string; +} + +export namespace ClientVpnEndpointStatus { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ClientVpnEndpointStatus): any => ({ + ...obj, + }); +} + +export interface CreateClientVpnEndpointResult { + /** + *

      The ID of the Client VPN endpoint.

      + */ + ClientVpnEndpointId?: string; + + /** + *

      The current state of the Client VPN endpoint.

      + */ + Status?: ClientVpnEndpointStatus; + + /** + *

      The DNS name to be used by clients when establishing their VPN session.

      + */ + DnsName?: string; +} + +export namespace CreateClientVpnEndpointResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateClientVpnEndpointResult): any => ({ + ...obj, + }); +} + +export interface CreateClientVpnRouteRequest { + /** + *

      The ID of the Client VPN endpoint to which to add the route.

      + */ + ClientVpnEndpointId: string | undefined; + + /** + *

      The IPv4 address range, in CIDR notation, of the route destination. For example:

      + *
        + *
      • + *

        To add a route for Internet access, enter 0.0.0.0/0 + *

        + *
        • + *
      • + *

        To add a route for a peered VPC, enter the peered VPC's IPv4 CIDR range

        + *
        • + *
      • + *

        To add a route for an on-premises network, enter the Amazon Web Services Site-to-Site VPN connection's IPv4 CIDR range

        + *
        • + *
      • + *

        To add a route for the local network, enter the client CIDR range

        + *
        • + *
      + */ + DestinationCidrBlock: string | undefined; + + /** + *

      The ID of the subnet through which you want to route traffic. The specified subnet must be + * an existing target network of the Client VPN endpoint.

      + *

      Alternatively, if you're adding a route for the local network, specify local.

      + */ + TargetVpcSubnetId: string | undefined; + + /** + *

      A brief description of the route.

      + */ + Description?: string; + + /** + *

      Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to ensure idempotency.

      + */ + ClientToken?: string; + + /** + *

      Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

      + */ + DryRun?: boolean; +} + +export namespace CreateClientVpnRouteRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateClientVpnRouteRequest): any => ({ + ...obj, + }); +} + +export type ClientVpnRouteStatusCode = "active" | "creating" | "deleting" | "failed"; + +/** + *

      Describes the state of a Client VPN endpoint route.

      + */ +export interface ClientVpnRouteStatus { + /** + *

      The state of the Client VPN endpoint route.

      + */ + Code?: ClientVpnRouteStatusCode | string; + + /** + *

      A message about the status of the Client VPN endpoint route, if applicable.

      + */ + Message?: string; +} + +export namespace ClientVpnRouteStatus { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ClientVpnRouteStatus): any => ({ + ...obj, + }); +} + +export interface CreateClientVpnRouteResult { + /** + *

      The current state of the route.

      + */ + Status?: ClientVpnRouteStatus; +} + +export namespace CreateClientVpnRouteResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateClientVpnRouteResult): any => ({ + ...obj, + }); +} + +export type GatewayType = "ipsec.1"; + +/** + *

      Contains the parameters for CreateCustomerGateway.

      + */ +export interface CreateCustomerGatewayRequest { + /** + *

      For devices that support BGP, the customer gateway's BGP ASN.

      + *

      Default: 65000

      + */ + BgpAsn: number | undefined; + + /** + *

      The Internet-routable IP address for the customer gateway's outside interface. The + * address must be static.

      + */ + PublicIp?: string; + + /** + *

      The Amazon Resource Name (ARN) for the customer gateway certificate.

      + */ + CertificateArn?: string; + + /** + *

      The type of VPN connection that this customer gateway supports + * (ipsec.1).

      + */ + Type: GatewayType | string | undefined; + + /** + *

      The tags to apply to the customer gateway.

      + */ + TagSpecifications?: TagSpecification[]; + + /** + *

      A name for the customer gateway device.

      + *

      Length Constraints: Up to 255 characters.

      + */ + DeviceName?: string; + + /** + *

      Checks whether you have the required permissions for the action, without actually + * making the request, and provides an error response. If you have the required + * permissions, the error response is DryRunOperation. Otherwise, it is + * UnauthorizedOperation.

      + */ + DryRun?: boolean; +} + +export namespace CreateCustomerGatewayRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateCustomerGatewayRequest): any => ({ + ...obj, + }); +} + +/** + *

      Describes a customer gateway.

      + */ +export interface CustomerGateway { + /** + *

      The customer gateway's Border Gateway Protocol (BGP) Autonomous System Number + * (ASN).

      + */ + BgpAsn?: string; + + /** + *

      The ID of the customer gateway.

      + */ + CustomerGatewayId?: string; + + /** + *

      The Internet-routable IP address of the customer gateway's outside interface.

      + */ + IpAddress?: string; + + /** + *

      The Amazon Resource Name (ARN) for the customer gateway certificate.

      + */ + CertificateArn?: string; + + /** + *

      The current state of the customer gateway (pending | available | deleting | + * deleted).

      + */ + State?: string; + + /** + *

      The type of VPN connection the customer gateway supports + * (ipsec.1).

      + */ + Type?: string; + + /** + *

      The name of customer gateway device.

      + */ + DeviceName?: string; + + /** + *

      Any tags assigned to the customer gateway.

      + */ + Tags?: Tag[]; +} + +export namespace CustomerGateway { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CustomerGateway): any => ({ + ...obj, + }); +} + +/** + *

      Contains the output of CreateCustomerGateway.

      + */ +export interface CreateCustomerGatewayResult { + /** + *

      Information about the customer gateway.

      + */ + CustomerGateway?: CustomerGateway; +} + +export namespace CreateCustomerGatewayResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateCustomerGatewayResult): any => ({ + ...obj, + }); +} + +export interface CreateDefaultSubnetRequest { + /** + *

      The Availability Zone in which to create the default subnet.

      + */ + AvailabilityZone: string | undefined; + + /** + *

      Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

      + */ + DryRun?: boolean; +} + +export namespace CreateDefaultSubnetRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateDefaultSubnetRequest): any => ({ + ...obj, + }); +} + +export type SubnetState = "available" | "pending"; + +/** + *

      Describes a subnet.

      + */ +export interface Subnet { + /** + *

      The Availability Zone of the subnet.

      + */ + AvailabilityZone?: string; + + /** + *

      The AZ ID of the subnet.

      + */ + AvailabilityZoneId?: string; + + /** + *

      The number of unused private IPv4 addresses in the subnet. The IPv4 addresses for any + * stopped instances are considered unavailable.

      + */ + AvailableIpAddressCount?: number; + + /** + *

      The IPv4 CIDR block assigned to the subnet.

      + */ + CidrBlock?: string; + + /** + *

      Indicates whether this is the default subnet for the Availability Zone.

      + */ + DefaultForAz?: boolean; + + /** + *

      Indicates whether instances launched in this subnet receive a public IPv4 address.

      + */ + MapPublicIpOnLaunch?: boolean; + + /** + *

      Indicates whether a network interface created in this subnet (including a network + * interface created by RunInstances) receives a customer-owned IPv4 address.

      + */ + MapCustomerOwnedIpOnLaunch?: boolean; + + /** + *

      The customer-owned IPv4 address pool associated with the subnet.

      + */ + CustomerOwnedIpv4Pool?: string; + + /** + *

      The current state of the subnet.

      + */ + State?: SubnetState | string; + + /** + *

      The ID of the subnet.

      + */ + SubnetId?: string; + + /** + *

      The ID of the VPC the subnet is in.

      + */ + VpcId?: string; + + /** + *

      The ID of the Amazon Web Services account that owns the subnet.

      + */ + OwnerId?: string; + + /** + *

      Indicates whether a network interface created in this subnet (including a network + * interface created by RunInstances) receives an IPv6 address.

      + */ + AssignIpv6AddressOnCreation?: boolean; + + /** + *

      Information about the IPv6 CIDR blocks associated with the subnet.

      + */ + Ipv6CidrBlockAssociationSet?: SubnetIpv6CidrBlockAssociation[]; + + /** + *

      Any tags assigned to the subnet.

      + */ + Tags?: Tag[]; + + /** + *

      The Amazon Resource Name (ARN) of the subnet.

      + */ + SubnetArn?: string; + + /** + *

      The Amazon Resource Name (ARN) of the Outpost.

      + */ + OutpostArn?: string; +} + +export namespace Subnet { + /** + * @internal + */ + export const filterSensitiveLog = (obj: Subnet): any => ({ + ...obj, + }); +} + +export interface CreateDefaultSubnetResult { + /** + *

      Information about the subnet.

      + */ + Subnet?: Subnet; +} + +export namespace CreateDefaultSubnetResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateDefaultSubnetResult): any => ({ + ...obj, + }); +} + +export interface CreateDefaultVpcRequest { + /** + *

      Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

      + */ + DryRun?: boolean; +} + +export namespace CreateDefaultVpcRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateDefaultVpcRequest): any => ({ + ...obj, + }); +} + +export type Tenancy = "dedicated" | "default" | "host"; + +export type VpcState = "available" | "pending"; + +/** + *

      Describes a VPC.

      + */ +export interface Vpc { + /** + *

      The primary IPv4 CIDR block for the VPC.

      + */ + CidrBlock?: string; + + /** + *

      The ID of the set of DHCP options you've associated with the VPC.

      + */ + DhcpOptionsId?: string; + + /** + *

      The current state of the VPC.

      + */ + State?: VpcState | string; + + /** + *

      The ID of the VPC.

      + */ + VpcId?: string; + + /** + *

      The ID of the Amazon Web Services account that owns the VPC.

      + */ + OwnerId?: string; + + /** + *

      The allowed tenancy of instances launched into the VPC.

      + */ + InstanceTenancy?: Tenancy | string; + + /** + *

      Information about the IPv6 CIDR blocks associated with the VPC.

      + */ + Ipv6CidrBlockAssociationSet?: VpcIpv6CidrBlockAssociation[]; + + /** + *

      Information about the IPv4 CIDR blocks associated with the VPC.

      + */ + CidrBlockAssociationSet?: VpcCidrBlockAssociation[]; + + /** + *

      Indicates whether the VPC is the default VPC.

      + */ + IsDefault?: boolean; + + /** + *

      Any tags assigned to the VPC.

      + */ + Tags?: Tag[]; +} + +export namespace Vpc { + /** + * @internal + */ + export const filterSensitiveLog = (obj: Vpc): any => ({ + ...obj, + }); +} + +export interface CreateDefaultVpcResult { + /** + *

      Information about the VPC.

      + */ + Vpc?: Vpc; +} + +export namespace CreateDefaultVpcResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateDefaultVpcResult): any => ({ + ...obj, + }); +} + +/** + *

      Describes a DHCP configuration option.

      + */ +export interface NewDhcpConfiguration { + /** + *

      The name of a DHCP option.

      + */ + Key?: string; + + /** + *

      One or more values for the DHCP option.

      + */ + Values?: string[]; +} + +export namespace NewDhcpConfiguration { + /** + * @internal + */ + export const filterSensitiveLog = (obj: NewDhcpConfiguration): any => ({ + ...obj, + }); +} + +export interface CreateDhcpOptionsRequest { + /** + *

      A DHCP configuration option.

      + */ + DhcpConfigurations: NewDhcpConfiguration[] | undefined; + + /** + *

      The tags to assign to the DHCP option.

      + */ + TagSpecifications?: TagSpecification[]; + + /** + *

      Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

      + */ + DryRun?: boolean; +} + +export namespace CreateDhcpOptionsRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateDhcpOptionsRequest): any => ({ + ...obj, + }); +} + +/** + *

      Describes a value for a resource attribute that is a String.

      + */ +export interface AttributeValue { + /** + *

      The attribute value. The value is case-sensitive.

      + */ + Value?: string; +} + +export namespace AttributeValue { + /** + * @internal + */ + export const filterSensitiveLog = (obj: AttributeValue): any => ({ + ...obj, + }); +} + +/** + *

      Describes a DHCP configuration option.

      + */ +export interface DhcpConfiguration { + /** + *

      The name of a DHCP option.

      + */ + Key?: string; + + /** + *

      One or more values for the DHCP option.

      + */ + Values?: AttributeValue[]; +} + +export namespace DhcpConfiguration { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DhcpConfiguration): any => ({ + ...obj, + }); +} + +/** + *

      Describes a set of DHCP options.

      + */ +export interface DhcpOptions { + /** + *

      One or more DHCP options in the set.

      + */ + DhcpConfigurations?: DhcpConfiguration[]; + + /** + *

      The ID of the set of DHCP options.

      + */ + DhcpOptionsId?: string; + + /** + *

      The ID of the Amazon Web Services account that owns the DHCP options set.

      + */ + OwnerId?: string; + + /** + *

      Any tags assigned to the DHCP options set.

      + */ + Tags?: Tag[]; +} + +export namespace DhcpOptions { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DhcpOptions): any => ({ + ...obj, + }); +} + +export interface CreateDhcpOptionsResult { + /** + *

      A set of DHCP options.

      + */ + DhcpOptions?: DhcpOptions; +} + +export namespace CreateDhcpOptionsResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateDhcpOptionsResult): any => ({ + ...obj, + }); +} + +export interface CreateEgressOnlyInternetGatewayRequest { + /** + *

      Unique, case-sensitive identifier that you provide to ensure the idempotency of the + * request. For more information, see How to ensure + * idempotency.

      + */ + ClientToken?: string; + + /** + *

      Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

      + */ + DryRun?: boolean; + + /** + *

      The ID of the VPC for which to create the egress-only internet gateway.

      + */ + VpcId: string | undefined; + + /** + *

      The tags to assign to the egress-only internet gateway.

      + */ + TagSpecifications?: TagSpecification[]; +} + +export namespace CreateEgressOnlyInternetGatewayRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateEgressOnlyInternetGatewayRequest): any => ({ + ...obj, + }); +} + +/** + *

      Describes the attachment of a VPC to an internet gateway or an egress-only internet + * gateway.

      + */ +export interface InternetGatewayAttachment { + /** + *

      The current state of the attachment. For an internet gateway, the state is + * available when attached to a VPC; otherwise, this value is not + * returned.

      + */ + State?: AttachmentStatus | string; + + /** + *

      The ID of the VPC.

      + */ + VpcId?: string; +} + +export namespace InternetGatewayAttachment { + /** + * @internal + */ + export const filterSensitiveLog = (obj: InternetGatewayAttachment): any => ({ + ...obj, + }); +} + +/** + *

      Describes an egress-only internet gateway.

      + */ +export interface EgressOnlyInternetGateway { + /** + *

      Information about the attachment of the egress-only internet gateway.

      + */ + Attachments?: InternetGatewayAttachment[]; + + /** + *

      The ID of the egress-only internet gateway.

      + */ + EgressOnlyInternetGatewayId?: string; + + /** + *

      The tags assigned to the egress-only internet gateway.

      + */ + Tags?: Tag[]; +} + +export namespace EgressOnlyInternetGateway { + /** + * @internal + */ + export const filterSensitiveLog = (obj: EgressOnlyInternetGateway): any => ({ + ...obj, + }); +} + +export interface CreateEgressOnlyInternetGatewayResult { + /** + *

      Unique, case-sensitive identifier that you provide to ensure the idempotency of the + * request.

      + */ + ClientToken?: string; + + /** + *

      Information about the egress-only internet gateway.

      + */ + EgressOnlyInternetGateway?: EgressOnlyInternetGateway; +} + +export namespace CreateEgressOnlyInternetGatewayResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateEgressOnlyInternetGatewayResult): any => ({ + ...obj, + }); +} + +export enum FleetExcessCapacityTerminationPolicy { + NO_TERMINATION = "no-termination", + TERMINATION = "termination", +} + +/** + *

      Describes the Amazon EC2 launch template and the launch template version that can be used by + * an EC2 Fleet to configure Amazon EC2 instances. For information about launch templates, see Launching + * an instance from a launch template in the + * Amazon EC2 User Guide.

      + */ +export interface FleetLaunchTemplateSpecificationRequest { + /** + *

      The ID of the launch template. If you specify the template ID, you can't specify the template name.

      + */ + LaunchTemplateId?: string; + + /** + *

      The name of the launch template. If you specify the template name, you can't specify the template ID.

      + */ + LaunchTemplateName?: string; + + /** + *

      The launch template version number, $Latest, or $Default. You must specify a value, otherwise the request fails.

      + *

      If the value is $Latest, Amazon EC2 uses the latest version of the launch template.

      + *

      If the value is $Default, Amazon EC2 uses the default version of the launch template.

      + */ + Version?: string; +} + +export namespace FleetLaunchTemplateSpecificationRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: FleetLaunchTemplateSpecificationRequest): any => ({ + ...obj, + }); +} + /** *

      Describes the placement of an instance.

      */ @@ -8519,248 +8960,3 @@ export namespace CreateInstanceEventWindowRequest { ...obj, }); } - -export interface CreateInstanceEventWindowResult { - /** - *

      Information about the event window.

      - */ - InstanceEventWindow?: InstanceEventWindow; -} - -export namespace CreateInstanceEventWindowResult { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateInstanceEventWindowResult): any => ({ - ...obj, - }); -} - -export type ContainerFormat = "ova"; - -export type DiskImageFormat = "RAW" | "VHD" | "VMDK"; - -/** - *

      Describes an export instance task.

      - */ -export interface ExportToS3TaskSpecification { - /** - *

      The container format used to combine disk images with metadata (such as OVF). If absent, only the disk image is - * exported.

      - */ - ContainerFormat?: ContainerFormat | string; - - /** - *

      The format for the exported image.

      - */ - DiskImageFormat?: DiskImageFormat | string; - - /** - *

      The Amazon S3 bucket for the destination image. The destination bucket must exist and grant - * WRITE and READ_ACP permissions to the Amazon Web Services account vm-import-export@amazon.com.

      - */ - S3Bucket?: string; - - /** - *

      The image is written to a single object in the Amazon S3 bucket at the S3 key s3prefix + - * exportTaskId + '.' + diskImageFormat.

      - */ - S3Prefix?: string; -} - -export namespace ExportToS3TaskSpecification { - /** - * @internal - */ - export const filterSensitiveLog = (obj: ExportToS3TaskSpecification): any => ({ - ...obj, - }); -} - -export type ExportEnvironment = "citrix" | "microsoft" | "vmware"; - -export interface CreateInstanceExportTaskRequest { - /** - *

      A description for the conversion task or the resource being exported. The maximum length is 255 characters.

      - */ - Description?: string; - - /** - *

      The format and location for an export instance task.

      - */ - ExportToS3Task: ExportToS3TaskSpecification | undefined; - - /** - *

      The ID of the instance.

      - */ - InstanceId: string | undefined; - - /** - *

      The target virtualization environment.

      - */ - TargetEnvironment: ExportEnvironment | string | undefined; - - /** - *

      The tags to apply to the export instance task during creation.

      - */ - TagSpecifications?: TagSpecification[]; -} - -export namespace CreateInstanceExportTaskRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateInstanceExportTaskRequest): any => ({ - ...obj, - }); -} - -/** - *

      Describes the format and location for the export task.

      - */ -export interface ExportToS3Task { - /** - *

      The container format used to combine disk images with metadata (such as OVF). If absent, only the disk image is - * exported.

      - */ - ContainerFormat?: ContainerFormat | string; - - /** - *

      The format for the exported image.

      - */ - DiskImageFormat?: DiskImageFormat | string; - - /** - *

      The Amazon S3 bucket for the destination image. The destination bucket must exist and grant - * WRITE and READ_ACP permissions to the Amazon Web Services account vm-import-export@amazon.com.

      - */ - S3Bucket?: string; - - /** - *

      The encryption key for your S3 bucket.

      - */ - S3Key?: string; -} - -export namespace ExportToS3Task { - /** - * @internal - */ - export const filterSensitiveLog = (obj: ExportToS3Task): any => ({ - ...obj, - }); -} - -/** - *

      Describes an instance to export.

      - */ -export interface InstanceExportDetails { - /** - *

      The ID of the resource being exported.

      - */ - InstanceId?: string; - - /** - *

      The target virtualization environment.

      - */ - TargetEnvironment?: ExportEnvironment | string; -} - -export namespace InstanceExportDetails { - /** - * @internal - */ - export const filterSensitiveLog = (obj: InstanceExportDetails): any => ({ - ...obj, - }); -} - -export type ExportTaskState = "active" | "cancelled" | "cancelling" | "completed"; - -/** - *

      Describes an export instance task.

      - */ -export interface ExportTask { - /** - *

      A description of the resource being exported.

      - */ - Description?: string; - - /** - *

      The ID of the export task.

      - */ - ExportTaskId?: string; - - /** - *

      Information about the export task.

      - */ - ExportToS3Task?: ExportToS3Task; - - /** - *

      Information about the instance to export.

      - */ - InstanceExportDetails?: InstanceExportDetails; - - /** - *

      The state of the export task.

      - */ - State?: ExportTaskState | string; - - /** - *

      The status message related to the export task.

      - */ - StatusMessage?: string; - - /** - *

      The tags for the export task.

      - */ - Tags?: Tag[]; -} - -export namespace ExportTask { - /** - * @internal - */ - export const filterSensitiveLog = (obj: ExportTask): any => ({ - ...obj, - }); -} - -export interface CreateInstanceExportTaskResult { - /** - *

      Information about the export instance task.

      - */ - ExportTask?: ExportTask; -} - -export namespace CreateInstanceExportTaskResult { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateInstanceExportTaskResult): any => ({ - ...obj, - }); -} - -export interface CreateInternetGatewayRequest { - /** - *

      The tags to assign to the internet gateway.

      - */ - TagSpecifications?: TagSpecification[]; - - /** - *

      Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

      - */ - DryRun?: boolean; -} - -export namespace CreateInternetGatewayRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateInternetGatewayRequest): any => ({ - ...obj, - }); -} diff --git a/clients/client-ec2/src/models/models_1.ts b/clients/client-ec2/src/models/models_1.ts index 1e6996ce37fb..8c20cdb10718 100644 --- a/clients/client-ec2/src/models/models_1.ts +++ b/clients/client-ec2/src/models/models_1.ts @@ -7,7 +7,7 @@ import { AttachmentStatus, CurrencyCodeValues, DnsSupportValue, - GatewayType, + InstanceEventWindow, InternetGatewayAttachment, Ipv4PrefixSpecification, Ipv6SupportValue, @@ -25,10 +25,254 @@ import { VolumeAttachment, VolumeType, Vpc, - VpcAttachment, VpcPeeringConnection, } from "./models_0"; +export interface CreateInstanceEventWindowResult { + /** + *

      Information about the event window.

      + */ + InstanceEventWindow?: InstanceEventWindow; +} + +export namespace CreateInstanceEventWindowResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateInstanceEventWindowResult): any => ({ + ...obj, + }); +} + +export type ContainerFormat = "ova"; + +export type DiskImageFormat = "RAW" | "VHD" | "VMDK"; + +/** + *

      Describes an export instance task.

      + */ +export interface ExportToS3TaskSpecification { + /** + *

      The container format used to combine disk images with metadata (such as OVF). If absent, only the disk image is + * exported.

      + */ + ContainerFormat?: ContainerFormat | string; + + /** + *

      The format for the exported image.

      + */ + DiskImageFormat?: DiskImageFormat | string; + + /** + *

      The Amazon S3 bucket for the destination image. The destination bucket must exist and grant + * WRITE and READ_ACP permissions to the Amazon Web Services account vm-import-export@amazon.com.

      + */ + S3Bucket?: string; + + /** + *

      The image is written to a single object in the Amazon S3 bucket at the S3 key s3prefix + + * exportTaskId + '.' + diskImageFormat.

      + */ + S3Prefix?: string; +} + +export namespace ExportToS3TaskSpecification { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ExportToS3TaskSpecification): any => ({ + ...obj, + }); +} + +export type ExportEnvironment = "citrix" | "microsoft" | "vmware"; + +export interface CreateInstanceExportTaskRequest { + /** + *

      A description for the conversion task or the resource being exported. The maximum length is 255 characters.

      + */ + Description?: string; + + /** + *

      The format and location for an export instance task.

      + */ + ExportToS3Task: ExportToS3TaskSpecification | undefined; + + /** + *

      The ID of the instance.

      + */ + InstanceId: string | undefined; + + /** + *

      The target virtualization environment.

      + */ + TargetEnvironment: ExportEnvironment | string | undefined; + + /** + *

      The tags to apply to the export instance task during creation.

      + */ + TagSpecifications?: TagSpecification[]; +} + +export namespace CreateInstanceExportTaskRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateInstanceExportTaskRequest): any => ({ + ...obj, + }); +} + +/** + *

      Describes the format and location for the export task.

      + */ +export interface ExportToS3Task { + /** + *

      The container format used to combine disk images with metadata (such as OVF). If absent, only the disk image is + * exported.

      + */ + ContainerFormat?: ContainerFormat | string; + + /** + *

      The format for the exported image.

      + */ + DiskImageFormat?: DiskImageFormat | string; + + /** + *

      The Amazon S3 bucket for the destination image. The destination bucket must exist and grant + * WRITE and READ_ACP permissions to the Amazon Web Services account vm-import-export@amazon.com.

      + */ + S3Bucket?: string; + + /** + *

      The encryption key for your S3 bucket.

      + */ + S3Key?: string; +} + +export namespace ExportToS3Task { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ExportToS3Task): any => ({ + ...obj, + }); +} + +/** + *

      Describes an instance to export.

      + */ +export interface InstanceExportDetails { + /** + *

      The ID of the resource being exported.

      + */ + InstanceId?: string; + + /** + *

      The target virtualization environment.

      + */ + TargetEnvironment?: ExportEnvironment | string; +} + +export namespace InstanceExportDetails { + /** + * @internal + */ + export const filterSensitiveLog = (obj: InstanceExportDetails): any => ({ + ...obj, + }); +} + +export type ExportTaskState = "active" | "cancelled" | "cancelling" | "completed"; + +/** + *

      Describes an export instance task.

      + */ +export interface ExportTask { + /** + *

      A description of the resource being exported.

      + */ + Description?: string; + + /** + *

      The ID of the export task.

      + */ + ExportTaskId?: string; + + /** + *

      Information about the export task.

      + */ + ExportToS3Task?: ExportToS3Task; + + /** + *

      Information about the instance to export.

      + */ + InstanceExportDetails?: InstanceExportDetails; + + /** + *

      The state of the export task.

      + */ + State?: ExportTaskState | string; + + /** + *

      The status message related to the export task.

      + */ + StatusMessage?: string; + + /** + *

      The tags for the export task.

      + */ + Tags?: Tag[]; +} + +export namespace ExportTask { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ExportTask): any => ({ + ...obj, + }); +} + +export interface CreateInstanceExportTaskResult { + /** + *

      Information about the export instance task.

      + */ + ExportTask?: ExportTask; +} + +export namespace CreateInstanceExportTaskResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateInstanceExportTaskResult): any => ({ + ...obj, + }); +} + +export interface CreateInternetGatewayRequest { + /** + *

      The tags to assign to the internet gateway.

      + */ + TagSpecifications?: TagSpecification[]; + + /** + *

      Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

      + */ + DryRun?: boolean; +} + +export namespace CreateInternetGatewayRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateInternetGatewayRequest): any => ({ + ...obj, + }); +} + /** *

      Describes an internet gateway.

      */ @@ -9390,343 +9634,3 @@ export namespace VpnConnectionOptions { ...obj, }); } - -export type VpnStaticRouteSource = "Static"; - -export type VpnState = "available" | "deleted" | "deleting" | "pending"; - -/** - *

      Describes a static route for a VPN connection.

      - */ -export interface VpnStaticRoute { - /** - *

      The CIDR block associated with the local subnet of the customer data center.

      - */ - DestinationCidrBlock?: string; - - /** - *

      Indicates how the routes were provided.

      - */ - Source?: VpnStaticRouteSource | string; - - /** - *

      The current state of the static route.

      - */ - State?: VpnState | string; -} - -export namespace VpnStaticRoute { - /** - * @internal - */ - export const filterSensitiveLog = (obj: VpnStaticRoute): any => ({ - ...obj, - }); -} - -export type TelemetryStatus = "DOWN" | "UP"; - -/** - *

      Describes telemetry for a VPN tunnel.

      - */ -export interface VgwTelemetry { - /** - *

      The number of accepted routes.

      - */ - AcceptedRouteCount?: number; - - /** - *

      The date and time of the last change in status.

      - */ - LastStatusChange?: Date; - - /** - *

      The Internet-routable IP address of the virtual private gateway's outside - * interface.

      - */ - OutsideIpAddress?: string; - - /** - *

      The status of the VPN tunnel.

      - */ - Status?: TelemetryStatus | string; - - /** - *

      If an error occurs, a description of the error.

      - */ - StatusMessage?: string; - - /** - *

      The Amazon Resource Name (ARN) of the VPN tunnel endpoint certificate.

      - */ - CertificateArn?: string; -} - -export namespace VgwTelemetry { - /** - * @internal - */ - export const filterSensitiveLog = (obj: VgwTelemetry): any => ({ - ...obj, - }); -} - -/** - *

      Describes a VPN connection.

      - */ -export interface VpnConnection { - /** - *

      The configuration information for the VPN connection's customer gateway (in the native - * XML format). This element is always present in the CreateVpnConnection - * response; however, it's present in the DescribeVpnConnections response - * only if the VPN connection is in the pending or available - * state.

      - */ - CustomerGatewayConfiguration?: string; - - /** - *

      The ID of the customer gateway at your end of the VPN connection.

      - */ - CustomerGatewayId?: string; - - /** - *

      The category of the VPN connection. A value of VPN indicates an Amazon Web Services VPN connection. A value of VPN-Classic indicates an Amazon Web Services Classic VPN connection.

      - */ - Category?: string; - - /** - *

      The current state of the VPN connection.

      - */ - State?: VpnState | string; - - /** - *

      The type of VPN connection.

      - */ - Type?: GatewayType | string; - - /** - *

      The ID of the VPN connection.

      - */ - VpnConnectionId?: string; - - /** - *

      The ID of the virtual private gateway at the Amazon Web Services side of the VPN - * connection.

      - */ - VpnGatewayId?: string; - - /** - *

      The ID of the transit gateway associated with the VPN connection.

      - */ - TransitGatewayId?: string; - - /** - *

      The VPN connection options.

      - */ - Options?: VpnConnectionOptions; - - /** - *

      The static routes associated with the VPN connection.

      - */ - Routes?: VpnStaticRoute[]; - - /** - *

      Any tags assigned to the VPN connection.

      - */ - Tags?: Tag[]; - - /** - *

      Information about the VPN tunnel.

      - */ - VgwTelemetry?: VgwTelemetry[]; -} - -export namespace VpnConnection { - /** - * @internal - */ - export const filterSensitiveLog = (obj: VpnConnection): any => ({ - ...obj, - }); -} - -/** - *

      Contains the output of CreateVpnConnection.

      - */ -export interface CreateVpnConnectionResult { - /** - *

      Information about the VPN connection.

      - */ - VpnConnection?: VpnConnection; -} - -export namespace CreateVpnConnectionResult { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateVpnConnectionResult): any => ({ - ...obj, - }); -} - -/** - *

      Contains the parameters for CreateVpnConnectionRoute.

      - */ -export interface CreateVpnConnectionRouteRequest { - /** - *

      The CIDR block associated with the local subnet of the customer network.

      - */ - DestinationCidrBlock: string | undefined; - - /** - *

      The ID of the VPN connection.

      - */ - VpnConnectionId: string | undefined; -} - -export namespace CreateVpnConnectionRouteRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateVpnConnectionRouteRequest): any => ({ - ...obj, - }); -} - -/** - *

      Contains the parameters for CreateVpnGateway.

      - */ -export interface CreateVpnGatewayRequest { - /** - *

      The Availability Zone for the virtual private gateway.

      - */ - AvailabilityZone?: string; - - /** - *

      The type of VPN connection this virtual private gateway supports.

      - */ - Type: GatewayType | string | undefined; - - /** - *

      The tags to apply to the virtual private gateway.

      - */ - TagSpecifications?: TagSpecification[]; - - /** - *

      A private Autonomous System Number (ASN) for the Amazon side of a BGP session. If - * you're using a 16-bit ASN, it must be in the 64512 to 65534 range. If you're using a - * 32-bit ASN, it must be in the 4200000000 to 4294967294 range.

      - *

      Default: 64512

      - */ - AmazonSideAsn?: number; - - /** - *

      Checks whether you have the required permissions for the action, without actually - * making the request, and provides an error response. If you have the required - * permissions, the error response is DryRunOperation. Otherwise, it is - * UnauthorizedOperation.

      - */ - DryRun?: boolean; -} - -export namespace CreateVpnGatewayRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateVpnGatewayRequest): any => ({ - ...obj, - }); -} - -/** - *

      Describes a virtual private gateway.

      - */ -export interface VpnGateway { - /** - *

      The Availability Zone where the virtual private gateway was created, if applicable. - * This field may be empty or not returned.

      - */ - AvailabilityZone?: string; - - /** - *

      The current state of the virtual private gateway.

      - */ - State?: VpnState | string; - - /** - *

      The type of VPN connection the virtual private gateway supports.

      - */ - Type?: GatewayType | string; - - /** - *

      Any VPCs attached to the virtual private gateway.

      - */ - VpcAttachments?: VpcAttachment[]; - - /** - *

      The ID of the virtual private gateway.

      - */ - VpnGatewayId?: string; - - /** - *

      The private Autonomous System Number (ASN) for the Amazon side of a BGP - * session.

      - */ - AmazonSideAsn?: number; - - /** - *

      Any tags assigned to the virtual private gateway.

      - */ - Tags?: Tag[]; -} - -export namespace VpnGateway { - /** - * @internal - */ - export const filterSensitiveLog = (obj: VpnGateway): any => ({ - ...obj, - }); -} - -/** - *

      Contains the output of CreateVpnGateway.

      - */ -export interface CreateVpnGatewayResult { - /** - *

      Information about the virtual private gateway.

      - */ - VpnGateway?: VpnGateway; -} - -export namespace CreateVpnGatewayResult { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CreateVpnGatewayResult): any => ({ - ...obj, - }); -} - -export interface DeleteCarrierGatewayRequest { - /** - *

      The ID of the carrier gateway.

      - */ - CarrierGatewayId: string | undefined; - - /** - *

      Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

      - */ - DryRun?: boolean; -} - -export namespace DeleteCarrierGatewayRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DeleteCarrierGatewayRequest): any => ({ - ...obj, - }); -} diff --git a/clients/client-ec2/src/models/models_2.ts b/clients/client-ec2/src/models/models_2.ts index 35a5e5a38b99..e1e0cf61db59 100644 --- a/clients/client-ec2/src/models/models_2.ts +++ b/clients/client-ec2/src/models/models_2.ts @@ -9,13 +9,13 @@ import { AllocationState, AllowsMultipleInstanceTypes, AssociationStatus, - AttachmentStatus, AttributeValue, AutoPlacement, BlockDeviceMapping, BundleTask, ByoipCidr, CapacityReservation, + CapacityReservationFleetState, CarrierGateway, ClientVpnAuthenticationType, ClientVpnAuthorizationRuleStatus, @@ -25,16 +25,18 @@ import { CustomerGateway, DefaultTargetCapacityType, DhcpOptions, - DiskImageFormat, EgressOnlyInternetGateway, - ExportTask, + FleetCapacityReservation, + FleetCapacityReservationTenancy, FleetCapacityReservationUsageStrategy, FleetExcessCapacityTerminationPolicy, + FleetInstanceMatchCriteria, FleetLaunchTemplateOverrides, FleetLaunchTemplateSpecification, FleetOnDemandAllocationStrategy, FleetReplacementStrategy, FleetType, + GatewayType, HostRecovery, IamInstanceProfileAssociation, InstanceEventWindowState, @@ -45,13 +47,17 @@ import { SpotAllocationStrategy, SpotInstanceInterruptionBehavior, Tag, + TagSpecification, TrafficType, TransitGatewayPeeringAttachment, TransitGatewayVpcAttachment, TransportProtocol, UnsuccessfulItem, + VpcAttachment, } from "./models_0"; import { + DiskImageFormat, + ExportTask, GroupIdentifier, LaunchTemplate, LocalGatewayRoute, @@ -65,8 +71,349 @@ import { TransitGatewayPrefixListReference, TransitGatewayRoute, TransitGatewayRouteTable, + VpnConnectionOptions, } from "./models_1"; +export type VpnStaticRouteSource = "Static"; + +export type VpnState = "available" | "deleted" | "deleting" | "pending"; + +/** + *

      Describes a static route for a VPN connection.

      + */ +export interface VpnStaticRoute { + /** + *

      The CIDR block associated with the local subnet of the customer data center.

      + */ + DestinationCidrBlock?: string; + + /** + *

      Indicates how the routes were provided.

      + */ + Source?: VpnStaticRouteSource | string; + + /** + *

      The current state of the static route.

      + */ + State?: VpnState | string; +} + +export namespace VpnStaticRoute { + /** + * @internal + */ + export const filterSensitiveLog = (obj: VpnStaticRoute): any => ({ + ...obj, + }); +} + +export type TelemetryStatus = "DOWN" | "UP"; + +/** + *

      Describes telemetry for a VPN tunnel.

      + */ +export interface VgwTelemetry { + /** + *

      The number of accepted routes.

      + */ + AcceptedRouteCount?: number; + + /** + *

      The date and time of the last change in status.

      + */ + LastStatusChange?: Date; + + /** + *

      The Internet-routable IP address of the virtual private gateway's outside + * interface.

      + */ + OutsideIpAddress?: string; + + /** + *

      The status of the VPN tunnel.

      + */ + Status?: TelemetryStatus | string; + + /** + *

      If an error occurs, a description of the error.

      + */ + StatusMessage?: string; + + /** + *

      The Amazon Resource Name (ARN) of the VPN tunnel endpoint certificate.

      + */ + CertificateArn?: string; +} + +export namespace VgwTelemetry { + /** + * @internal + */ + export const filterSensitiveLog = (obj: VgwTelemetry): any => ({ + ...obj, + }); +} + +/** + *

      Describes a VPN connection.

      + */ +export interface VpnConnection { + /** + *

      The configuration information for the VPN connection's customer gateway (in the native + * XML format). This element is always present in the CreateVpnConnection + * response; however, it's present in the DescribeVpnConnections response + * only if the VPN connection is in the pending or available + * state.

      + */ + CustomerGatewayConfiguration?: string; + + /** + *

      The ID of the customer gateway at your end of the VPN connection.

      + */ + CustomerGatewayId?: string; + + /** + *

      The category of the VPN connection. A value of VPN indicates an Amazon Web Services VPN connection. A value of VPN-Classic indicates an Amazon Web Services Classic VPN connection.

      + */ + Category?: string; + + /** + *

      The current state of the VPN connection.

      + */ + State?: VpnState | string; + + /** + *

      The type of VPN connection.

      + */ + Type?: GatewayType | string; + + /** + *

      The ID of the VPN connection.

      + */ + VpnConnectionId?: string; + + /** + *

      The ID of the virtual private gateway at the Amazon Web Services side of the VPN + * connection.

      + */ + VpnGatewayId?: string; + + /** + *

      The ID of the transit gateway associated with the VPN connection.

      + */ + TransitGatewayId?: string; + + /** + *

      The VPN connection options.

      + */ + Options?: VpnConnectionOptions; + + /** + *

      The static routes associated with the VPN connection.

      + */ + Routes?: VpnStaticRoute[]; + + /** + *

      Any tags assigned to the VPN connection.

      + */ + Tags?: Tag[]; + + /** + *

      Information about the VPN tunnel.

      + */ + VgwTelemetry?: VgwTelemetry[]; +} + +export namespace VpnConnection { + /** + * @internal + */ + export const filterSensitiveLog = (obj: VpnConnection): any => ({ + ...obj, + }); +} + +/** + *

      Contains the output of CreateVpnConnection.

      + */ +export interface CreateVpnConnectionResult { + /** + *

      Information about the VPN connection.

      + */ + VpnConnection?: VpnConnection; +} + +export namespace CreateVpnConnectionResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateVpnConnectionResult): any => ({ + ...obj, + }); +} + +/** + *

      Contains the parameters for CreateVpnConnectionRoute.

      + */ +export interface CreateVpnConnectionRouteRequest { + /** + *

      The CIDR block associated with the local subnet of the customer network.

      + */ + DestinationCidrBlock: string | undefined; + + /** + *

      The ID of the VPN connection.

      + */ + VpnConnectionId: string | undefined; +} + +export namespace CreateVpnConnectionRouteRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateVpnConnectionRouteRequest): any => ({ + ...obj, + }); +} + +/** + *

      Contains the parameters for CreateVpnGateway.

      + */ +export interface CreateVpnGatewayRequest { + /** + *

      The Availability Zone for the virtual private gateway.

      + */ + AvailabilityZone?: string; + + /** + *

      The type of VPN connection this virtual private gateway supports.

      + */ + Type: GatewayType | string | undefined; + + /** + *

      The tags to apply to the virtual private gateway.

      + */ + TagSpecifications?: TagSpecification[]; + + /** + *

      A private Autonomous System Number (ASN) for the Amazon side of a BGP session. If + * you're using a 16-bit ASN, it must be in the 64512 to 65534 range. If you're using a + * 32-bit ASN, it must be in the 4200000000 to 4294967294 range.

      + *

      Default: 64512

      + */ + AmazonSideAsn?: number; + + /** + *

      Checks whether you have the required permissions for the action, without actually + * making the request, and provides an error response. If you have the required + * permissions, the error response is DryRunOperation. Otherwise, it is + * UnauthorizedOperation.

      + */ + DryRun?: boolean; +} + +export namespace CreateVpnGatewayRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateVpnGatewayRequest): any => ({ + ...obj, + }); +} + +/** + *

      Describes a virtual private gateway.

      + */ +export interface VpnGateway { + /** + *

      The Availability Zone where the virtual private gateway was created, if applicable. + * This field may be empty or not returned.

      + */ + AvailabilityZone?: string; + + /** + *

      The current state of the virtual private gateway.

      + */ + State?: VpnState | string; + + /** + *

      The type of VPN connection the virtual private gateway supports.

      + */ + Type?: GatewayType | string; + + /** + *

      Any VPCs attached to the virtual private gateway.

      + */ + VpcAttachments?: VpcAttachment[]; + + /** + *

      The ID of the virtual private gateway.

      + */ + VpnGatewayId?: string; + + /** + *

      The private Autonomous System Number (ASN) for the Amazon side of a BGP + * session.

      + */ + AmazonSideAsn?: number; + + /** + *

      Any tags assigned to the virtual private gateway.

      + */ + Tags?: Tag[]; +} + +export namespace VpnGateway { + /** + * @internal + */ + export const filterSensitiveLog = (obj: VpnGateway): any => ({ + ...obj, + }); +} + +/** + *

      Contains the output of CreateVpnGateway.

      + */ +export interface CreateVpnGatewayResult { + /** + *

      Information about the virtual private gateway.

      + */ + VpnGateway?: VpnGateway; +} + +export namespace CreateVpnGatewayResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateVpnGatewayResult): any => ({ + ...obj, + }); +} + +export interface DeleteCarrierGatewayRequest { + /** + *

      The ID of the carrier gateway.

      + */ + CarrierGatewayId: string | undefined; + + /** + *

      Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

      + */ + DryRun?: boolean; +} + +export namespace DeleteCarrierGatewayRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DeleteCarrierGatewayRequest): any => ({ + ...obj, + }); +} + export interface DeleteCarrierGatewayResult { /** *

      Information about the carrier gateway.

      @@ -3314,11 +3661,11 @@ export namespace DescribeByoipCidrsResult { }); } -export interface DescribeCapacityReservationsRequest { +export interface DescribeCapacityReservationFleetsRequest { /** - *

      The ID of the Capacity Reservation.

      + *

      The IDs of the Capacity Reservation Fleets to describe.

      */ - CapacityReservationIds?: string[]; + CapacityReservationFleetIds?: string[]; /** *

      The token to use to retrieve the next page of results.

      @@ -3332,23 +3679,249 @@ export interface DescribeCapacityReservationsRequest { /** *

      One or more filters.

      - *
        + *
          *
        • - *

          - * instance-type - The type of instance for which the Capacity Reservation reserves capacity.

          - *
          • + *

          + * state - The state of the Fleet (submitted | modifying | active | + * partially_fulfilled | expiring | expired | cancelling | + * cancelled | failed).

          + * *
        • - *

          - * owner-id - The ID of the Amazon Web Services account that owns the Capacity Reservation.

          - *
          • + *

          + * instance-match-criteria - The instance matching criteria for the Fleet. Only open is supported.

          + * *
        • - *

          - * availability-zone-id - The Availability Zone ID of the Capacity Reservation.

          - *
          • + *

          + * tenancy - The tenancy of the Fleet (default | dedicated).

          + * *
        • - *

          - * instance-platform - The type of operating system for which the Capacity Reservation reserves capacity.

          - *
          • + *

          + * allocation-strategy - The allocation strategy used by the Fleet. Only prioritized is supported.

          + * + *
        + */ + Filters?: Filter[]; + + /** + *

        Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

        + */ + DryRun?: boolean; +} + +export namespace DescribeCapacityReservationFleetsRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DescribeCapacityReservationFleetsRequest): any => ({ + ...obj, + }); +} + +/** + *

        Information about a Capacity Reservation Fleet.

        + */ +export interface CapacityReservationFleet { + /** + *

        The ID of the Capacity Reservation Fleet.

        + */ + CapacityReservationFleetId?: string; + + /** + *

        The ARN of the Capacity Reservation Fleet.

        + */ + CapacityReservationFleetArn?: string; + + /** + *

        The state of the Capacity Reservation Fleet. Possible states include:

        + *
          + *
        • + *

          + * submitted - The Capacity Reservation Fleet request has been submitted + * and Amazon Elastic Compute Cloud is preparing to create the Capacity Reservations.

          + *
          • + *
        • + *

          + * modifying - The Capacity Reservation Fleet is being modified. The Fleet + * remains in this state until the modification is complete.

          + *
          • + *
        • + *

          + * active - The Capacity Reservation Fleet has fulfilled its total target + * capacity and it is attempting to maintain this capacity. The Fleet remains in this + * state until it is modified or deleted.

          + *
          • + *
        • + *

          + * partially_fulfilled - The Capacity Reservation Fleet has partially + * fulfilled its total target capacity. There is insufficient Amazon EC2 to + * fulfill the total target capacity. The Fleet is attempting to asynchronously fulfill + * its total target capacity.

          + *
          • + *
        • + *

          + * expiring - The Capacity Reservation Fleet has reach its end date and it + * is in the process of expiring. One or more of its Capacity reservations might still + * be active.

          + *
          • + *
        • + *

          + * expired - The Capacity Reservation Fleet has reach its end date. The Fleet + * and its Capacity Reservations are expired. The Fleet can't create new Capacity + * Reservations.

          + *
          • + *
        • + *

          + * cancelling - The Capacity Reservation Fleet is in the process of being + * cancelled. One or more of its Capacity reservations might still be active.

          + *
          • + *
        • + *

          + * cancelled - The Capacity Reservation Fleet has been manually cancelled. + * The Fleet and its Capacity Reservations are cancelled and the Fleet can't create new + * Capacity Reservations.

          + *
          • + *
        • + *

          + * failed - The Capacity Reservation Fleet failed to reserve capacity for + * the specified instance types.

          + *
          • + *
        + */ + State?: CapacityReservationFleetState | string; + + /** + *

        The total number of capacity units for which the Capacity Reservation Fleet reserves capacity. + * For more information, see Total target capacity + * in the Amazon EC2 User Guide.

        + */ + TotalTargetCapacity?: number; + + /** + *

        The capacity units that have been fulfilled.

        + */ + TotalFulfilledCapacity?: number; + + /** + *

        The tenancy of the Capacity Reservation Fleet. Tenancies include:

        + *
          + *
        • + *

          + * default - The Capacity Reservation Fleet is created on hardware that is + * shared with other Amazon Web Services accounts.

          + *
          • + *
        • + *

          + * dedicated - The Capacity Reservation Fleet is created on single-tenant + * hardware that is dedicated to a single Amazon Web Services account.

          + *
          • + *
        + */ + Tenancy?: FleetCapacityReservationTenancy | string; + + /** + *

        The date and time at which the Capacity Reservation Fleet expires.

        + */ + EndDate?: Date; + + /** + *

        The date and time at which the Capacity Reservation Fleet was created.

        + */ + CreateTime?: Date; + + /** + *

        Indicates the type of instance launches that the Capacity Reservation Fleet accepts. All + * Capacity Reservations in the Fleet inherit this instance matching criteria.

        + *

        Currently, Capacity Reservation Fleets support open instance matching criteria + * only. This means that instances that have matching attributes (instance type, platform, and + * Availability Zone) run in the Capacity Reservations automatically. Instances do not need to + * explicitly target a Capacity Reservation Fleet to use its reserved capacity.

        + */ + InstanceMatchCriteria?: FleetInstanceMatchCriteria | string; + + /** + *

        The strategy used by the Capacity Reservation Fleet to determine which of the specified + * instance types to use. For more information, see For more information, see + * + * Allocation strategy in the Amazon EC2 User Guide.

        + */ + AllocationStrategy?: string; + + /** + *

        Information about the instance types for which to reserve the capacity.

        + */ + InstanceTypeSpecifications?: FleetCapacityReservation[]; + + /** + *

        The tags assigned to the Capacity Reservation Fleet.

        + */ + Tags?: Tag[]; +} + +export namespace CapacityReservationFleet { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CapacityReservationFleet): any => ({ + ...obj, + }); +} + +export interface DescribeCapacityReservationFleetsResult { + /** + *

        Information about the Capacity Reservation Fleets.

        + */ + CapacityReservationFleets?: CapacityReservationFleet[]; + + /** + *

        The token to use to retrieve the next page of results. This value is null when there are no more results to return.

        + */ + NextToken?: string; +} + +export namespace DescribeCapacityReservationFleetsResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DescribeCapacityReservationFleetsResult): any => ({ + ...obj, + }); +} + +export interface DescribeCapacityReservationsRequest { + /** + *

        The ID of the Capacity Reservation.

        + */ + CapacityReservationIds?: string[]; + + /** + *

        The token to use to retrieve the next page of results.

        + */ + NextToken?: string; + + /** + *

        The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned nextToken value. This value can be between 5 and 500. If maxResults is given a larger value than 500, you receive an error.

        + */ + MaxResults?: number; + + /** + *

        One or more filters.

        + *
          + *
        • + *

          + * instance-type - The type of instance for which the Capacity Reservation reserves capacity.

          + *
          • + *
        • + *

          + * owner-id - The ID of the Amazon Web Services account that owns the Capacity Reservation.

          + *
          • + *
        • + *

          + * availability-zone-id - The Availability Zone ID of the Capacity Reservation.

          + *
          • + *
        • + *

          + * instance-platform - The type of operating system for which the Capacity Reservation reserves capacity.

          + *
          • *
        • *

          * availability-zone - The Availability Zone ID of the Capacity Reservation.

          @@ -9000,535 +9573,3 @@ export namespace ImportImageTask { ...obj, }); } - -export interface DescribeImportImageTasksResult { - /** - *

          A list of zero or more import image tasks that are currently active or were completed or canceled in the - * previous 7 days.

          - */ - ImportImageTasks?: ImportImageTask[]; - - /** - *

          The token to use to get the next page of results. This value is null when there are no more results - * to return.

          - */ - NextToken?: string; -} - -export namespace DescribeImportImageTasksResult { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DescribeImportImageTasksResult): any => ({ - ...obj, - }); -} - -export interface DescribeImportSnapshotTasksRequest { - /** - *

          Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

          - */ - DryRun?: boolean; - - /** - *

          The filters.

          - */ - Filters?: Filter[]; - - /** - *

          A list of import snapshot task IDs.

          - */ - ImportTaskIds?: string[]; - - /** - *

          The maximum number of results to return in a single call. To retrieve the remaining results, make another call - * with the returned NextToken value.

          - */ - MaxResults?: number; - - /** - *

          A token that indicates the next page of results.

          - */ - NextToken?: string; -} - -export namespace DescribeImportSnapshotTasksRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DescribeImportSnapshotTasksRequest): any => ({ - ...obj, - }); -} - -/** - *

          Details about the import snapshot task.

          - */ -export interface SnapshotTaskDetail { - /** - *

          The description of the snapshot.

          - */ - Description?: string; - - /** - *

          The size of the disk in the snapshot, in GiB.

          - */ - DiskImageSize?: number; - - /** - *

          Indicates whether the snapshot is encrypted.

          - */ - Encrypted?: boolean; - - /** - *

          The format of the disk image from which the snapshot is created.

          - */ - Format?: string; - - /** - *

          The identifier for the KMS key that was used to create the encrypted snapshot.

          - */ - KmsKeyId?: string; - - /** - *

          The percentage of completion for the import snapshot task.

          - */ - Progress?: string; - - /** - *

          The snapshot ID of the disk being imported.

          - */ - SnapshotId?: string; - - /** - *

          A brief status for the import snapshot task.

          - */ - Status?: string; - - /** - *

          A detailed status message for the import snapshot task.

          - */ - StatusMessage?: string; - - /** - *

          The URL of the disk image from which the snapshot is created.

          - */ - Url?: string; - - /** - *

          The Amazon S3 bucket for the disk image.

          - */ - UserBucket?: UserBucketDetails; -} - -export namespace SnapshotTaskDetail { - /** - * @internal - */ - export const filterSensitiveLog = (obj: SnapshotTaskDetail): any => ({ - ...obj, - }); -} - -/** - *

          Describes an import snapshot task.

          - */ -export interface ImportSnapshotTask { - /** - *

          A description of the import snapshot task.

          - */ - Description?: string; - - /** - *

          The ID of the import snapshot task.

          - */ - ImportTaskId?: string; - - /** - *

          Describes an import snapshot task.

          - */ - SnapshotTaskDetail?: SnapshotTaskDetail; - - /** - *

          The tags for the import snapshot task.

          - */ - Tags?: Tag[]; -} - -export namespace ImportSnapshotTask { - /** - * @internal - */ - export const filterSensitiveLog = (obj: ImportSnapshotTask): any => ({ - ...obj, - }); -} - -export interface DescribeImportSnapshotTasksResult { - /** - *

          A list of zero or more import snapshot tasks that are currently active or were completed or canceled in the - * previous 7 days.

          - */ - ImportSnapshotTasks?: ImportSnapshotTask[]; - - /** - *

          The token to use to get the next page of results. This value is null when there are no more results - * to return.

          - */ - NextToken?: string; -} - -export namespace DescribeImportSnapshotTasksResult { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DescribeImportSnapshotTasksResult): any => ({ - ...obj, - }); -} - -export type InstanceAttributeName = - | "blockDeviceMapping" - | "disableApiTermination" - | "ebsOptimized" - | "enaSupport" - | "enclaveOptions" - | "groupSet" - | "instanceInitiatedShutdownBehavior" - | "instanceType" - | "kernel" - | "productCodes" - | "ramdisk" - | "rootDeviceName" - | "sourceDestCheck" - | "sriovNetSupport" - | "userData"; - -export interface DescribeInstanceAttributeRequest { - /** - *

          The instance attribute.

          - *

          Note: The enaSupport attribute is not supported at this time.

          - */ - Attribute: InstanceAttributeName | string | undefined; - - /** - *

          Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

          - */ - DryRun?: boolean; - - /** - *

          The ID of the instance.

          - */ - InstanceId: string | undefined; -} - -export namespace DescribeInstanceAttributeRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DescribeInstanceAttributeRequest): any => ({ - ...obj, - }); -} - -/** - *

          Describes a parameter used to set up an EBS volume in a block device mapping.

          - */ -export interface EbsInstanceBlockDevice { - /** - *

          The time stamp when the attachment initiated.

          - */ - AttachTime?: Date; - - /** - *

          Indicates whether the volume is deleted on instance termination.

          - */ - DeleteOnTermination?: boolean; - - /** - *

          The attachment state.

          - */ - Status?: AttachmentStatus | string; - - /** - *

          The ID of the EBS volume.

          - */ - VolumeId?: string; -} - -export namespace EbsInstanceBlockDevice { - /** - * @internal - */ - export const filterSensitiveLog = (obj: EbsInstanceBlockDevice): any => ({ - ...obj, - }); -} - -/** - *

          Describes a block device mapping.

          - */ -export interface InstanceBlockDeviceMapping { - /** - *

          The device name (for example, /dev/sdh or xvdh).

          - */ - DeviceName?: string; - - /** - *

          Parameters used to automatically set up EBS volumes when the instance is - * launched.

          - */ - Ebs?: EbsInstanceBlockDevice; -} - -export namespace InstanceBlockDeviceMapping { - /** - * @internal - */ - export const filterSensitiveLog = (obj: InstanceBlockDeviceMapping): any => ({ - ...obj, - }); -} - -/** - *

          Describes a value for a resource attribute that is a Boolean value.

          - */ -export interface AttributeBooleanValue { - /** - *

          The attribute value. The valid values are true or false.

          - */ - Value?: boolean; -} - -export namespace AttributeBooleanValue { - /** - * @internal - */ - export const filterSensitiveLog = (obj: AttributeBooleanValue): any => ({ - ...obj, - }); -} - -/** - *

          Indicates whether the instance is enabled for Amazon Web Services Nitro Enclaves.

          - */ -export interface EnclaveOptions { - /** - *

          If this parameter is set to true, the instance is enabled for Amazon Web Services Nitro Enclaves; - * otherwise, it is not enabled for Amazon Web Services Nitro Enclaves.

          - */ - Enabled?: boolean; -} - -export namespace EnclaveOptions { - /** - * @internal - */ - export const filterSensitiveLog = (obj: EnclaveOptions): any => ({ - ...obj, - }); -} - -/** - *

          Describes an instance attribute.

          - */ -export interface InstanceAttribute { - /** - *

          The security groups associated with the instance.

          - */ - Groups?: GroupIdentifier[]; - - /** - *

          The block device mapping of the instance.

          - */ - BlockDeviceMappings?: InstanceBlockDeviceMapping[]; - - /** - *

          If the value is true, you can't terminate the instance through the Amazon - * EC2 console, CLI, or API; otherwise, you can.

          - */ - DisableApiTermination?: AttributeBooleanValue; - - /** - *

          Indicates whether enhanced networking with ENA is enabled.

          - */ - EnaSupport?: AttributeBooleanValue; - - /** - *

          To enable the instance for Amazon Web Services Nitro Enclaves, set this parameter to true; otherwise, - * set it to false.

          - */ - EnclaveOptions?: EnclaveOptions; - - /** - *

          Indicates whether the instance is optimized for Amazon EBS I/O.

          - */ - EbsOptimized?: AttributeBooleanValue; - - /** - *

          The ID of the instance.

          - */ - InstanceId?: string; - - /** - *

          Indicates whether an instance stops or terminates when you initiate shutdown from the - * instance (using the operating system command for system shutdown).

          - */ - InstanceInitiatedShutdownBehavior?: AttributeValue; - - /** - *

          The instance type.

          - */ - InstanceType?: AttributeValue; - - /** - *

          The kernel ID.

          - */ - KernelId?: AttributeValue; - - /** - *

          A list of product codes.

          - */ - ProductCodes?: ProductCode[]; - - /** - *

          The RAM disk ID.

          - */ - RamdiskId?: AttributeValue; - - /** - *

          The device name of the root device volume (for example, - * /dev/sda1).

          - */ - RootDeviceName?: AttributeValue; - - /** - *

          Enable or disable source/destination checks, which ensure that the instance - * is either the source or the destination of any traffic that it receives. - * If the value is true, source/destination checks are enabled; - * otherwise, they are disabled. The default value is true. - * You must disable source/destination checks if the instance runs services - * such as network address translation, routing, or firewalls.

          - */ - SourceDestCheck?: AttributeBooleanValue; - - /** - *

          Indicates whether enhanced networking with the Intel 82599 Virtual Function interface - * is enabled.

          - */ - SriovNetSupport?: AttributeValue; - - /** - *

          The user data.

          - */ - UserData?: AttributeValue; -} - -export namespace InstanceAttribute { - /** - * @internal - */ - export const filterSensitiveLog = (obj: InstanceAttribute): any => ({ - ...obj, - }); -} - -export interface DescribeInstanceCreditSpecificationsRequest { - /** - *

          Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

          - */ - DryRun?: boolean; - - /** - *

          The filters.

          - *
            - *
          • - *

            - * instance-id - The ID of the instance.

            - *
            • - *
          - */ - Filters?: Filter[]; - - /** - *

          The instance IDs.

          - *

          Default: Describes all your instances.

          - *

          Constraints: Maximum 1000 explicitly specified instance IDs.

          - */ - InstanceIds?: string[]; - - /** - *

          The maximum number of results to return in a single call. To retrieve the remaining - * results, make another call with the returned NextToken value. This value - * can be between 5 and 1000. You cannot specify this parameter and the instance IDs - * parameter in the same call.

          - */ - MaxResults?: number; - - /** - *

          The token to retrieve the next page of results.

          - */ - NextToken?: string; -} - -export namespace DescribeInstanceCreditSpecificationsRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DescribeInstanceCreditSpecificationsRequest): any => ({ - ...obj, - }); -} - -/** - *

          Describes the credit option for CPU usage of a burstable performance instance.

          - */ -export interface InstanceCreditSpecification { - /** - *

          The ID of the instance.

          - */ - InstanceId?: string; - - /** - *

          The credit option for CPU usage of the instance. Valid values are - * standard and unlimited.

          - */ - CpuCredits?: string; -} - -export namespace InstanceCreditSpecification { - /** - * @internal - */ - export const filterSensitiveLog = (obj: InstanceCreditSpecification): any => ({ - ...obj, - }); -} - -export interface DescribeInstanceCreditSpecificationsResult { - /** - *

          Information about the credit option for CPU usage of an instance.

          - */ - InstanceCreditSpecifications?: InstanceCreditSpecification[]; - - /** - *

          The token to use to retrieve the next page of results. This value is null - * when there are no more results to return.

          - */ - NextToken?: string; -} - -export namespace DescribeInstanceCreditSpecificationsResult { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DescribeInstanceCreditSpecificationsResult): any => ({ - ...obj, - }); -} diff --git a/clients/client-ec2/src/models/models_3.ts b/clients/client-ec2/src/models/models_3.ts index e08ee76543a9..c2c248c451c6 100644 --- a/clients/client-ec2/src/models/models_3.ts +++ b/clients/client-ec2/src/models/models_3.ts @@ -31,7 +31,6 @@ import { TransitGatewayVpcAttachment, TrunkInterfaceAssociation, UserIdGroupPair, - VolumeType, } from "./models_0"; import { CapacityReservationPreference, @@ -71,64 +70,236 @@ import { TransitGatewayConnectPeer, TransitGatewayMulticastDomain, TransitGatewayRouteTable, - Volume, } from "./models_1"; import { ArchitectureValues, - AttributeBooleanValue, BootModeValues, DeviceType, - EnclaveOptions, EventInformation, Filter, HypervisorType, IdFormat, - InstanceBlockDeviceMapping, + ImportImageTask, InstanceTagNotificationAttribute, PermissionGroup, ProductCode, StateReason, + UserBucketDetails, VirtualizationType, } from "./models_2"; -export interface DescribeInstanceEventNotificationAttributesRequest { +export interface DescribeImportImageTasksResult { + /** + *

          A list of zero or more import image tasks that are currently active or were completed or canceled in the + * previous 7 days.

          + */ + ImportImageTasks?: ImportImageTask[]; + + /** + *

          The token to use to get the next page of results. This value is null when there are no more results + * to return.

          + */ + NextToken?: string; +} + +export namespace DescribeImportImageTasksResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DescribeImportImageTasksResult): any => ({ + ...obj, + }); +} + +export interface DescribeImportSnapshotTasksRequest { /** *

          Checks whether you have the required permissions for the action, without actually making the request, * and provides an error response. If you have the required permissions, the error response is DryRunOperation. * Otherwise, it is UnauthorizedOperation.

          */ DryRun?: boolean; + + /** + *

          The filters.

          + */ + Filters?: Filter[]; + + /** + *

          A list of import snapshot task IDs.

          + */ + ImportTaskIds?: string[]; + + /** + *

          The maximum number of results to return in a single call. To retrieve the remaining results, make another call + * with the returned NextToken value.

          + */ + MaxResults?: number; + + /** + *

          A token that indicates the next page of results.

          + */ + NextToken?: string; } -export namespace DescribeInstanceEventNotificationAttributesRequest { +export namespace DescribeImportSnapshotTasksRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeInstanceEventNotificationAttributesRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeImportSnapshotTasksRequest): any => ({ ...obj, }); } -export interface DescribeInstanceEventNotificationAttributesResult { +/** + *

          Details about the import snapshot task.

          + */ +export interface SnapshotTaskDetail { /** - *

          Information about the registered tag keys.

          + *

          The description of the snapshot.

          */ - InstanceTagAttribute?: InstanceTagNotificationAttribute; + Description?: string; + + /** + *

          The size of the disk in the snapshot, in GiB.

          + */ + DiskImageSize?: number; + + /** + *

          Indicates whether the snapshot is encrypted.

          + */ + Encrypted?: boolean; + + /** + *

          The format of the disk image from which the snapshot is created.

          + */ + Format?: string; + + /** + *

          The identifier for the KMS key that was used to create the encrypted snapshot.

          + */ + KmsKeyId?: string; + + /** + *

          The percentage of completion for the import snapshot task.

          + */ + Progress?: string; + + /** + *

          The snapshot ID of the disk being imported.

          + */ + SnapshotId?: string; + + /** + *

          A brief status for the import snapshot task.

          + */ + Status?: string; + + /** + *

          A detailed status message for the import snapshot task.

          + */ + StatusMessage?: string; + + /** + *

          The URL of the disk image from which the snapshot is created.

          + */ + Url?: string; + + /** + *

          The Amazon S3 bucket for the disk image.

          + */ + UserBucket?: UserBucketDetails; } -export namespace DescribeInstanceEventNotificationAttributesResult { +export namespace SnapshotTaskDetail { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeInstanceEventNotificationAttributesResult): any => ({ + export const filterSensitiveLog = (obj: SnapshotTaskDetail): any => ({ ...obj, }); } /** - * Describe instance event windows by InstanceEventWindow. + *

          Describes an import snapshot task.

          */ -export interface DescribeInstanceEventWindowsRequest { +export interface ImportSnapshotTask { + /** + *

          A description of the import snapshot task.

          + */ + Description?: string; + + /** + *

          The ID of the import snapshot task.

          + */ + ImportTaskId?: string; + + /** + *

          Describes an import snapshot task.

          + */ + SnapshotTaskDetail?: SnapshotTaskDetail; + + /** + *

          The tags for the import snapshot task.

          + */ + Tags?: Tag[]; +} + +export namespace ImportSnapshotTask { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ImportSnapshotTask): any => ({ + ...obj, + }); +} + +export interface DescribeImportSnapshotTasksResult { + /** + *

          A list of zero or more import snapshot tasks that are currently active or were completed or canceled in the + * previous 7 days.

          + */ + ImportSnapshotTasks?: ImportSnapshotTask[]; + + /** + *

          The token to use to get the next page of results. This value is null when there are no more results + * to return.

          + */ + NextToken?: string; +} + +export namespace DescribeImportSnapshotTasksResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DescribeImportSnapshotTasksResult): any => ({ + ...obj, + }); +} + +export type InstanceAttributeName = + | "blockDeviceMapping" + | "disableApiTermination" + | "ebsOptimized" + | "enaSupport" + | "enclaveOptions" + | "groupSet" + | "instanceInitiatedShutdownBehavior" + | "instanceType" + | "kernel" + | "productCodes" + | "ramdisk" + | "rootDeviceName" + | "sourceDestCheck" + | "sriovNetSupport" + | "userData"; + +export interface DescribeInstanceAttributeRequest { + /** + *

          The instance attribute.

          + *

          Note: The enaSupport attribute is not supported at this time.

          + */ + Attribute: InstanceAttributeName | string | undefined; + /** *

          Checks whether you have the required permissions for the action, without actually making the request, * and provides an error response. If you have the required permissions, the error response is DryRunOperation. @@ -137,154 +308,512 @@ export interface DescribeInstanceEventWindowsRequest { DryRun?: boolean; /** - *

          The IDs of the event windows.

          + *

          The ID of the instance.

          */ - InstanceEventWindowIds?: string[]; + InstanceId: string | undefined; +} +export namespace DescribeInstanceAttributeRequest { /** - *

          One or more filters.

          - *
            - *
          • - *

            - * dedicated-host-id - The event windows associated with the specified - * Dedicated Host ID.

            - *
            • - *
          • - *

            - * event-window-name - The event windows associated with the specified - * names.

            - *
            • - *
          • - *

            - * instance-id - The event windows associated with the specified instance - * ID.

            - *
            • - *
          • - *

            - * instance-tag - The event windows associated with the specified tag and - * value.

            - *
            • - *
          • - *

            - * instance-tag-key - The event windows associated with the specified tag - * key, regardless of the value.

            - *
            • - *
          • - *

            - * instance-tag-value - The event windows associated with the specified tag - * value, regardless of the key.

            - *
            • - *
          • - *

            - * tag: - The key/value combination of a tag assigned to the - * event window. Use the tag key in the filter name and the tag value as the filter - * value. For example, to find all resources that have a tag with the key - * Owner and the value CMX, specify tag:Owner - * for the filter name and CMX for the filter value.

            - *
            • - *
          • - *

            - * tag-key - The key of a tag assigned to the event window. Use this filter - * to find all event windows that have a tag with a specific key, regardless of the tag - * value.

            - *
            • - *
          • - *

            - * tag-value - The value of a tag assigned to the event window. Use this - * filter to find all event windows that have a tag with a specific value, regardless of - * the tag key.

            - *
            • - *
          + * @internal */ - Filters?: Filter[]; + export const filterSensitiveLog = (obj: DescribeInstanceAttributeRequest): any => ({ + ...obj, + }); +} +/** + *

          Describes a parameter used to set up an EBS volume in a block device mapping.

          + */ +export interface EbsInstanceBlockDevice { /** - *

          The maximum number of results to return in a single call. To retrieve the remaining - * results, make another call with the returned NextToken value. This value can - * be between 20 and 500. You cannot specify this parameter and the event window IDs parameter - * in the same call.

          + *

          The time stamp when the attachment initiated.

          */ - MaxResults?: number; + AttachTime?: Date; /** - *

          The token to request the next page of results.

          + *

          Indicates whether the volume is deleted on instance termination.

          */ - NextToken?: string; + DeleteOnTermination?: boolean; + + /** + *

          The attachment state.

          + */ + Status?: AttachmentStatus | string; + + /** + *

          The ID of the EBS volume.

          + */ + VolumeId?: string; } -export namespace DescribeInstanceEventWindowsRequest { +export namespace EbsInstanceBlockDevice { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeInstanceEventWindowsRequest): any => ({ + export const filterSensitiveLog = (obj: EbsInstanceBlockDevice): any => ({ ...obj, }); } -export interface DescribeInstanceEventWindowsResult { +/** + *

          Describes a block device mapping.

          + */ +export interface InstanceBlockDeviceMapping { /** - *

          Information about the event windows.

          + *

          The device name (for example, /dev/sdh or xvdh).

          */ - InstanceEventWindows?: InstanceEventWindow[]; + DeviceName?: string; /** - *

          The token to use to retrieve the next page of results. This value is null when there are no more results to return.

          + *

          Parameters used to automatically set up EBS volumes when the instance is + * launched.

          */ - NextToken?: string; + Ebs?: EbsInstanceBlockDevice; } -export namespace DescribeInstanceEventWindowsResult { +export namespace InstanceBlockDeviceMapping { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeInstanceEventWindowsResult): any => ({ + export const filterSensitiveLog = (obj: InstanceBlockDeviceMapping): any => ({ ...obj, }); } -export interface DescribeInstancesRequest { +/** + *

          Describes a value for a resource attribute that is a Boolean value.

          + */ +export interface AttributeBooleanValue { /** - *

          The filters.

          - *
            - *
          • - *

            - * affinity - The affinity setting for an instance running on a - * Dedicated Host (default | host).

            - *
            • - *
          • - *

            - * architecture - The instance architecture (i386 | - * x86_64 | arm64).

            - *
            • - *
          • - *

            - * availability-zone - The Availability Zone of the instance.

            - *
            • - *
          • - *

            - * block-device-mapping.attach-time - The attach time for an EBS - * volume mapped to the instance, for example, - * 2010-09-15T17:15:20.000Z.

            - *
            • - *
          • - *

            - * block-device-mapping.delete-on-termination - A Boolean that - * indicates whether the EBS volume is deleted on instance termination.

            - *
            • - *
          • - *

            - * block-device-mapping.device-name - The device name specified in the - * block device mapping (for example, /dev/sdh or - * xvdh).

            - *
            • - *
          • - *

            - * block-device-mapping.status - The status for the EBS volume - * (attaching | attached | detaching | - * detached).

            - *
            • - *
          • - *

            + *

            The attribute value. The valid values are true or false.

            + */ + Value?: boolean; +} + +export namespace AttributeBooleanValue { + /** + * @internal + */ + export const filterSensitiveLog = (obj: AttributeBooleanValue): any => ({ + ...obj, + }); +} + +/** + *

            Indicates whether the instance is enabled for Amazon Web Services Nitro Enclaves.

            + */ +export interface EnclaveOptions { + /** + *

            If this parameter is set to true, the instance is enabled for Amazon Web Services Nitro Enclaves; + * otherwise, it is not enabled for Amazon Web Services Nitro Enclaves.

            + */ + Enabled?: boolean; +} + +export namespace EnclaveOptions { + /** + * @internal + */ + export const filterSensitiveLog = (obj: EnclaveOptions): any => ({ + ...obj, + }); +} + +/** + *

            Describes an instance attribute.

            + */ +export interface InstanceAttribute { + /** + *

            The security groups associated with the instance.

            + */ + Groups?: GroupIdentifier[]; + + /** + *

            The block device mapping of the instance.

            + */ + BlockDeviceMappings?: InstanceBlockDeviceMapping[]; + + /** + *

            If the value is true, you can't terminate the instance through the Amazon + * EC2 console, CLI, or API; otherwise, you can.

            + */ + DisableApiTermination?: AttributeBooleanValue; + + /** + *

            Indicates whether enhanced networking with ENA is enabled.

            + */ + EnaSupport?: AttributeBooleanValue; + + /** + *

            To enable the instance for Amazon Web Services Nitro Enclaves, set this parameter to true; otherwise, + * set it to false.

            + */ + EnclaveOptions?: EnclaveOptions; + + /** + *

            Indicates whether the instance is optimized for Amazon EBS I/O.

            + */ + EbsOptimized?: AttributeBooleanValue; + + /** + *

            The ID of the instance.

            + */ + InstanceId?: string; + + /** + *

            Indicates whether an instance stops or terminates when you initiate shutdown from the + * instance (using the operating system command for system shutdown).

            + */ + InstanceInitiatedShutdownBehavior?: AttributeValue; + + /** + *

            The instance type.

            + */ + InstanceType?: AttributeValue; + + /** + *

            The kernel ID.

            + */ + KernelId?: AttributeValue; + + /** + *

            A list of product codes.

            + */ + ProductCodes?: ProductCode[]; + + /** + *

            The RAM disk ID.

            + */ + RamdiskId?: AttributeValue; + + /** + *

            The device name of the root device volume (for example, + * /dev/sda1).

            + */ + RootDeviceName?: AttributeValue; + + /** + *

            Enable or disable source/destination checks, which ensure that the instance + * is either the source or the destination of any traffic that it receives. + * If the value is true, source/destination checks are enabled; + * otherwise, they are disabled. The default value is true. + * You must disable source/destination checks if the instance runs services + * such as network address translation, routing, or firewalls.

            + */ + SourceDestCheck?: AttributeBooleanValue; + + /** + *

            Indicates whether enhanced networking with the Intel 82599 Virtual Function interface + * is enabled.

            + */ + SriovNetSupport?: AttributeValue; + + /** + *

            The user data.

            + */ + UserData?: AttributeValue; +} + +export namespace InstanceAttribute { + /** + * @internal + */ + export const filterSensitiveLog = (obj: InstanceAttribute): any => ({ + ...obj, + }); +} + +export interface DescribeInstanceCreditSpecificationsRequest { + /** + *

            Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

            + */ + DryRun?: boolean; + + /** + *

            The filters.

            + *
              + *
            • + *

              + * instance-id - The ID of the instance.

              + *
              • + *
            + */ + Filters?: Filter[]; + + /** + *

            The instance IDs.

            + *

            Default: Describes all your instances.

            + *

            Constraints: Maximum 1000 explicitly specified instance IDs.

            + */ + InstanceIds?: string[]; + + /** + *

            The maximum number of results to return in a single call. To retrieve the remaining + * results, make another call with the returned NextToken value. This value + * can be between 5 and 1000. You cannot specify this parameter and the instance IDs + * parameter in the same call.

            + */ + MaxResults?: number; + + /** + *

            The token to retrieve the next page of results.

            + */ + NextToken?: string; +} + +export namespace DescribeInstanceCreditSpecificationsRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DescribeInstanceCreditSpecificationsRequest): any => ({ + ...obj, + }); +} + +/** + *

            Describes the credit option for CPU usage of a burstable performance instance.

            + */ +export interface InstanceCreditSpecification { + /** + *

            The ID of the instance.

            + */ + InstanceId?: string; + + /** + *

            The credit option for CPU usage of the instance. Valid values are + * standard and unlimited.

            + */ + CpuCredits?: string; +} + +export namespace InstanceCreditSpecification { + /** + * @internal + */ + export const filterSensitiveLog = (obj: InstanceCreditSpecification): any => ({ + ...obj, + }); +} + +export interface DescribeInstanceCreditSpecificationsResult { + /** + *

            Information about the credit option for CPU usage of an instance.

            + */ + InstanceCreditSpecifications?: InstanceCreditSpecification[]; + + /** + *

            The token to use to retrieve the next page of results. This value is null + * when there are no more results to return.

            + */ + NextToken?: string; +} + +export namespace DescribeInstanceCreditSpecificationsResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DescribeInstanceCreditSpecificationsResult): any => ({ + ...obj, + }); +} + +export interface DescribeInstanceEventNotificationAttributesRequest { + /** + *

            Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

            + */ + DryRun?: boolean; +} + +export namespace DescribeInstanceEventNotificationAttributesRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DescribeInstanceEventNotificationAttributesRequest): any => ({ + ...obj, + }); +} + +export interface DescribeInstanceEventNotificationAttributesResult { + /** + *

            Information about the registered tag keys.

            + */ + InstanceTagAttribute?: InstanceTagNotificationAttribute; +} + +export namespace DescribeInstanceEventNotificationAttributesResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DescribeInstanceEventNotificationAttributesResult): any => ({ + ...obj, + }); +} + +/** + * Describe instance event windows by InstanceEventWindow. + */ +export interface DescribeInstanceEventWindowsRequest { + /** + *

            Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

            + */ + DryRun?: boolean; + + /** + *

            The IDs of the event windows.

            + */ + InstanceEventWindowIds?: string[]; + + /** + *

            One or more filters.

            + *
              + *
            • + *

              + * dedicated-host-id - The event windows associated with the specified + * Dedicated Host ID.

              + *
              • + *
            • + *

              + * event-window-name - The event windows associated with the specified + * names.

              + *
              • + *
            • + *

              + * instance-id - The event windows associated with the specified instance + * ID.

              + *
              • + *
            • + *

              + * instance-tag - The event windows associated with the specified tag and + * value.

              + *
              • + *
            • + *

              + * instance-tag-key - The event windows associated with the specified tag + * key, regardless of the value.

              + *
              • + *
            • + *

              + * instance-tag-value - The event windows associated with the specified tag + * value, regardless of the key.

              + *
              • + *
            • + *

              + * tag: - The key/value combination of a tag assigned to the + * event window. Use the tag key in the filter name and the tag value as the filter + * value. For example, to find all resources that have a tag with the key + * Owner and the value CMX, specify tag:Owner + * for the filter name and CMX for the filter value.

              + *
              • + *
            • + *

              + * tag-key - The key of a tag assigned to the event window. Use this filter + * to find all event windows that have a tag with a specific key, regardless of the tag + * value.

              + *
              • + *
            • + *

              + * tag-value - The value of a tag assigned to the event window. Use this + * filter to find all event windows that have a tag with a specific value, regardless of + * the tag key.

              + *
              • + *
            + */ + Filters?: Filter[]; + + /** + *

            The maximum number of results to return in a single call. To retrieve the remaining + * results, make another call with the returned NextToken value. This value can + * be between 20 and 500. You cannot specify this parameter and the event window IDs parameter + * in the same call.

            + */ + MaxResults?: number; + + /** + *

            The token to request the next page of results.

            + */ + NextToken?: string; +} + +export namespace DescribeInstanceEventWindowsRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DescribeInstanceEventWindowsRequest): any => ({ + ...obj, + }); +} + +export interface DescribeInstanceEventWindowsResult { + /** + *

            Information about the event windows.

            + */ + InstanceEventWindows?: InstanceEventWindow[]; + + /** + *

            The token to use to retrieve the next page of results. This value is null when there are no more results to return.

            + */ + NextToken?: string; +} + +export namespace DescribeInstanceEventWindowsResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DescribeInstanceEventWindowsResult): any => ({ + ...obj, + }); +} + +export interface DescribeInstancesRequest { + /** + *

            The filters.

            + *
              + *
            • + *

              + * affinity - The affinity setting for an instance running on a + * Dedicated Host (default | host).

              + *
              • + *
            • + *

              + * architecture - The instance architecture (i386 | + * x86_64 | arm64).

              + *
              • + *
            • + *

              + * availability-zone - The Availability Zone of the instance.

              + *
              • + *
            • + *

              + * block-device-mapping.attach-time - The attach time for an EBS + * volume mapped to the instance, for example, + * 2010-09-15T17:15:20.000Z.

              + *
              • + *
            • + *

              + * block-device-mapping.delete-on-termination - A Boolean that + * indicates whether the EBS volume is deleted on instance termination.

              + *
              • + *
            • + *

              + * block-device-mapping.device-name - The device name specified in the + * block device mapping (for example, /dev/sdh or + * xvdh).

              + *
              • + *
            • + *

              + * block-device-mapping.status - The status for the EBS volume + * (attaching | attached | detaching | + * detached).

              + *
              • + *
            • + *

              * block-device-mapping.volume-id - The volume ID of the EBS * volume.

              *
              • @@ -2345,1393 +2874,900 @@ export interface DescribeInstanceTypesRequest { * *
            • *

              - * vcpu-info.default-threads-per-core - The default number of threads per core for the instance - * type.

              - *
              • - *
            • - *

              - * vcpu-info.default-vcpus - The default number of vCPUs for the instance type.

              - *
              • - *
            • - *

              - * vcpu-info.valid-cores - The number of cores that can be configured for the instance type.

              - *
              • - *
            • - *

              - * vcpu-info.valid-threads-per-core - The number of threads per core that can be configured for the instance type. - * For example, "1" or "1,2".

              - *
              • - *
            - */ - Filters?: Filter[]; - - /** - *

            The maximum number of results to return for the request in a single page. The remaining results - * can be seen by sending another request with the next token value.

            - */ - MaxResults?: number; - - /** - *

            The token to retrieve the next page of results.

            - */ - NextToken?: string; -} - -export namespace DescribeInstanceTypesRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DescribeInstanceTypesRequest): any => ({ - ...obj, - }); -} - -/** - *

            Describes the optimized EBS performance for supported instance types.

            - */ -export interface EbsOptimizedInfo { - /** - *

            The baseline bandwidth performance for an EBS-optimized instance type, in Mbps.

            - */ - BaselineBandwidthInMbps?: number; - - /** - *

            The baseline throughput performance for an EBS-optimized instance type, in MB/s.

            - */ - BaselineThroughputInMBps?: number; - - /** - *

            The baseline input/output storage operations per seconds for an EBS-optimized instance type.

            - */ - BaselineIops?: number; - - /** - *

            The maximum bandwidth performance for an EBS-optimized instance type, in Mbps.

            - */ - MaximumBandwidthInMbps?: number; - - /** - *

            The maximum throughput performance for an EBS-optimized instance type, in MB/s.

            - */ - MaximumThroughputInMBps?: number; - - /** - *

            The maximum input/output storage operations per second for an EBS-optimized instance type.

            - */ - MaximumIops?: number; -} - -export namespace EbsOptimizedInfo { - /** - * @internal - */ - export const filterSensitiveLog = (obj: EbsOptimizedInfo): any => ({ - ...obj, - }); -} - -export type EbsOptimizedSupport = "default" | "supported" | "unsupported"; - -export type EbsEncryptionSupport = "supported" | "unsupported"; - -export enum EbsNvmeSupport { - REQUIRED = "required", - SUPPORTED = "supported", - UNSUPPORTED = "unsupported", -} - -/** - *

            Describes the Amazon EBS features supported by the instance type.

            - */ -export interface EbsInfo { - /** - *

            Indicates whether the instance type is Amazon EBS-optimized. For more information, see Amazon EBS-optimized - * instances in Amazon EC2 User Guide.

            - */ - EbsOptimizedSupport?: EbsOptimizedSupport | string; - - /** - *

            Indicates whether Amazon EBS encryption is supported.

            - */ - EncryptionSupport?: EbsEncryptionSupport | string; - - /** - *

            Describes the optimized EBS performance for the instance type.

            - */ - EbsOptimizedInfo?: EbsOptimizedInfo; - - /** - *

            Indicates whether non-volatile memory express (NVMe) is supported.

            - */ - NvmeSupport?: EbsNvmeSupport | string; -} - -export namespace EbsInfo { - /** - * @internal - */ - export const filterSensitiveLog = (obj: EbsInfo): any => ({ - ...obj, - }); -} - -/** - *

            Describes the memory for the FPGA accelerator for the instance type.

            - */ -export interface FpgaDeviceMemoryInfo { - /** - *

            The size of the memory available to the FPGA accelerator, in MiB.

            - */ - SizeInMiB?: number; -} - -export namespace FpgaDeviceMemoryInfo { - /** - * @internal - */ - export const filterSensitiveLog = (obj: FpgaDeviceMemoryInfo): any => ({ - ...obj, - }); -} - -/** - *

            Describes the FPGA accelerator for the instance type.

            - */ -export interface FpgaDeviceInfo { - /** - *

            The name of the FPGA accelerator.

            - */ - Name?: string; - - /** - *

            The manufacturer of the FPGA accelerator.

            - */ - Manufacturer?: string; - - /** - *

            The count of FPGA accelerators for the instance type.

            - */ - Count?: number; - - /** - *

            Describes the memory for the FPGA accelerator for the instance type.

            - */ - MemoryInfo?: FpgaDeviceMemoryInfo; -} - -export namespace FpgaDeviceInfo { - /** - * @internal - */ - export const filterSensitiveLog = (obj: FpgaDeviceInfo): any => ({ - ...obj, - }); -} - -/** - *

            Describes the FPGAs for the instance type.

            - */ -export interface FpgaInfo { - /** - *

            Describes the FPGAs for the instance type.

            - */ - Fpgas?: FpgaDeviceInfo[]; - - /** - *

            The total memory of all FPGA accelerators for the instance type.

            - */ - TotalFpgaMemoryInMiB?: number; -} - -export namespace FpgaInfo { - /** - * @internal - */ - export const filterSensitiveLog = (obj: FpgaInfo): any => ({ - ...obj, - }); -} - -/** - *

            Describes the memory available to the GPU accelerator.

            - */ -export interface GpuDeviceMemoryInfo { - /** - *

            The size of the memory available to the GPU accelerator, in MiB.

            - */ - SizeInMiB?: number; -} - -export namespace GpuDeviceMemoryInfo { - /** - * @internal - */ - export const filterSensitiveLog = (obj: GpuDeviceMemoryInfo): any => ({ - ...obj, - }); -} - -/** - *

            Describes the GPU accelerators for the instance type.

            - */ -export interface GpuDeviceInfo { - /** - *

            The name of the GPU accelerator.

            - */ - Name?: string; - - /** - *

            The manufacturer of the GPU accelerator.

            + * vcpu-info.default-threads-per-core - The default number of threads per core for the instance + * type.

            + *
            • + *
          • + *

            + * vcpu-info.default-vcpus - The default number of vCPUs for the instance type.

            + *
            • + *
          • + *

            + * vcpu-info.valid-cores - The number of cores that can be configured for the instance type.

            + *
            • + *
          • + *

            + * vcpu-info.valid-threads-per-core - The number of threads per core that can be configured for the instance type. + * For example, "1" or "1,2".

            + *
            • + *
          */ - Manufacturer?: string; + Filters?: Filter[]; /** - *

          The number of GPUs for the instance type.

          + *

          The maximum number of results to return for the request in a single page. The remaining results + * can be seen by sending another request with the next token value.

          */ - Count?: number; + MaxResults?: number; /** - *

          Describes the memory available to the GPU accelerator.

          + *

          The token to retrieve the next page of results.

          */ - MemoryInfo?: GpuDeviceMemoryInfo; + NextToken?: string; } -export namespace GpuDeviceInfo { +export namespace DescribeInstanceTypesRequest { /** * @internal */ - export const filterSensitiveLog = (obj: GpuDeviceInfo): any => ({ + export const filterSensitiveLog = (obj: DescribeInstanceTypesRequest): any => ({ ...obj, }); } /** - *

          Describes the GPU accelerators for the instance type.

          + *

          Describes the optimized EBS performance for supported instance types.

          */ -export interface GpuInfo { - /** - *

          Describes the GPU accelerators for the instance type.

          - */ - Gpus?: GpuDeviceInfo[]; - - /** - *

          The total size of the memory for the GPU accelerators for the instance type, in MiB.

          - */ - TotalGpuMemoryInMiB?: number; -} - -export namespace GpuInfo { +export interface EbsOptimizedInfo { /** - * @internal + *

          The baseline bandwidth performance for an EBS-optimized instance type, in Mbps.

          */ - export const filterSensitiveLog = (obj: GpuInfo): any => ({ - ...obj, - }); -} - -export enum InstanceTypeHypervisor { - NITRO = "nitro", - XEN = "xen", -} + BaselineBandwidthInMbps?: number; -/** - *

          Describes the Inference accelerators for the instance type.

          - */ -export interface InferenceDeviceInfo { /** - *

          The number of Inference accelerators for the instance type.

          + *

          The baseline throughput performance for an EBS-optimized instance type, in MB/s.

          */ - Count?: number; + BaselineThroughputInMBps?: number; /** - *

          The name of the Inference accelerator.

          + *

          The baseline input/output storage operations per seconds for an EBS-optimized instance type.

          */ - Name?: string; + BaselineIops?: number; /** - *

          The manufacturer of the Inference accelerator.

          + *

          The maximum bandwidth performance for an EBS-optimized instance type, in Mbps.

          */ - Manufacturer?: string; -} + MaximumBandwidthInMbps?: number; -export namespace InferenceDeviceInfo { /** - * @internal + *

          The maximum throughput performance for an EBS-optimized instance type, in MB/s.

          */ - export const filterSensitiveLog = (obj: InferenceDeviceInfo): any => ({ - ...obj, - }); -} + MaximumThroughputInMBps?: number; -/** - *

          Describes the Inference accelerators for the instance type.

          - */ -export interface InferenceAcceleratorInfo { /** - *

          Describes the Inference accelerators for the instance type.

          + *

          The maximum input/output storage operations per second for an EBS-optimized instance type.

          */ - Accelerators?: InferenceDeviceInfo[]; + MaximumIops?: number; } -export namespace InferenceAcceleratorInfo { +export namespace EbsOptimizedInfo { /** * @internal */ - export const filterSensitiveLog = (obj: InferenceAcceleratorInfo): any => ({ + export const filterSensitiveLog = (obj: EbsOptimizedInfo): any => ({ ...obj, }); } -export type DiskType = "hdd" | "ssd"; - -/** - *

          Describes the disk.

          - */ -export interface DiskInfo { - /** - *

          The size of the disk in GB.

          - */ - SizeInGB?: number; - - /** - *

          The number of disks with this configuration.

          - */ - Count?: number; - - /** - *

          The type of disk.

          - */ - Type?: DiskType | string; -} +export type EbsOptimizedSupport = "default" | "supported" | "unsupported"; -export namespace DiskInfo { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DiskInfo): any => ({ - ...obj, - }); -} +export type EbsEncryptionSupport = "supported" | "unsupported"; -export enum EphemeralNvmeSupport { +export enum EbsNvmeSupport { REQUIRED = "required", SUPPORTED = "supported", UNSUPPORTED = "unsupported", } /** - *

          Describes the disks that are available for the instance type.

          + *

          Describes the Amazon EBS features supported by the instance type.

          */ -export interface InstanceStorageInfo { - /** - *

          The total size of the disks, in GB.

          - */ - TotalSizeInGB?: number; - - /** - *

          Describes the disks that are available for the instance type.

          - */ - Disks?: DiskInfo[]; - - /** - *

          Indicates whether non-volatile memory express (NVMe) is supported for instance store.

          - */ - NvmeSupport?: EphemeralNvmeSupport | string; -} - -export namespace InstanceStorageInfo { +export interface EbsInfo { /** - * @internal + *

          Indicates whether the instance type is Amazon EBS-optimized. For more information, see Amazon EBS-optimized + * instances in Amazon EC2 User Guide.

          */ - export const filterSensitiveLog = (obj: InstanceStorageInfo): any => ({ - ...obj, - }); -} + EbsOptimizedSupport?: EbsOptimizedSupport | string; -/** - *

          Describes the memory for the instance type.

          - */ -export interface MemoryInfo { /** - *

          The size of the memory, in MiB.

          + *

          Indicates whether Amazon EBS encryption is supported.

          */ - SizeInMiB?: number; -} + EncryptionSupport?: EbsEncryptionSupport | string; -export namespace MemoryInfo { /** - * @internal + *

          Describes the optimized EBS performance for the instance type.

          */ - export const filterSensitiveLog = (obj: MemoryInfo): any => ({ - ...obj, - }); -} + EbsOptimizedInfo?: EbsOptimizedInfo; -/** - *

          Describes the Elastic Fabric Adapters for the instance type.

          - */ -export interface EfaInfo { /** - *

          The maximum number of Elastic Fabric Adapters for the instance type.

          + *

          Indicates whether non-volatile memory express (NVMe) is supported.

          */ - MaximumEfaInterfaces?: number; + NvmeSupport?: EbsNvmeSupport | string; } -export namespace EfaInfo { +export namespace EbsInfo { /** * @internal */ - export const filterSensitiveLog = (obj: EfaInfo): any => ({ + export const filterSensitiveLog = (obj: EbsInfo): any => ({ ...obj, }); } -export type EnaSupport = "required" | "supported" | "unsupported"; - /** - *

          Describes the network card support of the instance type.

          + *

          Describes the memory for the FPGA accelerator for the instance type.

          */ -export interface NetworkCardInfo { - /** - *

          The index of the network card.

          - */ - NetworkCardIndex?: number; - - /** - *

          The network performance of the network card.

          - */ - NetworkPerformance?: string; - +export interface FpgaDeviceMemoryInfo { /** - *

          The maximum number of network interfaces for the network card.

          + *

          The size of the memory available to the FPGA accelerator, in MiB.

          */ - MaximumNetworkInterfaces?: number; + SizeInMiB?: number; } -export namespace NetworkCardInfo { +export namespace FpgaDeviceMemoryInfo { /** * @internal */ - export const filterSensitiveLog = (obj: NetworkCardInfo): any => ({ + export const filterSensitiveLog = (obj: FpgaDeviceMemoryInfo): any => ({ ...obj, }); } /** - *

          Describes the networking features of the instance type.

          + *

          Describes the FPGA accelerator for the instance type.

          */ -export interface NetworkInfo { - /** - *

          The network performance.

          - */ - NetworkPerformance?: string; - - /** - *

          The maximum number of network interfaces for the instance type.

          - */ - MaximumNetworkInterfaces?: number; - - /** - *

          The maximum number of physical network cards that can be allocated to the instance.

          - */ - MaximumNetworkCards?: number; - - /** - *

          The index of the default network card, starting at 0.

          - */ - DefaultNetworkCardIndex?: number; - - /** - *

          Describes the network cards for the instance type.

          - */ - NetworkCards?: NetworkCardInfo[]; - - /** - *

          The maximum number of IPv4 addresses per network interface.

          - */ - Ipv4AddressesPerInterface?: number; - - /** - *

          The maximum number of IPv6 addresses per network interface.

          - */ - Ipv6AddressesPerInterface?: number; - - /** - *

          Indicates whether IPv6 is supported.

          - */ - Ipv6Supported?: boolean; - +export interface FpgaDeviceInfo { /** - *

          Indicates whether Elastic Network Adapter (ENA) is supported.

          + *

          The name of the FPGA accelerator.

          */ - EnaSupport?: EnaSupport | string; + Name?: string; /** - *

          Indicates whether Elastic Fabric Adapter (EFA) is supported.

          + *

          The manufacturer of the FPGA accelerator.

          */ - EfaSupported?: boolean; + Manufacturer?: string; /** - *

          Describes the Elastic Fabric Adapters for the instance type.

          + *

          The count of FPGA accelerators for the instance type.

          */ - EfaInfo?: EfaInfo; + Count?: number; /** - *

          Indicates whether the instance type automatically encrypts in-transit traffic between instances.

          + *

          Describes the memory for the FPGA accelerator for the instance type.

          */ - EncryptionInTransitSupported?: boolean; + MemoryInfo?: FpgaDeviceMemoryInfo; } -export namespace NetworkInfo { +export namespace FpgaDeviceInfo { /** * @internal */ - export const filterSensitiveLog = (obj: NetworkInfo): any => ({ + export const filterSensitiveLog = (obj: FpgaDeviceInfo): any => ({ ...obj, }); } -export type PlacementGroupStrategy = "cluster" | "partition" | "spread"; - /** - *

          Describes the placement group support of the instance type.

          + *

          Describes the FPGAs for the instance type.

          */ -export interface PlacementGroupInfo { +export interface FpgaInfo { /** - *

          The supported placement group types.

          + *

          Describes the FPGAs for the instance type.

          */ - SupportedStrategies?: (PlacementGroupStrategy | string)[]; + Fpgas?: FpgaDeviceInfo[]; + + /** + *

          The total memory of all FPGA accelerators for the instance type.

          + */ + TotalFpgaMemoryInMiB?: number; } -export namespace PlacementGroupInfo { +export namespace FpgaInfo { /** * @internal */ - export const filterSensitiveLog = (obj: PlacementGroupInfo): any => ({ + export const filterSensitiveLog = (obj: FpgaInfo): any => ({ ...obj, }); } -export type ArchitectureType = "arm64" | "i386" | "x86_64"; - /** - *

          Describes the processor used by the instance type.

          + *

          Describes the memory available to the GPU accelerator.

          */ -export interface ProcessorInfo { - /** - *

          The architectures supported by the instance type.

          - */ - SupportedArchitectures?: (ArchitectureType | string)[]; - +export interface GpuDeviceMemoryInfo { /** - *

          The speed of the processor, in GHz.

          + *

          The size of the memory available to the GPU accelerator, in MiB.

          */ - SustainedClockSpeedInGhz?: number; + SizeInMiB?: number; } -export namespace ProcessorInfo { +export namespace GpuDeviceMemoryInfo { /** * @internal */ - export const filterSensitiveLog = (obj: ProcessorInfo): any => ({ + export const filterSensitiveLog = (obj: GpuDeviceMemoryInfo): any => ({ ...obj, }); } -export type BootModeType = "legacy-bios" | "uefi"; - -export type RootDeviceType = "ebs" | "instance-store"; - -export type UsageClassType = "on-demand" | "spot"; - /** - *

          Describes the vCPU configurations for the instance type.

          + *

          Describes the GPU accelerators for the instance type.

          */ -export interface VCpuInfo { - /** - *

          The default number of vCPUs for the instance type.

          - */ - DefaultVCpus?: number; - +export interface GpuDeviceInfo { /** - *

          The default number of cores for the instance type.

          + *

          The name of the GPU accelerator.

          */ - DefaultCores?: number; + Name?: string; /** - *

          The default number of threads per core for the instance type.

          + *

          The manufacturer of the GPU accelerator.

          */ - DefaultThreadsPerCore?: number; + Manufacturer?: string; /** - *

          The valid number of cores that can be configured for the instance type.

          + *

          The number of GPUs for the instance type.

          */ - ValidCores?: number[]; + Count?: number; /** - *

          The valid number of threads per core that can be configured for the instance type.

          + *

          Describes the memory available to the GPU accelerator.

          */ - ValidThreadsPerCore?: number[]; + MemoryInfo?: GpuDeviceMemoryInfo; } -export namespace VCpuInfo { +export namespace GpuDeviceInfo { /** * @internal */ - export const filterSensitiveLog = (obj: VCpuInfo): any => ({ + export const filterSensitiveLog = (obj: GpuDeviceInfo): any => ({ ...obj, }); } /** - *

          Describes the instance type.

          + *

          Describes the GPU accelerators for the instance type.

          */ -export interface InstanceTypeInfo { - /** - *

          The instance type. For more information, see Instance types in the Amazon EC2 User Guide.

          - */ - InstanceType?: _InstanceType | string; - +export interface GpuInfo { /** - *

          Indicates whether the instance type is current generation.

          + *

          Describes the GPU accelerators for the instance type.

          */ - CurrentGeneration?: boolean; + Gpus?: GpuDeviceInfo[]; /** - *

          Indicates whether the instance type is eligible for the free tier.

          + *

          The total size of the memory for the GPU accelerators for the instance type, in MiB.

          */ - FreeTierEligible?: boolean; + TotalGpuMemoryInMiB?: number; +} +export namespace GpuInfo { /** - *

          Indicates whether the instance type is offered for spot or On-Demand.

          + * @internal */ - SupportedUsageClasses?: (UsageClassType | string)[]; + export const filterSensitiveLog = (obj: GpuInfo): any => ({ + ...obj, + }); +} - /** - *

          The supported root device types.

          - */ - SupportedRootDeviceTypes?: (RootDeviceType | string)[]; +export enum InstanceTypeHypervisor { + NITRO = "nitro", + XEN = "xen", +} +/** + *

          Describes the Inference accelerators for the instance type.

          + */ +export interface InferenceDeviceInfo { /** - *

          The supported virtualization types.

          + *

          The number of Inference accelerators for the instance type.

          */ - SupportedVirtualizationTypes?: (VirtualizationType | string)[]; + Count?: number; /** - *

          Indicates whether the instance is a bare metal instance type.

          + *

          The name of the Inference accelerator.

          */ - BareMetal?: boolean; + Name?: string; /** - *

          The hypervisor for the instance type.

          + *

          The manufacturer of the Inference accelerator.

          */ - Hypervisor?: InstanceTypeHypervisor | string; + Manufacturer?: string; +} +export namespace InferenceDeviceInfo { /** - *

          Describes the processor.

          + * @internal */ - ProcessorInfo?: ProcessorInfo; + export const filterSensitiveLog = (obj: InferenceDeviceInfo): any => ({ + ...obj, + }); +} +/** + *

          Describes the Inference accelerators for the instance type.

          + */ +export interface InferenceAcceleratorInfo { /** - *

          Describes the vCPU configurations for the instance type.

          + *

          Describes the Inference accelerators for the instance type.

          */ - VCpuInfo?: VCpuInfo; + Accelerators?: InferenceDeviceInfo[]; +} +export namespace InferenceAcceleratorInfo { /** - *

          Describes the memory for the instance type.

          + * @internal */ - MemoryInfo?: MemoryInfo; + export const filterSensitiveLog = (obj: InferenceAcceleratorInfo): any => ({ + ...obj, + }); +} - /** - *

          Indicates whether instance storage is supported.

          - */ - InstanceStorageSupported?: boolean; +export type DiskType = "hdd" | "ssd"; +/** + *

          Describes the disk.

          + */ +export interface DiskInfo { /** - *

          Describes the instance storage for the instance type.

          + *

          The size of the disk in GB.

          */ - InstanceStorageInfo?: InstanceStorageInfo; + SizeInGB?: number; /** - *

          Describes the Amazon EBS settings for the instance type.

          + *

          The number of disks with this configuration.

          */ - EbsInfo?: EbsInfo; + Count?: number; /** - *

          Describes the network settings for the instance type.

          + *

          The type of disk.

          */ - NetworkInfo?: NetworkInfo; + Type?: DiskType | string; +} +export namespace DiskInfo { /** - *

          Describes the GPU accelerator settings for the instance type.

          + * @internal */ - GpuInfo?: GpuInfo; + export const filterSensitiveLog = (obj: DiskInfo): any => ({ + ...obj, + }); +} - /** - *

          Describes the FPGA accelerator settings for the instance type.

          - */ - FpgaInfo?: FpgaInfo; +export enum EphemeralNvmeSupport { + REQUIRED = "required", + SUPPORTED = "supported", + UNSUPPORTED = "unsupported", +} +/** + *

          Describes the disks that are available for the instance type.

          + */ +export interface InstanceStorageInfo { /** - *

          Describes the placement group settings for the instance type.

          + *

          The total size of the disks, in GB.

          */ - PlacementGroupInfo?: PlacementGroupInfo; + TotalSizeInGB?: number; /** - *

          Describes the Inference accelerator settings for the instance type.

          + *

          Describes the disks that are available for the instance type.

          */ - InferenceAcceleratorInfo?: InferenceAcceleratorInfo; + Disks?: DiskInfo[]; /** - *

          Indicates whether On-Demand hibernation is supported.

          + *

          Indicates whether non-volatile memory express (NVMe) is supported for instance store.

          */ - HibernationSupported?: boolean; + NvmeSupport?: EphemeralNvmeSupport | string; +} +export namespace InstanceStorageInfo { /** - *

          Indicates whether the instance type is a burstable performance instance type.

          + * @internal */ - BurstablePerformanceSupported?: boolean; + export const filterSensitiveLog = (obj: InstanceStorageInfo): any => ({ + ...obj, + }); +} +/** + *

          Describes the memory for the instance type.

          + */ +export interface MemoryInfo { /** - *

          Indicates whether Dedicated Hosts are supported on the instance type.

          + *

          The size of the memory, in MiB.

          */ - DedicatedHostsSupported?: boolean; + SizeInMiB?: number; +} +export namespace MemoryInfo { /** - *

          Indicates whether auto recovery is supported.

          + * @internal */ - AutoRecoverySupported?: boolean; + export const filterSensitiveLog = (obj: MemoryInfo): any => ({ + ...obj, + }); +} +/** + *

          Describes the Elastic Fabric Adapters for the instance type.

          + */ +export interface EfaInfo { /** - *

          The supported boot modes. For more information, see Boot modes in the - * Amazon EC2 User Guide.

          + *

          The maximum number of Elastic Fabric Adapters for the instance type.

          */ - SupportedBootModes?: (BootModeType | string)[]; + MaximumEfaInterfaces?: number; } -export namespace InstanceTypeInfo { +export namespace EfaInfo { /** * @internal */ - export const filterSensitiveLog = (obj: InstanceTypeInfo): any => ({ + export const filterSensitiveLog = (obj: EfaInfo): any => ({ ...obj, }); } -export interface DescribeInstanceTypesResult { +export type EnaSupport = "required" | "supported" | "unsupported"; + +/** + *

          Describes the network card support of the instance type.

          + */ +export interface NetworkCardInfo { /** - *

          The instance type. For more information, see Instance types in the Amazon EC2 User Guide.

          + *

          The index of the network card.

          */ - InstanceTypes?: InstanceTypeInfo[]; + NetworkCardIndex?: number; /** - *

          The token to use to retrieve the next page of results. This value is null when there - * are no more results to return.

          + *

          The network performance of the network card.

          */ - NextToken?: string; + NetworkPerformance?: string; + + /** + *

          The maximum number of network interfaces for the network card.

          + */ + MaximumNetworkInterfaces?: number; } -export namespace DescribeInstanceTypesResult { +export namespace NetworkCardInfo { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeInstanceTypesResult): any => ({ + export const filterSensitiveLog = (obj: NetworkCardInfo): any => ({ ...obj, }); } -export interface DescribeInternetGatewaysRequest { - /** - *

          One or more filters.

          - *
            - *
          • - *

            - * attachment.state - The current state of the attachment between the gateway - * and the VPC (available). Present only if a VPC is attached.

            - *
            • - *
          • - *

            - * attachment.vpc-id - The ID of an attached VPC.

            - *
            • - *
          • - *

            - * internet-gateway-id - The ID of the Internet gateway.

            - *
            • - *
          • - *

            - * owner-id - The ID of the Amazon Web Services account that owns the internet gateway.

            - *
            • - *
          • - *

            - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. - * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

            - *
            • - *
          • - *

            - * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

            - *
            • - *
          - */ - Filters?: Filter[]; - - /** - *

          Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

          - */ - DryRun?: boolean; - +/** + *

          Describes the networking features of the instance type.

          + */ +export interface NetworkInfo { /** - *

          One or more internet gateway IDs.

          - *

          Default: Describes all your internet gateways.

          + *

          The network performance.

          */ - InternetGatewayIds?: string[]; + NetworkPerformance?: string; /** - *

          The token for the next page of results.

          + *

          The maximum number of network interfaces for the instance type.

          */ - NextToken?: string; + MaximumNetworkInterfaces?: number; /** - *

          The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

          + *

          The maximum number of physical network cards that can be allocated to the instance.

          */ - MaxResults?: number; -} + MaximumNetworkCards?: number; -export namespace DescribeInternetGatewaysRequest { /** - * @internal + *

          The index of the default network card, starting at 0.

          */ - export const filterSensitiveLog = (obj: DescribeInternetGatewaysRequest): any => ({ - ...obj, - }); -} + DefaultNetworkCardIndex?: number; -export interface DescribeInternetGatewaysResult { /** - *

          Information about one or more internet gateways.

          + *

          Describes the network cards for the instance type.

          */ - InternetGateways?: InternetGateway[]; + NetworkCards?: NetworkCardInfo[]; /** - *

          The token to use to retrieve the next page of results. This value is null when there are no more results to return.

          + *

          The maximum number of IPv4 addresses per network interface.

          */ - NextToken?: string; -} + Ipv4AddressesPerInterface?: number; -export namespace DescribeInternetGatewaysResult { /** - * @internal + *

          The maximum number of IPv6 addresses per network interface.

          */ - export const filterSensitiveLog = (obj: DescribeInternetGatewaysResult): any => ({ - ...obj, - }); -} + Ipv6AddressesPerInterface?: number; -export interface DescribeIpv6PoolsRequest { /** - *

          The IDs of the IPv6 address pools.

          + *

          Indicates whether IPv6 is supported.

          */ - PoolIds?: string[]; + Ipv6Supported?: boolean; /** - *

          The token for the next page of results.

          + *

          Indicates whether Elastic Network Adapter (ENA) is supported.

          */ - NextToken?: string; + EnaSupport?: EnaSupport | string; /** - *

          The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

          + *

          Indicates whether Elastic Fabric Adapter (EFA) is supported.

          */ - MaxResults?: number; + EfaSupported?: boolean; /** - *

          Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

          + *

          Describes the Elastic Fabric Adapters for the instance type.

          */ - DryRun?: boolean; + EfaInfo?: EfaInfo; /** - *

          One or more filters.

          - *
            - *
          • - *

            - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. - * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

            - *
            • - *
          • - *

            - * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

            - *
            • - *
          + *

          Indicates whether the instance type automatically encrypts in-transit traffic between instances.

          */ - Filters?: Filter[]; + EncryptionInTransitSupported?: boolean; } -export namespace DescribeIpv6PoolsRequest { +export namespace NetworkInfo { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeIpv6PoolsRequest): any => ({ + export const filterSensitiveLog = (obj: NetworkInfo): any => ({ ...obj, }); } +export type PlacementGroupStrategy = "cluster" | "partition" | "spread"; + /** - *

          Describes a CIDR block for an address pool.

          + *

          Describes the placement group support of the instance type.

          */ -export interface PoolCidrBlock { +export interface PlacementGroupInfo { /** - *

          The CIDR block.

          + *

          The supported placement group types.

          */ - Cidr?: string; + SupportedStrategies?: (PlacementGroupStrategy | string)[]; } -export namespace PoolCidrBlock { +export namespace PlacementGroupInfo { /** * @internal */ - export const filterSensitiveLog = (obj: PoolCidrBlock): any => ({ + export const filterSensitiveLog = (obj: PlacementGroupInfo): any => ({ ...obj, }); } +export type ArchitectureType = "arm64" | "i386" | "x86_64"; + /** - *

          Describes an IPv6 address pool.

          + *

          Describes the processor used by the instance type.

          */ -export interface Ipv6Pool { - /** - *

          The ID of the address pool.

          - */ - PoolId?: string; - - /** - *

          The description for the address pool.

          - */ - Description?: string; - +export interface ProcessorInfo { /** - *

          The CIDR blocks for the address pool.

          + *

          The architectures supported by the instance type.

          */ - PoolCidrBlocks?: PoolCidrBlock[]; + SupportedArchitectures?: (ArchitectureType | string)[]; /** - *

          Any tags for the address pool.

          + *

          The speed of the processor, in GHz.

          */ - Tags?: Tag[]; + SustainedClockSpeedInGhz?: number; } -export namespace Ipv6Pool { +export namespace ProcessorInfo { /** * @internal */ - export const filterSensitiveLog = (obj: Ipv6Pool): any => ({ + export const filterSensitiveLog = (obj: ProcessorInfo): any => ({ ...obj, }); } -export interface DescribeIpv6PoolsResult { - /** - *

          Information about the IPv6 address pools.

          - */ - Ipv6Pools?: Ipv6Pool[]; +export type BootModeType = "legacy-bios" | "uefi"; - /** - *

          The token to use to retrieve the next page of results. This value is null when there are no more results to return.

          - */ - NextToken?: string; -} +export type RootDeviceType = "ebs" | "instance-store"; -export namespace DescribeIpv6PoolsResult { +export type UsageClassType = "on-demand" | "spot"; + +/** + *

          Describes the vCPU configurations for the instance type.

          + */ +export interface VCpuInfo { /** - * @internal + *

          The default number of vCPUs for the instance type.

          */ - export const filterSensitiveLog = (obj: DescribeIpv6PoolsResult): any => ({ - ...obj, - }); -} + DefaultVCpus?: number; -export interface DescribeKeyPairsRequest { /** - *

          The filters.

          - *
            - *
          • - *

            - * key-pair-id - The ID of the key pair.

            - *
            • - *
          • - *

            - * fingerprint - The fingerprint of the key pair.

            - *
            • - *
          • - *

            - * key-name - The name of the key pair.

            - *
            • - *
          • - *

            - * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

            - *
            • - *
          • - *

            - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. - * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

            - *
            • - *
          + *

          The default number of cores for the instance type.

          */ - Filters?: Filter[]; + DefaultCores?: number; - /** - *

          The key pair names.

          - *

          Default: Describes all of your key pairs.

          + /** + *

          The default number of threads per core for the instance type.

          */ - KeyNames?: string[]; + DefaultThreadsPerCore?: number; /** - *

          The IDs of the key pairs.

          + *

          The valid number of cores that can be configured for the instance type.

          */ - KeyPairIds?: string[]; + ValidCores?: number[]; /** - *

          Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

          + *

          The valid number of threads per core that can be configured for the instance type.

          */ - DryRun?: boolean; + ValidThreadsPerCore?: number[]; } -export namespace DescribeKeyPairsRequest { +export namespace VCpuInfo { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeKeyPairsRequest): any => ({ + export const filterSensitiveLog = (obj: VCpuInfo): any => ({ ...obj, }); } /** - *

          Describes a key pair.

          + *

          Describes the instance type.

          */ -export interface KeyPairInfo { +export interface InstanceTypeInfo { /** - *

          The ID of the key pair.

          + *

          The instance type. For more information, see Instance types in the Amazon EC2 User Guide.

          */ - KeyPairId?: string; + InstanceType?: _InstanceType | string; /** - *

          If you used CreateKeyPair to create the key pair:

          - *
            - *
          • - *

            For RSA key pairs, the key fingerprint is the SHA-1 digest of the DER encoded private key. - *

            - *
            • - *
          • - *

            For ED25519 key pairs, the key fingerprint is the base64-encoded SHA-256 digest, which - * is the default for OpenSSH, starting with OpenSSH 6.8.

            - *
            • - *
          - *

          If you used ImportKeyPair to provide Amazon Web Services the public key:

          - *
            - *
          • - *

            For RSA key pairs, the key fingerprint is the MD5 public key fingerprint as specified in section 4 of RFC4716.

            - *
            • - *
          • - *

            For ED25519 key pairs, the key fingerprint is the base64-encoded SHA-256 - * digest, which is the default for OpenSSH, starting with OpenSSH 6.8.

            - *
            • - *
          + *

          Indicates whether the instance type is current generation.

          */ - KeyFingerprint?: string; + CurrentGeneration?: boolean; /** - *

          The name of the key pair.

          + *

          Indicates whether the instance type is eligible for the free tier.

          */ - KeyName?: string; + FreeTierEligible?: boolean; /** - *

          The type of key pair.

          + *

          Indicates whether the instance type is offered for spot or On-Demand.

          */ - KeyType?: KeyType | string; + SupportedUsageClasses?: (UsageClassType | string)[]; /** - *

          Any tags applied to the key pair.

          + *

          The supported root device types.

          */ - Tags?: Tag[]; -} + SupportedRootDeviceTypes?: (RootDeviceType | string)[]; -export namespace KeyPairInfo { /** - * @internal + *

          The supported virtualization types.

          */ - export const filterSensitiveLog = (obj: KeyPairInfo): any => ({ - ...obj, - }); -} + SupportedVirtualizationTypes?: (VirtualizationType | string)[]; -export interface DescribeKeyPairsResult { /** - *

          Information about the key pairs.

          + *

          Indicates whether the instance is a bare metal instance type.

          */ - KeyPairs?: KeyPairInfo[]; -} + BareMetal?: boolean; -export namespace DescribeKeyPairsResult { /** - * @internal + *

          The hypervisor for the instance type.

          */ - export const filterSensitiveLog = (obj: DescribeKeyPairsResult): any => ({ - ...obj, - }); -} + Hypervisor?: InstanceTypeHypervisor | string; -export interface DescribeLaunchTemplatesRequest { /** - *

          Checks whether you have the required permissions for the action, without actually - * making the request, and provides an error response. If you have the required - * permissions, the error response is DryRunOperation. Otherwise, it is - * UnauthorizedOperation.

          + *

          Describes the processor.

          */ - DryRun?: boolean; + ProcessorInfo?: ProcessorInfo; /** - *

          One or more launch template IDs.

          + *

          Describes the vCPU configurations for the instance type.

          */ - LaunchTemplateIds?: string[]; + VCpuInfo?: VCpuInfo; /** - *

          One or more launch template names.

          + *

          Describes the memory for the instance type.

          */ - LaunchTemplateNames?: string[]; + MemoryInfo?: MemoryInfo; /** - *

          One or more filters.

          - *
            - *
          • - *

            - * create-time - The time the launch template was created.

            - *
            • - *
          • - *

            - * launch-template-name - The name of the launch template.

            - *
            • - *
          • - *

            - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. - * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

            - *
            • - *
          • - *

            - * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

            - *
            • - *
          + *

          Indicates whether instance storage is supported.

          */ - Filters?: Filter[]; + InstanceStorageSupported?: boolean; /** - *

          The token to request the next page of results.

          + *

          Describes the instance storage for the instance type.

          */ - NextToken?: string; + InstanceStorageInfo?: InstanceStorageInfo; /** - *

          The maximum number of results to return in a single call. To retrieve the remaining - * results, make another call with the returned NextToken value. This value - * can be between 1 and 200.

          + *

          Describes the Amazon EBS settings for the instance type.

          */ - MaxResults?: number; -} + EbsInfo?: EbsInfo; -export namespace DescribeLaunchTemplatesRequest { /** - * @internal + *

          Describes the network settings for the instance type.

          */ - export const filterSensitiveLog = (obj: DescribeLaunchTemplatesRequest): any => ({ - ...obj, - }); -} + NetworkInfo?: NetworkInfo; -export interface DescribeLaunchTemplatesResult { /** - *

          Information about the launch templates.

          + *

          Describes the GPU accelerator settings for the instance type.

          */ - LaunchTemplates?: LaunchTemplate[]; + GpuInfo?: GpuInfo; /** - *

          The token to use to retrieve the next page of results. This value is - * null when there are no more results to return.

          + *

          Describes the FPGA accelerator settings for the instance type.

          */ - NextToken?: string; -} + FpgaInfo?: FpgaInfo; -export namespace DescribeLaunchTemplatesResult { /** - * @internal + *

          Describes the placement group settings for the instance type.

          */ - export const filterSensitiveLog = (obj: DescribeLaunchTemplatesResult): any => ({ - ...obj, - }); -} + PlacementGroupInfo?: PlacementGroupInfo; -export interface DescribeLaunchTemplateVersionsRequest { /** - *

          Checks whether you have the required permissions for the action, without actually - * making the request, and provides an error response. If you have the required - * permissions, the error response is DryRunOperation. Otherwise, it is - * UnauthorizedOperation.

          + *

          Describes the Inference accelerator settings for the instance type.

          */ - DryRun?: boolean; + InferenceAcceleratorInfo?: InferenceAcceleratorInfo; /** - *

          The ID of the launch template. To describe one or more versions of a specified launch - * template, you must specify either the launch template ID or the launch template name in - * the request. To describe all the latest or default launch template versions in your - * account, you must omit this parameter.

          + *

          Indicates whether On-Demand hibernation is supported.

          */ - LaunchTemplateId?: string; + HibernationSupported?: boolean; /** - *

          The name of the launch template. To describe one or more versions of a specified - * launch template, you must specify either the launch template ID or the launch template - * name in the request. To describe all the latest or default launch template versions in - * your account, you must omit this parameter.

          + *

          Indicates whether the instance type is a burstable performance instance type.

          */ - LaunchTemplateName?: string; + BurstablePerformanceSupported?: boolean; /** - *

          One or more versions of the launch template. Valid values depend on whether you are describing a specified launch template (by ID or name) or all launch templates in your account.

          - *

          To describe one or more versions of a specified launch template, valid values are $Latest, $Default, and numbers.

          - *

          To describe all launch templates in your account that are defined as the latest - * version, the valid value is $Latest. To describe all launch templates in - * your account that are defined as the default version, the valid value is - * $Default. You can specify $Latest and - * $Default in the same call. You cannot specify numbers.

          + *

          Indicates whether Dedicated Hosts are supported on the instance type.

          */ - Versions?: string[]; + DedicatedHostsSupported?: boolean; /** - *

          The version number after which to describe launch template versions.

          + *

          Indicates whether auto recovery is supported.

          */ - MinVersion?: string; + AutoRecoverySupported?: boolean; /** - *

          The version number up to which to describe launch template versions.

          + *

          The supported boot modes. For more information, see Boot modes in the + * Amazon EC2 User Guide.

          */ - MaxVersion?: string; + SupportedBootModes?: (BootModeType | string)[]; +} +export namespace InstanceTypeInfo { /** - *

          The token to request the next page of results.

          + * @internal + */ + export const filterSensitiveLog = (obj: InstanceTypeInfo): any => ({ + ...obj, + }); +} + +export interface DescribeInstanceTypesResult { + /** + *

          The instance type. For more information, see Instance types in the Amazon EC2 User Guide.

          + */ + InstanceTypes?: InstanceTypeInfo[]; + + /** + *

          The token to use to retrieve the next page of results. This value is null when there + * are no more results to return.

          */ NextToken?: string; +} +export namespace DescribeInstanceTypesResult { /** - *

          The maximum number of results to return in a single call. To retrieve the remaining - * results, make another call with the returned NextToken value. This value - * can be between 1 and 200.

          + * @internal */ - MaxResults?: number; + export const filterSensitiveLog = (obj: DescribeInstanceTypesResult): any => ({ + ...obj, + }); +} +export interface DescribeInternetGatewaysRequest { /** *

          One or more filters.

          *
            *
          • - *

            - * create-time - The time the launch template version was created.

            - *
            • - *
          • - *

            - * ebs-optimized - A boolean that indicates whether the instance - * is optimized for Amazon EBS I/O.

            - *
            • - *
          • *

            - * iam-instance-profile - The ARN of the IAM instance - * profile.

            + * attachment.state - The current state of the attachment between the gateway + * and the VPC (available). Present only if a VPC is attached.

            *
            • *
          • *

            - * image-id - The ID of the AMI.

            + * attachment.vpc-id - The ID of an attached VPC.

            *
            • *
          • *

            - * instance-type - The instance type.

            + * internet-gateway-id - The ID of the Internet gateway.

            *
            • *
          • *

            - * is-default-version - A boolean that indicates whether the - * launch template version is the default version.

            + * owner-id - The ID of the Amazon Web Services account that owns the internet gateway.

            *
            • *
          • *

            - * kernel-id - The kernel ID.

            + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. + * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

            *
            • *
          • *

            - * ram-disk-id - The RAM disk ID.

            + * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

            *
            • *
          */ Filters?: Filter[]; + + /** + *

          Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

          + */ + DryRun?: boolean; + + /** + *

          One or more internet gateway IDs.

          + *

          Default: Describes all your internet gateways.

          + */ + InternetGatewayIds?: string[]; + + /** + *

          The token for the next page of results.

          + */ + NextToken?: string; + + /** + *

          The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

          + */ + MaxResults?: number; } -export namespace DescribeLaunchTemplateVersionsRequest { +export namespace DescribeInternetGatewaysRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeLaunchTemplateVersionsRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeInternetGatewaysRequest): any => ({ ...obj, }); } -export interface DescribeLaunchTemplateVersionsResult { +export interface DescribeInternetGatewaysResult { /** - *

          Information about the launch template versions.

          + *

          Information about one or more internet gateways.

          */ - LaunchTemplateVersions?: LaunchTemplateVersion[]; + InternetGateways?: InternetGateway[]; /** - *

          The token to use to retrieve the next page of results. This value is - * null when there are no more results to return.

          + *

          The token to use to retrieve the next page of results. This value is null when there are no more results to return.

          */ NextToken?: string; } -export namespace DescribeLaunchTemplateVersionsResult { +export namespace DescribeInternetGatewaysResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeLaunchTemplateVersionsResult): any => ({ + export const filterSensitiveLog = (obj: DescribeInternetGatewaysResult): any => ({ ...obj, }); } -export interface DescribeLocalGatewayRouteTablesRequest { +export interface DescribeIpv6PoolsRequest { /** - *

          The IDs of the local gateway route tables.

          + *

          The IDs of the IPv6 address pools.

          */ - LocalGatewayRouteTableIds?: string[]; + PoolIds?: string[]; /** - *

          One or more filters.

          - *
            - *
          • - *

            - * local-gateway-id - The ID of a local gateway.

            - *
            • - *
          • - *

            - * local-gateway-route-table-id - The ID of a local gateway route table.

            - *
            • - *
          • - *

            - * outpost-arn - The Amazon Resource Name (ARN) of the Outpost.

            - *
            • - *
          • - *

            - * state - The state of the local gateway route table.

            - *
            • - *
          + *

          The token for the next page of results.

          */ - Filters?: Filter[]; + NextToken?: string; /** *

          The maximum number of results to return with a single call. @@ -3739,82 +3775,97 @@ export interface DescribeLocalGatewayRouteTablesRequest { */ MaxResults?: number; - /** - *

          The token for the next page of results.

          - */ - NextToken?: string; - /** *

          Checks whether you have the required permissions for the action, without actually making the request, * and provides an error response. If you have the required permissions, the error response is DryRunOperation. * Otherwise, it is UnauthorizedOperation.

          */ DryRun?: boolean; + + /** + *

          One or more filters.

          + *
            + *
          • + *

            + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. + * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

            + *
            • + *
          • + *

            + * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

            + *
            • + *
          + */ + Filters?: Filter[]; } -export namespace DescribeLocalGatewayRouteTablesRequest { +export namespace DescribeIpv6PoolsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeLocalGatewayRouteTablesRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeIpv6PoolsRequest): any => ({ ...obj, }); } /** - *

          Describes a local gateway route table.

          + *

          Describes a CIDR block for an address pool.

          */ -export interface LocalGatewayRouteTable { - /** - *

          The ID of the local gateway route table.

          - */ - LocalGatewayRouteTableId?: string; - +export interface PoolCidrBlock { /** - *

          The Amazon Resource Name (ARN) of the local gateway route table.

          + *

          The CIDR block.

          */ - LocalGatewayRouteTableArn?: string; + Cidr?: string; +} +export namespace PoolCidrBlock { /** - *

          The ID of the local gateway.

          + * @internal */ - LocalGatewayId?: string; + export const filterSensitiveLog = (obj: PoolCidrBlock): any => ({ + ...obj, + }); +} +/** + *

          Describes an IPv6 address pool.

          + */ +export interface Ipv6Pool { /** - *

          The Amazon Resource Name (ARN) of the Outpost.

          + *

          The ID of the address pool.

          */ - OutpostArn?: string; + PoolId?: string; /** - *

          The AWS account ID that owns the local gateway route table.

          + *

          The description for the address pool.

          */ - OwnerId?: string; + Description?: string; /** - *

          The state of the local gateway route table.

          + *

          The CIDR blocks for the address pool.

          */ - State?: string; + PoolCidrBlocks?: PoolCidrBlock[]; /** - *

          The tags assigned to the local gateway route table.

          + *

          Any tags for the address pool.

          */ Tags?: Tag[]; } -export namespace LocalGatewayRouteTable { +export namespace Ipv6Pool { /** * @internal */ - export const filterSensitiveLog = (obj: LocalGatewayRouteTable): any => ({ + export const filterSensitiveLog = (obj: Ipv6Pool): any => ({ ...obj, }); } -export interface DescribeLocalGatewayRouteTablesResult { +export interface DescribeIpv6PoolsResult { /** - *

          Information about the local gateway route tables.

          + *

          Information about the IPv6 address pools.

          */ - LocalGatewayRouteTables?: LocalGatewayRouteTable[]; + Ipv6Pools?: Ipv6Pool[]; /** *

          The token to use to retrieve the next page of results. This value is null when there are no more results to return.

          @@ -3822,58 +3873,54 @@ export interface DescribeLocalGatewayRouteTablesResult { NextToken?: string; } -export namespace DescribeLocalGatewayRouteTablesResult { +export namespace DescribeIpv6PoolsResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeLocalGatewayRouteTablesResult): any => ({ + export const filterSensitiveLog = (obj: DescribeIpv6PoolsResult): any => ({ ...obj, }); } -export interface DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsRequest { - /** - *

          The IDs of the associations.

          - */ - LocalGatewayRouteTableVirtualInterfaceGroupAssociationIds?: string[]; - +export interface DescribeKeyPairsRequest { /** - *

          One or more filters.

          + *

          The filters.

          *
            *
          • - *

            - * local-gateway-id - The ID of a local gateway.

            - *
            • + *

            + * key-pair-id - The ID of the key pair.

            + * *
          • *

            - * local-gateway-route-table-id - The ID of the local gateway route table.

            + * fingerprint - The fingerprint of the key pair.

            *
            • *
          • *

            - * local-gateway-route-table-virtual-interface-group-association-id - The ID of the association.

            + * key-name - The name of the key pair.

            *
            • *
          • - *

            - * local-gateway-route-table-virtual-interface-group-id - The ID of the virtual interface group.

            - *
            • + *

            + * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

            + * *
          • - *

            - * state - The state of the association.

            - *
            • + *

            + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. + * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

            + * *
          */ Filters?: Filter[]; /** - *

          The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

          + *

          The key pair names.

          + *

          Default: Describes all of your key pairs.

          */ - MaxResults?: number; + KeyNames?: string[]; /** - *

          The token for the next page of results.

          + *

          The IDs of the key pairs.

          */ - NextToken?: string; + KeyPairIds?: string[]; /** *

          Checks whether you have the required permissions for the action, without actually making the request, @@ -3883,306 +3930,314 @@ export interface DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations DryRun?: boolean; } -export namespace DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsRequest { +export namespace DescribeKeyPairsRequest { /** * @internal */ - export const filterSensitiveLog = ( - obj: DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsRequest - ): any => ({ + export const filterSensitiveLog = (obj: DescribeKeyPairsRequest): any => ({ ...obj, }); } /** - *

          Describes an association between a local gateway route table and a virtual interface group.

          + *

          Describes a key pair.

          */ -export interface LocalGatewayRouteTableVirtualInterfaceGroupAssociation { - /** - *

          The ID of the association.

          - */ - LocalGatewayRouteTableVirtualInterfaceGroupAssociationId?: string; - - /** - *

          The ID of the virtual interface group.

          - */ - LocalGatewayVirtualInterfaceGroupId?: string; - - /** - *

          The ID of the local gateway.

          - */ - LocalGatewayId?: string; - +export interface KeyPairInfo { /** - *

          The ID of the local gateway route table.

          + *

          The ID of the key pair.

          */ - LocalGatewayRouteTableId?: string; + KeyPairId?: string; /** - *

          The Amazon Resource Name (ARN) of the local gateway route table for the virtual interface group.

          + *

          If you used CreateKeyPair to create the key pair:

          + *
            + *
          • + *

            For RSA key pairs, the key fingerprint is the SHA-1 digest of the DER encoded private key. + *

            + *
            • + *
          • + *

            For ED25519 key pairs, the key fingerprint is the base64-encoded SHA-256 digest, which + * is the default for OpenSSH, starting with OpenSSH 6.8.

            + *
            • + *
          + *

          If you used ImportKeyPair to provide Amazon Web Services the public key:

          + *
            + *
          • + *

            For RSA key pairs, the key fingerprint is the MD5 public key fingerprint as specified in section 4 of RFC4716.

            + *
            • + *
          • + *

            For ED25519 key pairs, the key fingerprint is the base64-encoded SHA-256 + * digest, which is the default for OpenSSH, starting with OpenSSH 6.8.

            + *
            • + *
          */ - LocalGatewayRouteTableArn?: string; + KeyFingerprint?: string; /** - *

          The AWS account ID that owns the local gateway virtual interface group association.

          + *

          The name of the key pair.

          */ - OwnerId?: string; + KeyName?: string; /** - *

          The state of the association.

          + *

          The type of key pair.

          */ - State?: string; + KeyType?: KeyType | string; /** - *

          The tags assigned to the association.

          + *

          Any tags applied to the key pair.

          */ Tags?: Tag[]; } -export namespace LocalGatewayRouteTableVirtualInterfaceGroupAssociation { +export namespace KeyPairInfo { /** * @internal */ - export const filterSensitiveLog = (obj: LocalGatewayRouteTableVirtualInterfaceGroupAssociation): any => ({ + export const filterSensitiveLog = (obj: KeyPairInfo): any => ({ ...obj, }); } -export interface DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsResult { - /** - *

          Information about the associations.

          - */ - LocalGatewayRouteTableVirtualInterfaceGroupAssociations?: LocalGatewayRouteTableVirtualInterfaceGroupAssociation[]; - +export interface DescribeKeyPairsResult { /** - *

          The token to use to retrieve the next page of results. This value is null when there are no more results to return.

          + *

          Information about the key pairs.

          */ - NextToken?: string; + KeyPairs?: KeyPairInfo[]; } -export namespace DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsResult { +export namespace DescribeKeyPairsResult { /** * @internal */ - export const filterSensitiveLog = ( - obj: DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsResult - ): any => ({ + export const filterSensitiveLog = (obj: DescribeKeyPairsResult): any => ({ ...obj, }); } -export interface DescribeLocalGatewayRouteTableVpcAssociationsRequest { +export interface DescribeLaunchTemplatesRequest { /** - *

          The IDs of the associations.

          + *

          Checks whether you have the required permissions for the action, without actually + * making the request, and provides an error response. If you have the required + * permissions, the error response is DryRunOperation. Otherwise, it is + * UnauthorizedOperation.

          */ - LocalGatewayRouteTableVpcAssociationIds?: string[]; + DryRun?: boolean; + + /** + *

          One or more launch template IDs.

          + */ + LaunchTemplateIds?: string[]; + + /** + *

          One or more launch template names.

          + */ + LaunchTemplateNames?: string[]; /** *

          One or more filters.

          - *
            - *
          • - *

            - * local-gateway-id - The ID of a local gateway.

            - *
            • + *
              *
            • - *

              - * local-gateway-route-table-id - The ID of the local gateway route table.

              + *

              + * create-time - The time the launch template was created.

              *
              • *
            • - *

              - * local-gateway-route-table-vpc-association-id - The ID of the association.

              + *

              + * launch-template-name - The name of the launch template.

              *
              • *
            • - *

              - * state - The state of the association.

              + *

              + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. + * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

              *
              • *
            • - *

              - * vpc-id - The ID of the VPC.

              + *

              + * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

              *
              • *
            */ Filters?: Filter[]; /** - *

            The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

            - */ - MaxResults?: number; - - /** - *

            The token for the next page of results.

            + *

            The token to request the next page of results.

            */ NextToken?: string; /** - *

            Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

            + *

            The maximum number of results to return in a single call. To retrieve the remaining + * results, make another call with the returned NextToken value. This value + * can be between 1 and 200.

            */ - DryRun?: boolean; + MaxResults?: number; } -export namespace DescribeLocalGatewayRouteTableVpcAssociationsRequest { +export namespace DescribeLaunchTemplatesRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeLocalGatewayRouteTableVpcAssociationsRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeLaunchTemplatesRequest): any => ({ ...obj, }); } -export interface DescribeLocalGatewayRouteTableVpcAssociationsResult { +export interface DescribeLaunchTemplatesResult { /** - *

            Information about the associations.

            + *

            Information about the launch templates.

            */ - LocalGatewayRouteTableVpcAssociations?: LocalGatewayRouteTableVpcAssociation[]; + LaunchTemplates?: LaunchTemplate[]; /** - *

            The token to use to retrieve the next page of results. This value is null when there are no more results to return.

            + *

            The token to use to retrieve the next page of results. This value is + * null when there are no more results to return.

            */ NextToken?: string; } -export namespace DescribeLocalGatewayRouteTableVpcAssociationsResult { +export namespace DescribeLaunchTemplatesResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeLocalGatewayRouteTableVpcAssociationsResult): any => ({ + export const filterSensitiveLog = (obj: DescribeLaunchTemplatesResult): any => ({ ...obj, }); } -export interface DescribeLocalGatewaysRequest { - /** - *

            One or more filters.

            - *
              - *
            • - *

              - * local-gateway-id - The ID of a local gateway.

              - *
              • - *
            • - *

              - * local-gateway-route-table-id - The ID of the local gateway route table.

              - *
              • - *
            • - *

              - * local-gateway-route-table-virtual-interface-group-association-id - The ID of the association.

              - *
              • - *
            • - *

              - * local-gateway-route-table-virtual-interface-group-id - The ID of the virtual interface group.

              - *
              • - *
            • - *

              - * outpost-arn - The Amazon Resource Name (ARN) of the Outpost.

              - *
              • - *
            • - *

              - * state - The state of the association.

              - *
              • - *
            - */ - LocalGatewayIds?: string[]; - - /** - *

            One or more filters.

            - */ - Filters?: Filter[]; - +export interface DescribeLaunchTemplateVersionsRequest { /** - *

            The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

            + *

            Checks whether you have the required permissions for the action, without actually + * making the request, and provides an error response. If you have the required + * permissions, the error response is DryRunOperation. Otherwise, it is + * UnauthorizedOperation.

            */ - MaxResults?: number; + DryRun?: boolean; /** - *

            The token for the next page of results.

            + *

            The ID of the launch template. To describe one or more versions of a specified launch + * template, you must specify either the launch template ID or the launch template name in + * the request. To describe all the latest or default launch template versions in your + * account, you must omit this parameter.

            */ - NextToken?: string; + LaunchTemplateId?: string; /** - *

            Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

            + *

            The name of the launch template. To describe one or more versions of a specified + * launch template, you must specify either the launch template ID or the launch template + * name in the request. To describe all the latest or default launch template versions in + * your account, you must omit this parameter.

            */ - DryRun?: boolean; -} + LaunchTemplateName?: string; -export namespace DescribeLocalGatewaysRequest { /** - * @internal + *

            One or more versions of the launch template. Valid values depend on whether you are describing a specified launch template (by ID or name) or all launch templates in your account.

            + *

            To describe one or more versions of a specified launch template, valid values are $Latest, $Default, and numbers.

            + *

            To describe all launch templates in your account that are defined as the latest + * version, the valid value is $Latest. To describe all launch templates in + * your account that are defined as the default version, the valid value is + * $Default. You can specify $Latest and + * $Default in the same call. You cannot specify numbers.

            */ - export const filterSensitiveLog = (obj: DescribeLocalGatewaysRequest): any => ({ - ...obj, - }); -} + Versions?: string[]; -/** - *

            Describes a local gateway.

            - */ -export interface LocalGateway { /** - *

            The ID of the local gateway.

            + *

            The version number after which to describe launch template versions.

            */ - LocalGatewayId?: string; + MinVersion?: string; /** - *

            The Amazon Resource Name (ARN) of the Outpost.

            + *

            The version number up to which to describe launch template versions.

            */ - OutpostArn?: string; + MaxVersion?: string; /** - *

            The AWS account ID that owns the local gateway.

            + *

            The token to request the next page of results.

            */ - OwnerId?: string; + NextToken?: string; /** - *

            The state of the local gateway.

            + *

            The maximum number of results to return in a single call. To retrieve the remaining + * results, make another call with the returned NextToken value. This value + * can be between 1 and 200.

            */ - State?: string; + MaxResults?: number; /** - *

            The tags assigned to the local gateway.

            + *

            One or more filters.

            + *
              + *
            • + *

              + * create-time - The time the launch template version was created.

              + *
              • + *
            • + *

              + * ebs-optimized - A boolean that indicates whether the instance + * is optimized for Amazon EBS I/O.

              + *
              • + *
            • + *

              + * iam-instance-profile - The ARN of the IAM instance + * profile.

              + *
              • + *
            • + *

              + * image-id - The ID of the AMI.

              + *
              • + *
            • + *

              + * instance-type - The instance type.

              + *
              • + *
            • + *

              + * is-default-version - A boolean that indicates whether the + * launch template version is the default version.

              + *
              • + *
            • + *

              + * kernel-id - The kernel ID.

              + *
              • + *
            • + *

              + * ram-disk-id - The RAM disk ID.

              + *
              • + *
            */ - Tags?: Tag[]; + Filters?: Filter[]; } -export namespace LocalGateway { +export namespace DescribeLaunchTemplateVersionsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: LocalGateway): any => ({ + export const filterSensitiveLog = (obj: DescribeLaunchTemplateVersionsRequest): any => ({ ...obj, }); } -export interface DescribeLocalGatewaysResult { +export interface DescribeLaunchTemplateVersionsResult { /** - *

            Information about the local gateways.

            + *

            Information about the launch template versions.

            */ - LocalGateways?: LocalGateway[]; + LaunchTemplateVersions?: LaunchTemplateVersion[]; /** - *

            The token to use to retrieve the next page of results. This value is null when there are no more results to return.

            + *

            The token to use to retrieve the next page of results. This value is + * null when there are no more results to return.

            */ NextToken?: string; } -export namespace DescribeLocalGatewaysResult { +export namespace DescribeLaunchTemplateVersionsResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeLocalGatewaysResult): any => ({ + export const filterSensitiveLog = (obj: DescribeLaunchTemplateVersionsResult): any => ({ ...obj, }); } -export interface DescribeLocalGatewayVirtualInterfaceGroupsRequest { +export interface DescribeLocalGatewayRouteTablesRequest { /** - *

            The IDs of the virtual interface groups.

            + *

            The IDs of the local gateway route tables.

            */ - LocalGatewayVirtualInterfaceGroupIds?: string[]; + LocalGatewayRouteTableIds?: string[]; /** *

            One or more filters.

            @@ -4193,11 +4248,15 @@ export interface DescribeLocalGatewayVirtualInterfaceGroupsRequest { * *
          • *

            - * local-gateway-virtual-interface-id - The ID of the virtual interface.

            + * local-gateway-route-table-id - The ID of a local gateway route table.

            *
            • *
          • *

            - * local-gateway-virtual-interface-group-id - The ID of the virtual interface group.

            + * outpost-arn - The Amazon Resource Name (ARN) of the Outpost.

            + *
            • + *
          • + *

            + * state - The state of the local gateway route table.

            *
            • *
          */ @@ -4222,28 +4281,28 @@ export interface DescribeLocalGatewayVirtualInterfaceGroupsRequest { DryRun?: boolean; } -export namespace DescribeLocalGatewayVirtualInterfaceGroupsRequest { +export namespace DescribeLocalGatewayRouteTablesRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeLocalGatewayVirtualInterfaceGroupsRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeLocalGatewayRouteTablesRequest): any => ({ ...obj, }); } /** - *

          Describes a local gateway virtual interface group.

          + *

          Describes a local gateway route table.

          */ -export interface LocalGatewayVirtualInterfaceGroup { +export interface LocalGatewayRouteTable { /** - *

          The ID of the virtual interface group.

          + *

          The ID of the local gateway route table.

          */ - LocalGatewayVirtualInterfaceGroupId?: string; + LocalGatewayRouteTableId?: string; /** - *

          The IDs of the virtual interfaces.

          + *

          The Amazon Resource Name (ARN) of the local gateway route table.

          */ - LocalGatewayVirtualInterfaceIds?: string[]; + LocalGatewayRouteTableArn?: string; /** *

          The ID of the local gateway.

          @@ -4251,30 +4310,40 @@ export interface LocalGatewayVirtualInterfaceGroup { LocalGatewayId?: string; /** - *

          The AWS account ID that owns the local gateway virtual interface group.

          + *

          The Amazon Resource Name (ARN) of the Outpost.

          + */ + OutpostArn?: string; + + /** + *

          The AWS account ID that owns the local gateway route table.

          */ OwnerId?: string; /** - *

          The tags assigned to the virtual interface group.

          + *

          The state of the local gateway route table.

          + */ + State?: string; + + /** + *

          The tags assigned to the local gateway route table.

          */ Tags?: Tag[]; } -export namespace LocalGatewayVirtualInterfaceGroup { +export namespace LocalGatewayRouteTable { /** * @internal */ - export const filterSensitiveLog = (obj: LocalGatewayVirtualInterfaceGroup): any => ({ + export const filterSensitiveLog = (obj: LocalGatewayRouteTable): any => ({ ...obj, }); } -export interface DescribeLocalGatewayVirtualInterfaceGroupsResult { +export interface DescribeLocalGatewayRouteTablesResult { /** - *

          The virtual interface groups.

          + *

          Information about the local gateway route tables.

          */ - LocalGatewayVirtualInterfaceGroups?: LocalGatewayVirtualInterfaceGroup[]; + LocalGatewayRouteTables?: LocalGatewayRouteTable[]; /** *

          The token to use to retrieve the next page of results. This value is null when there are no more results to return.

          @@ -4282,23 +4351,45 @@ export interface DescribeLocalGatewayVirtualInterfaceGroupsResult { NextToken?: string; } -export namespace DescribeLocalGatewayVirtualInterfaceGroupsResult { +export namespace DescribeLocalGatewayRouteTablesResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeLocalGatewayVirtualInterfaceGroupsResult): any => ({ + export const filterSensitiveLog = (obj: DescribeLocalGatewayRouteTablesResult): any => ({ ...obj, }); } -export interface DescribeLocalGatewayVirtualInterfacesRequest { +export interface DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsRequest { /** - *

          The IDs of the virtual interfaces.

          + *

          The IDs of the associations.

          */ - LocalGatewayVirtualInterfaceIds?: string[]; + LocalGatewayRouteTableVirtualInterfaceGroupAssociationIds?: string[]; /** *

          One or more filters.

          + *
            + *
          • + *

            + * local-gateway-id - The ID of a local gateway.

            + *
            • + *
          • + *

            + * local-gateway-route-table-id - The ID of the local gateway route table.

            + *
            • + *
          • + *

            + * local-gateway-route-table-virtual-interface-group-association-id - The ID of the association.

            + *
            • + *
          • + *

            + * local-gateway-route-table-virtual-interface-group-id - The ID of the virtual interface group.

            + *
            • + *
          • + *

            + * state - The state of the association.

            + *
            • + *
          */ Filters?: Filter[]; @@ -4321,79 +4412,76 @@ export interface DescribeLocalGatewayVirtualInterfacesRequest { DryRun?: boolean; } -export namespace DescribeLocalGatewayVirtualInterfacesRequest { +export namespace DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeLocalGatewayVirtualInterfacesRequest): any => ({ + export const filterSensitiveLog = ( + obj: DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsRequest + ): any => ({ ...obj, }); } /** - *

          Describes a local gateway virtual interface.

          + *

          Describes an association between a local gateway route table and a virtual interface group.

          */ -export interface LocalGatewayVirtualInterface { - /** - *

          The ID of the virtual interface.

          - */ - LocalGatewayVirtualInterfaceId?: string; - +export interface LocalGatewayRouteTableVirtualInterfaceGroupAssociation { /** - *

          The ID of the local gateway.

          + *

          The ID of the association.

          */ - LocalGatewayId?: string; + LocalGatewayRouteTableVirtualInterfaceGroupAssociationId?: string; /** - *

          The ID of the VLAN.

          + *

          The ID of the virtual interface group.

          */ - Vlan?: number; + LocalGatewayVirtualInterfaceGroupId?: string; /** - *

          The local address.

          + *

          The ID of the local gateway.

          */ - LocalAddress?: string; + LocalGatewayId?: string; /** - *

          The peer address.

          + *

          The ID of the local gateway route table.

          */ - PeerAddress?: string; + LocalGatewayRouteTableId?: string; /** - *

          The Border Gateway Protocol (BGP) Autonomous System Number (ASN) of the local gateway.

          + *

          The Amazon Resource Name (ARN) of the local gateway route table for the virtual interface group.

          */ - LocalBgpAsn?: number; + LocalGatewayRouteTableArn?: string; /** - *

          The peer BGP ASN.

          + *

          The AWS account ID that owns the local gateway virtual interface group association.

          */ - PeerBgpAsn?: number; + OwnerId?: string; /** - *

          The AWS account ID that owns the local gateway virtual interface.

          + *

          The state of the association.

          */ - OwnerId?: string; + State?: string; /** - *

          The tags assigned to the virtual interface.

          + *

          The tags assigned to the association.

          */ Tags?: Tag[]; } -export namespace LocalGatewayVirtualInterface { +export namespace LocalGatewayRouteTableVirtualInterfaceGroupAssociation { /** * @internal */ - export const filterSensitiveLog = (obj: LocalGatewayVirtualInterface): any => ({ + export const filterSensitiveLog = (obj: LocalGatewayRouteTableVirtualInterfaceGroupAssociation): any => ({ ...obj, }); } -export interface DescribeLocalGatewayVirtualInterfacesResult { +export interface DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsResult { /** - *

          Information about the virtual interfaces.

          + *

          Information about the associations.

          */ - LocalGatewayVirtualInterfaces?: LocalGatewayVirtualInterface[]; + LocalGatewayRouteTableVirtualInterfaceGroupAssociations?: LocalGatewayRouteTableVirtualInterfaceGroupAssociation[]; /** *

          The token to use to retrieve the next page of results. This value is null when there are no more results to return.

          @@ -4401,37 +4489,45 @@ export interface DescribeLocalGatewayVirtualInterfacesResult { NextToken?: string; } -export namespace DescribeLocalGatewayVirtualInterfacesResult { +export namespace DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeLocalGatewayVirtualInterfacesResult): any => ({ + export const filterSensitiveLog = ( + obj: DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsResult + ): any => ({ ...obj, }); } -export interface DescribeManagedPrefixListsRequest { +export interface DescribeLocalGatewayRouteTableVpcAssociationsRequest { /** - *

          Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

          + *

          The IDs of the associations.

          */ - DryRun?: boolean; + LocalGatewayRouteTableVpcAssociationIds?: string[]; /** *

          One or more filters.

          - *
            + *
              *
            • *

              - * owner-id - The ID of the prefix list owner.

              + * local-gateway-id - The ID of a local gateway.

              *
              • *
            • *

              - * prefix-list-id - The ID of the prefix list.

              + * local-gateway-route-table-id - The ID of the local gateway route table.

              *
              • *
            • *

              - * prefix-list-name - The name of the prefix list.

              + * local-gateway-route-table-vpc-association-id - The ID of the association.

              + *
              • + *
            • + *

              + * state - The state of the association.

              + *
              • + *
            • + *

              + * vpc-id - The ID of the VPC.

              *
              • *
            */ @@ -4449,67 +4545,83 @@ export interface DescribeManagedPrefixListsRequest { NextToken?: string; /** - *

            One or more prefix list IDs.

            + *

            Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

            */ - PrefixListIds?: string[]; + DryRun?: boolean; } -export namespace DescribeManagedPrefixListsRequest { +export namespace DescribeLocalGatewayRouteTableVpcAssociationsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeManagedPrefixListsRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeLocalGatewayRouteTableVpcAssociationsRequest): any => ({ ...obj, }); } -export interface DescribeManagedPrefixListsResult { +export interface DescribeLocalGatewayRouteTableVpcAssociationsResult { /** - *

            The token to use to retrieve the next page of results. This value is null when there are no more results to return.

            + *

            Information about the associations.

            */ - NextToken?: string; + LocalGatewayRouteTableVpcAssociations?: LocalGatewayRouteTableVpcAssociation[]; /** - *

            Information about the prefix lists.

            + *

            The token to use to retrieve the next page of results. This value is null when there are no more results to return.

            */ - PrefixLists?: ManagedPrefixList[]; + NextToken?: string; } -export namespace DescribeManagedPrefixListsResult { +export namespace DescribeLocalGatewayRouteTableVpcAssociationsResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeManagedPrefixListsResult): any => ({ + export const filterSensitiveLog = (obj: DescribeLocalGatewayRouteTableVpcAssociationsResult): any => ({ ...obj, }); } -export interface DescribeMovingAddressesRequest { +export interface DescribeLocalGatewaysRequest { /** *

            One or more filters.

            *
              *
            • *

              - * moving-status - The status of the Elastic IP address - * (MovingToVpc | RestoringToClassic).

              + * local-gateway-id - The ID of a local gateway.

              + *
              • + *
            • + *

              + * local-gateway-route-table-id - The ID of the local gateway route table.

              + *
              • + *
            • + *

              + * local-gateway-route-table-virtual-interface-group-association-id - The ID of the association.

              + *
              • + *
            • + *

              + * local-gateway-route-table-virtual-interface-group-id - The ID of the virtual interface group.

              + *
              • + *
            • + *

              + * outpost-arn - The Amazon Resource Name (ARN) of the Outpost.

              + *
              • + *
            • + *

              + * state - The state of the association.

              *
              • *
            */ - Filters?: Filter[]; + LocalGatewayIds?: string[]; /** - *

            Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

            + *

            One or more filters.

            */ - DryRun?: boolean; + Filters?: Filter[]; /** - *

            The maximum number of results to return for the request in a single page. The remaining - * results of the initial request can be seen by sending another request with the returned - * NextToken value. This value can be between 5 and 1000; if - * MaxResults is given a value outside of this range, an error is returned.

            - *

            Default: If no value is provided, the default is 1000.

            + *

            The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

            */ MaxResults?: number; @@ -4519,51 +4631,66 @@ export interface DescribeMovingAddressesRequest { NextToken?: string; /** - *

            One or more Elastic IP addresses.

            + *

            Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

            */ - PublicIps?: string[]; + DryRun?: boolean; +} + +export namespace DescribeLocalGatewaysRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DescribeLocalGatewaysRequest): any => ({ + ...obj, + }); } -export namespace DescribeMovingAddressesRequest { +/** + *

            Describes a local gateway.

            + */ +export interface LocalGateway { + /** + *

            The ID of the local gateway.

            + */ + LocalGatewayId?: string; + /** - * @internal + *

            The Amazon Resource Name (ARN) of the Outpost.

            */ - export const filterSensitiveLog = (obj: DescribeMovingAddressesRequest): any => ({ - ...obj, - }); -} + OutpostArn?: string; -export type MoveStatus = "movingToVpc" | "restoringToClassic"; + /** + *

            The AWS account ID that owns the local gateway.

            + */ + OwnerId?: string; -/** - *

            Describes the status of a moving Elastic IP address.

            - */ -export interface MovingAddressStatus { /** - *

            The status of the Elastic IP address that's being moved to the EC2-VPC platform, or restored to the EC2-Classic platform.

            + *

            The state of the local gateway.

            */ - MoveStatus?: MoveStatus | string; + State?: string; /** - *

            The Elastic IP address.

            + *

            The tags assigned to the local gateway.

            */ - PublicIp?: string; + Tags?: Tag[]; } -export namespace MovingAddressStatus { +export namespace LocalGateway { /** * @internal */ - export const filterSensitiveLog = (obj: MovingAddressStatus): any => ({ + export const filterSensitiveLog = (obj: LocalGateway): any => ({ ...obj, }); } -export interface DescribeMovingAddressesResult { +export interface DescribeLocalGatewaysResult { /** - *

            The status for each Elastic IP address.

            + *

            Information about the local gateways.

            */ - MovingAddressStatuses?: MovingAddressStatus[]; + LocalGateways?: LocalGateway[]; /** *

            The token to use to retrieve the next page of results. This value is null when there are no more results to return.

            @@ -4571,55 +4698,39 @@ export interface DescribeMovingAddressesResult { NextToken?: string; } -export namespace DescribeMovingAddressesResult { +export namespace DescribeLocalGatewaysResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeMovingAddressesResult): any => ({ + export const filterSensitiveLog = (obj: DescribeLocalGatewaysResult): any => ({ ...obj, }); } -export interface DescribeNatGatewaysRequest { +export interface DescribeLocalGatewayVirtualInterfaceGroupsRequest { /** - *

            Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

            + *

            The IDs of the virtual interface groups.

            */ - DryRun?: boolean; + LocalGatewayVirtualInterfaceGroupIds?: string[]; /** *

            One or more filters.

            *
              *
            • *

              - * nat-gateway-id - The ID of the NAT gateway.

              - *
              • - *
            • - *

              - * state - The state of the NAT gateway (pending | - * failed | available | deleting | deleted).

              + * local-gateway-id - The ID of a local gateway.

              *
              • *
            • *

              - * subnet-id - The ID of the subnet in which the NAT gateway resides.

              + * local-gateway-virtual-interface-id - The ID of the virtual interface.

              *
              • *
            • - *

              - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. - * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

              - *
              • - *
            • - *

              - * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

              - *
              • - *
            • *

              - * vpc-id - The ID of the VPC in which the NAT gateway resides.

              + * local-gateway-virtual-interface-group-id - The ID of the virtual interface group.

              *
              • *
            */ - Filter?: Filter[]; + Filters?: Filter[]; /** *

            The maximum number of results to return with a single call. @@ -4627,168 +4738,72 @@ export interface DescribeNatGatewaysRequest { */ MaxResults?: number; - /** - *

            One or more NAT gateway IDs.

            - */ - NatGatewayIds?: string[]; - /** *

            The token for the next page of results.

            */ NextToken?: string; -} - -export namespace DescribeNatGatewaysRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DescribeNatGatewaysRequest): any => ({ - ...obj, - }); -} - -export interface DescribeNatGatewaysResult { - /** - *

            Information about the NAT gateways.

            - */ - NatGateways?: NatGateway[]; /** - *

            The token to use to retrieve the next page of results. This value is null when there are no more results to return.

            + *

            Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

            */ - NextToken?: string; + DryRun?: boolean; } -export namespace DescribeNatGatewaysResult { +export namespace DescribeLocalGatewayVirtualInterfaceGroupsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeNatGatewaysResult): any => ({ + export const filterSensitiveLog = (obj: DescribeLocalGatewayVirtualInterfaceGroupsRequest): any => ({ ...obj, }); } -export interface DescribeNetworkAclsRequest { +/** + *

            Describes a local gateway virtual interface group.

            + */ +export interface LocalGatewayVirtualInterfaceGroup { /** - *

            One or more filters.

            - *
              - *
            • - *

              - * association.association-id - The ID of an association ID for the ACL.

              - *
              • - *
            • - *

              - * association.network-acl-id - The ID of the network ACL involved in the association.

              - *
              • - *
            • - *

              - * association.subnet-id - The ID of the subnet involved in the association.

              - *
              • - *
            • - *

              - * default - Indicates whether the ACL is the default network ACL for the VPC.

              - *
              • - *
            • - *

              - * entry.cidr - The IPv4 CIDR range specified in the entry.

              - *
              • - *
            • - *

              - * entry.icmp.code - The ICMP code specified in the entry, if any.

              - *
              • - *
            • - *

              - * entry.icmp.type - The ICMP type specified in the entry, if any.

              - *
              • - *
            • - *

              - * entry.ipv6-cidr - The IPv6 CIDR range specified in the entry.

              - *
              • - *
            • - *

              - * entry.port-range.from - The start of the port range specified in the entry.

              - *
              • - *
            • - *

              - * entry.port-range.to - The end of the port range specified in the entry.

              - *
              • - *
            • - *

              - * entry.protocol - The protocol specified in the entry (tcp | udp | icmp or a protocol number).

              - *
              • - *
            • - *

              - * entry.rule-action - Allows or denies the matching traffic (allow | deny).

              - *
              • - *
            • - *

              - * entry.rule-number - The number of an entry (in other words, rule) in - * the set of ACL entries.

              - *
              • - *
            • - *

              - * network-acl-id - The ID of the network ACL.

              - *
              • - *
            • - *

              - * owner-id - The ID of the Amazon Web Services account that owns the network ACL.

              - *
              • - *
            • - *

              - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. - * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

              - *
              • - *
            • - *

              - * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

              - *
              • - *
            • - *

              - * vpc-id - The ID of the VPC for the network ACL.

              - *
              • - *
            + *

            The ID of the virtual interface group.

            */ - Filters?: Filter[]; + LocalGatewayVirtualInterfaceGroupId?: string; /** - *

            Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

            + *

            The IDs of the virtual interfaces.

            */ - DryRun?: boolean; + LocalGatewayVirtualInterfaceIds?: string[]; /** - *

            One or more network ACL IDs.

            - *

            Default: Describes all your network ACLs.

            + *

            The ID of the local gateway.

            */ - NetworkAclIds?: string[]; + LocalGatewayId?: string; /** - *

            The token for the next page of results.

            + *

            The AWS account ID that owns the local gateway virtual interface group.

            */ - NextToken?: string; + OwnerId?: string; /** - *

            The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

            + *

            The tags assigned to the virtual interface group.

            */ - MaxResults?: number; + Tags?: Tag[]; } -export namespace DescribeNetworkAclsRequest { +export namespace LocalGatewayVirtualInterfaceGroup { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeNetworkAclsRequest): any => ({ + export const filterSensitiveLog = (obj: LocalGatewayVirtualInterfaceGroup): any => ({ ...obj, }); } -export interface DescribeNetworkAclsResult { +export interface DescribeLocalGatewayVirtualInterfaceGroupsResult { /** - *

            Information about one or more network ACLs.

            + *

            The virtual interface groups.

            */ - NetworkAcls?: NetworkAcl[]; + LocalGatewayVirtualInterfaceGroups?: LocalGatewayVirtualInterfaceGroup[]; /** *

            The token to use to retrieve the next page of results. This value is null when there are no more results to return.

            @@ -4796,1809 +4811,1745 @@ export interface DescribeNetworkAclsResult { NextToken?: string; } -export namespace DescribeNetworkAclsResult { +export namespace DescribeLocalGatewayVirtualInterfaceGroupsResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeNetworkAclsResult): any => ({ + export const filterSensitiveLog = (obj: DescribeLocalGatewayVirtualInterfaceGroupsResult): any => ({ ...obj, }); } -export interface DescribeNetworkInsightsAnalysesRequest { - /** - *

            The ID of the network insights analyses. You must specify either analysis IDs or a path ID.

            - */ - NetworkInsightsAnalysisIds?: string[]; - - /** - *

            The ID of the path. You must specify either a path ID or analysis IDs.

            - */ - NetworkInsightsPathId?: string; - - /** - *

            The time when the network insights analyses started.

            - */ - AnalysisStartTime?: Date; - +export interface DescribeLocalGatewayVirtualInterfacesRequest { /** - *

            The time when the network insights analyses ended.

            + *

            The IDs of the virtual interfaces.

            */ - AnalysisEndTime?: Date; + LocalGatewayVirtualInterfaceIds?: string[]; /** - *

            The filters. The following are possible values:

            - *
              - *
            • - *

              PathFound - A Boolean value that indicates whether a feasible path is found.

              - *
              • - *
            • - *

              Status - The status of the analysis (running | succeeded | failed).

              - *
              • - *
            + *

            One or more filters.

            */ Filters?: Filter[]; /** *

            The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

            + * To retrieve the remaining results, make another call with the returned nextToken value.

            */ MaxResults?: number; + /** + *

            The token for the next page of results.

            + */ + NextToken?: string; + /** *

            Checks whether you have the required permissions for the action, without actually making the request, * and provides an error response. If you have the required permissions, the error response is DryRunOperation. * Otherwise, it is UnauthorizedOperation.

            */ DryRun?: boolean; - - /** - *

            The token for the next page of results.

            - */ - NextToken?: string; } -export namespace DescribeNetworkInsightsAnalysesRequest { +export namespace DescribeLocalGatewayVirtualInterfacesRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeNetworkInsightsAnalysesRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeLocalGatewayVirtualInterfacesRequest): any => ({ ...obj, }); } /** - *

            Describes a path component.

            + *

            Describes a local gateway virtual interface.

            */ -export interface AnalysisComponent { +export interface LocalGatewayVirtualInterface { /** - *

            The ID of the component.

            + *

            The ID of the virtual interface.

            */ - Id?: string; + LocalGatewayVirtualInterfaceId?: string; /** - *

            The Amazon Resource Name (ARN) of the component.

            + *

            The ID of the local gateway.

            */ - Arn?: string; -} + LocalGatewayId?: string; -export namespace AnalysisComponent { /** - * @internal + *

            The ID of the VLAN.

            */ - export const filterSensitiveLog = (obj: AnalysisComponent): any => ({ - ...obj, - }); -} + Vlan?: number; -/** - *

            Describes a network access control (ACL) rule.

            - */ -export interface AnalysisAclRule { /** - *

            The IPv4 address range, in CIDR notation.

            + *

            The local address.

            */ - Cidr?: string; + LocalAddress?: string; /** - *

            Indicates whether the rule is an outbound rule.

            + *

            The peer address.

            */ - Egress?: boolean; + PeerAddress?: string; /** - *

            The range of ports.

            + *

            The Border Gateway Protocol (BGP) Autonomous System Number (ASN) of the local gateway.

            */ - PortRange?: PortRange; + LocalBgpAsn?: number; /** - *

            The protocol.

            + *

            The peer BGP ASN.

            */ - Protocol?: string; + PeerBgpAsn?: number; /** - *

            Indicates whether to allow or deny traffic that matches the rule.

            + *

            The AWS account ID that owns the local gateway virtual interface.

            */ - RuleAction?: string; + OwnerId?: string; /** - *

            The rule number.

            + *

            The tags assigned to the virtual interface.

            */ - RuleNumber?: number; + Tags?: Tag[]; } -export namespace AnalysisAclRule { +export namespace LocalGatewayVirtualInterface { /** * @internal */ - export const filterSensitiveLog = (obj: AnalysisAclRule): any => ({ + export const filterSensitiveLog = (obj: LocalGatewayVirtualInterface): any => ({ ...obj, }); } -/** - *

            Describes a load balancer listener.

            - */ -export interface AnalysisLoadBalancerListener { +export interface DescribeLocalGatewayVirtualInterfacesResult { /** - *

            The port on which the load balancer is listening.

            + *

            Information about the virtual interfaces.

            */ - LoadBalancerPort?: number; + LocalGatewayVirtualInterfaces?: LocalGatewayVirtualInterface[]; /** - *

            [Classic Load Balancers] The back-end port for the listener.

            + *

            The token to use to retrieve the next page of results. This value is null when there are no more results to return.

            */ - InstancePort?: number; + NextToken?: string; } -export namespace AnalysisLoadBalancerListener { +export namespace DescribeLocalGatewayVirtualInterfacesResult { /** * @internal */ - export const filterSensitiveLog = (obj: AnalysisLoadBalancerListener): any => ({ + export const filterSensitiveLog = (obj: DescribeLocalGatewayVirtualInterfacesResult): any => ({ ...obj, }); } -/** - *

            Describes a load balancer target.

            - */ -export interface AnalysisLoadBalancerTarget { +export interface DescribeManagedPrefixListsRequest { /** - *

            The IP address.

            + *

            Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

            */ - Address?: string; + DryRun?: boolean; /** - *

            The Availability Zone.

            + *

            One or more filters.

            + *
              + *
            • + *

              + * owner-id - The ID of the prefix list owner.

              + *
              • + *
            • + *

              + * prefix-list-id - The ID of the prefix list.

              + *
              • + *
            • + *

              + * prefix-list-name - The name of the prefix list.

              + *
              • + *
            */ - AvailabilityZone?: string; + Filters?: Filter[]; /** - *

            Information about the instance.

            + *

            The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

            */ - Instance?: AnalysisComponent; + MaxResults?: number; /** - *

            The port on which the target is listening.

            + *

            The token for the next page of results.

            */ - Port?: number; + NextToken?: string; + + /** + *

            One or more prefix list IDs.

            + */ + PrefixListIds?: string[]; } -export namespace AnalysisLoadBalancerTarget { +export namespace DescribeManagedPrefixListsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: AnalysisLoadBalancerTarget): any => ({ + export const filterSensitiveLog = (obj: DescribeManagedPrefixListsRequest): any => ({ ...obj, }); } -/** - *

            Describes a route table route.

            - */ -export interface AnalysisRouteTableRoute { - /** - *

            The destination IPv4 address, in CIDR notation.

            - */ - DestinationCidr?: string; - - /** - *

            The prefix of the Amazon Web Service.

            - */ - DestinationPrefixListId?: string; - +export interface DescribeManagedPrefixListsResult { /** - *

            The ID of an egress-only internet gateway.

            + *

            The token to use to retrieve the next page of results. This value is null when there are no more results to return.

            */ - EgressOnlyInternetGatewayId?: string; + NextToken?: string; /** - *

            The ID of the gateway, such as an internet gateway or virtual private gateway.

            + *

            Information about the prefix lists.

            */ - GatewayId?: string; + PrefixLists?: ManagedPrefixList[]; +} +export namespace DescribeManagedPrefixListsResult { /** - *

            The ID of the instance, such as a NAT instance.

            + * @internal */ - InstanceId?: string; + export const filterSensitiveLog = (obj: DescribeManagedPrefixListsResult): any => ({ + ...obj, + }); +} +export interface DescribeMovingAddressesRequest { /** - *

            The ID of a NAT gateway.

            + *

            One or more filters.

            + *
              + *
            • + *

              + * moving-status - The status of the Elastic IP address + * (MovingToVpc | RestoringToClassic).

              + *
              • + *
            */ - NatGatewayId?: string; + Filters?: Filter[]; /** - *

            The ID of a network interface.

            + *

            Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

            */ - NetworkInterfaceId?: string; + DryRun?: boolean; /** - *

            Describes how the route was created. The following are possible values:

            - *
              - *
            • - *

              - * CreateRouteTable - The route was automatically created when the route table was created.

              - *
              • - *
            • - *

              - * CreateRoute - The route was manually added to the route table.

              - *
              • - *
            • - *

              - * EnableVgwRoutePropagation - The route was propagated by route propagation.

              - *
              • - *
            + *

            The maximum number of results to return for the request in a single page. The remaining + * results of the initial request can be seen by sending another request with the returned + * NextToken value. This value can be between 5 and 1000; if + * MaxResults is given a value outside of this range, an error is returned.

            + *

            Default: If no value is provided, the default is 1000.

            */ - Origin?: string; + MaxResults?: number; /** - *

            The ID of a transit gateway.

            + *

            The token for the next page of results.

            */ - TransitGatewayId?: string; + NextToken?: string; /** - *

            The ID of a VPC peering connection.

            + *

            One or more Elastic IP addresses.

            */ - VpcPeeringConnectionId?: string; + PublicIps?: string[]; } -export namespace AnalysisRouteTableRoute { +export namespace DescribeMovingAddressesRequest { /** * @internal */ - export const filterSensitiveLog = (obj: AnalysisRouteTableRoute): any => ({ + export const filterSensitiveLog = (obj: DescribeMovingAddressesRequest): any => ({ ...obj, }); } +export type MoveStatus = "movingToVpc" | "restoringToClassic"; + /** - *

            Describes a security group rule.

            + *

            Describes the status of a moving Elastic IP address.

            */ -export interface AnalysisSecurityGroupRule { - /** - *

            The IPv4 address range, in CIDR notation.

            - */ - Cidr?: string; - +export interface MovingAddressStatus { /** - *

            The direction. The following are possible values:

            - *
              - *
            • - *

              egress

              - *
              • - *
            • - *

              ingress

              - *
              • - *
            + *

            The status of the Elastic IP address that's being moved to the EC2-VPC platform, or restored to the EC2-Classic platform.

            */ - Direction?: string; + MoveStatus?: MoveStatus | string; /** - *

            The security group ID.

            + *

            The Elastic IP address.

            */ - SecurityGroupId?: string; + PublicIp?: string; +} +export namespace MovingAddressStatus { /** - *

            The port range.

            + * @internal */ - PortRange?: PortRange; + export const filterSensitiveLog = (obj: MovingAddressStatus): any => ({ + ...obj, + }); +} +export interface DescribeMovingAddressesResult { /** - *

            The prefix list ID.

            + *

            The status for each Elastic IP address.

            */ - PrefixListId?: string; + MovingAddressStatuses?: MovingAddressStatus[]; /** - *

            The protocol name.

            + *

            The token to use to retrieve the next page of results. This value is null when there are no more results to return.

            */ - Protocol?: string; + NextToken?: string; } -export namespace AnalysisSecurityGroupRule { +export namespace DescribeMovingAddressesResult { /** * @internal */ - export const filterSensitiveLog = (obj: AnalysisSecurityGroupRule): any => ({ + export const filterSensitiveLog = (obj: DescribeMovingAddressesResult): any => ({ ...obj, }); } -/** - *

            Describes an explanation code for an unreachable path. For more information, see Reachability Analyzer explanation codes.

            - */ -export interface Explanation { - /** - *

            The network ACL.

            - */ - Acl?: AnalysisComponent; - - /** - *

            The network ACL rule.

            - */ - AclRule?: AnalysisAclRule; - +export interface DescribeNatGatewaysRequest { /** - *

            The IPv4 address, in CIDR notation.

            + *

            Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

            */ - Address?: string; + DryRun?: boolean; /** - *

            The IPv4 addresses, in CIDR notation.

            + *

            One or more filters.

            + *
              + *
            • + *

              + * nat-gateway-id - The ID of the NAT gateway.

              + *
              • + *
            • + *

              + * state - The state of the NAT gateway (pending | + * failed | available | deleting | deleted).

              + *
              • + *
            • + *

              + * subnet-id - The ID of the subnet in which the NAT gateway resides.

              + *
              • + *
            • + *

              + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. + * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

              + *
              • + *
            • + *

              + * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

              + *
              • + *
            • + *

              + * vpc-id - The ID of the VPC in which the NAT gateway resides.

              + *
              • + *
            */ - Addresses?: string[]; + Filter?: Filter[]; /** - *

            The resource to which the component is attached.

            + *

            The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

            */ - AttachedTo?: AnalysisComponent; + MaxResults?: number; /** - *

            The Availability Zones.

            + *

            One or more NAT gateway IDs.

            */ - AvailabilityZones?: string[]; + NatGatewayIds?: string[]; /** - *

            The CIDR ranges.

            + *

            The token for the next page of results.

            */ - Cidrs?: string[]; + NextToken?: string; +} +export namespace DescribeNatGatewaysRequest { /** - *

            The component.

            + * @internal */ - Component?: AnalysisComponent; + export const filterSensitiveLog = (obj: DescribeNatGatewaysRequest): any => ({ + ...obj, + }); +} +export interface DescribeNatGatewaysResult { /** - *

            The customer gateway.

            + *

            Information about the NAT gateways.

            */ - CustomerGateway?: AnalysisComponent; + NatGateways?: NatGateway[]; /** - *

            The destination.

            + *

            The token to use to retrieve the next page of results. This value is null when there are no more results to return.

            */ - Destination?: AnalysisComponent; + NextToken?: string; +} +export namespace DescribeNatGatewaysResult { /** - *

            The destination VPC.

            + * @internal */ - DestinationVpc?: AnalysisComponent; + export const filterSensitiveLog = (obj: DescribeNatGatewaysResult): any => ({ + ...obj, + }); +} +export interface DescribeNetworkAclsRequest { /** - *

            The direction. The following are possible values:

            - *
              + *

              One or more filters.

              + *
                *
              • - *

                egress

                - *
                • + *

                + * association.association-id - The ID of an association ID for the ACL.

                + * *
              • - *

                ingress

                - *
                • + *

                + * association.network-acl-id - The ID of the network ACL involved in the association.

                + * + *
              • + *

                + * association.subnet-id - The ID of the subnet involved in the association.

                + *
                • + *
              • + *

                + * default - Indicates whether the ACL is the default network ACL for the VPC.

                + *
                • + *
              • + *

                + * entry.cidr - The IPv4 CIDR range specified in the entry.

                + *
                • + *
              • + *

                + * entry.icmp.code - The ICMP code specified in the entry, if any.

                + *
                • + *
              • + *

                + * entry.icmp.type - The ICMP type specified in the entry, if any.

                + *
                • + *
              • + *

                + * entry.ipv6-cidr - The IPv6 CIDR range specified in the entry.

                + *
                • + *
              • + *

                + * entry.port-range.from - The start of the port range specified in the entry.

                + *
                • + *
              • + *

                + * entry.port-range.to - The end of the port range specified in the entry.

                + *
                • + *
              • + *

                + * entry.protocol - The protocol specified in the entry (tcp | udp | icmp or a protocol number).

                + *
                • + *
              • + *

                + * entry.rule-action - Allows or denies the matching traffic (allow | deny).

                + *
                • + *
              • + *

                + * entry.rule-number - The number of an entry (in other words, rule) in + * the set of ACL entries.

                + *
                • + *
              • + *

                + * network-acl-id - The ID of the network ACL.

                + *
                • + *
              • + *

                + * owner-id - The ID of the Amazon Web Services account that owns the network ACL.

                + *
                • + *
              • + *

                + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. + * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                + *
                • + *
              • + *

                + * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                + *
                • + *
              • + *

                + * vpc-id - The ID of the VPC for the network ACL.

                + *
                • *
              */ - Direction?: string; + Filters?: Filter[]; /** - *

              The explanation code.

              + *

              Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

              */ - ExplanationCode?: string; + DryRun?: boolean; /** - *

              The route table.

              + *

              One or more network ACL IDs.

              + *

              Default: Describes all your network ACLs.

              */ - IngressRouteTable?: AnalysisComponent; + NetworkAclIds?: string[]; /** - *

              The internet gateway.

              + *

              The token for the next page of results.

              */ - InternetGateway?: AnalysisComponent; + NextToken?: string; /** - *

              The Amazon Resource Name (ARN) of the load balancer.

              + *

              The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

              */ - LoadBalancerArn?: string; + MaxResults?: number; +} +export namespace DescribeNetworkAclsRequest { /** - *

              The listener for a Classic Load Balancer.

              + * @internal */ - ClassicLoadBalancerListener?: AnalysisLoadBalancerListener; + export const filterSensitiveLog = (obj: DescribeNetworkAclsRequest): any => ({ + ...obj, + }); +} +export interface DescribeNetworkAclsResult { /** - *

              The listener port of the load balancer.

              + *

              Information about one or more network ACLs.

              */ - LoadBalancerListenerPort?: number; + NetworkAcls?: NetworkAcl[]; /** - *

              The target.

              + *

              The token to use to retrieve the next page of results. This value is null when there are no more results to return.

              */ - LoadBalancerTarget?: AnalysisLoadBalancerTarget; + NextToken?: string; +} +export namespace DescribeNetworkAclsResult { /** - *

              The target group.

              + * @internal */ - LoadBalancerTargetGroup?: AnalysisComponent; + export const filterSensitiveLog = (obj: DescribeNetworkAclsResult): any => ({ + ...obj, + }); +} +export interface DescribeNetworkInsightsAnalysesRequest { /** - *

              The target groups.

              + *

              The ID of the network insights analyses. You must specify either analysis IDs or a path ID.

              */ - LoadBalancerTargetGroups?: AnalysisComponent[]; + NetworkInsightsAnalysisIds?: string[]; /** - *

              The target port.

              + *

              The ID of the path. You must specify either a path ID or analysis IDs.

              */ - LoadBalancerTargetPort?: number; + NetworkInsightsPathId?: string; /** - *

              The load balancer listener.

              + *

              The time when the network insights analyses started.

              */ - ElasticLoadBalancerListener?: AnalysisComponent; + AnalysisStartTime?: Date; /** - *

              The missing component.

              + *

              The time when the network insights analyses ended.

              */ - MissingComponent?: string; + AnalysisEndTime?: Date; + + /** + *

              The filters. The following are possible values:

              + *
                + *
              • + *

                PathFound - A Boolean value that indicates whether a feasible path is found.

                + *
                • + *
              • + *

                Status - The status of the analysis (running | succeeded | failed).

                + *
                • + *
              + */ + Filters?: Filter[]; /** - *

              The NAT gateway.

              + *

              The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

              */ - NatGateway?: AnalysisComponent; + MaxResults?: number; /** - *

              The network interface.

              + *

              Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

              */ - NetworkInterface?: AnalysisComponent; + DryRun?: boolean; /** - *

              The packet field.

              + *

              The token for the next page of results.

              */ - PacketField?: string; + NextToken?: string; +} +export namespace DescribeNetworkInsightsAnalysesRequest { /** - *

              The VPC peering connection.

              + * @internal */ - VpcPeeringConnection?: AnalysisComponent; + export const filterSensitiveLog = (obj: DescribeNetworkInsightsAnalysesRequest): any => ({ + ...obj, + }); +} +/** + *

              Describes a path component.

              + */ +export interface AnalysisComponent { /** - *

              The port.

              + *

              The ID of the component.

              */ - Port?: number; + Id?: string; /** - *

              The port ranges.

              + *

              The Amazon Resource Name (ARN) of the component.

              */ - PortRanges?: PortRange[]; + Arn?: string; +} +export namespace AnalysisComponent { /** - *

              The prefix list.

              + * @internal */ - PrefixList?: AnalysisComponent; + export const filterSensitiveLog = (obj: AnalysisComponent): any => ({ + ...obj, + }); +} +/** + *

              Describes a network access control (ACL) rule.

              + */ +export interface AnalysisAclRule { /** - *

              The protocols.

              + *

              The IPv4 address range, in CIDR notation.

              */ - Protocols?: string[]; + Cidr?: string; /** - *

              The route table route.

              + *

              Indicates whether the rule is an outbound rule.

              */ - RouteTableRoute?: AnalysisRouteTableRoute; + Egress?: boolean; /** - *

              The route table.

              + *

              The range of ports.

              */ - RouteTable?: AnalysisComponent; + PortRange?: PortRange; /** - *

              The security group.

              + *

              The protocol.

              */ - SecurityGroup?: AnalysisComponent; + Protocol?: string; /** - *

              The security group rule.

              + *

              Indicates whether to allow or deny traffic that matches the rule.

              */ - SecurityGroupRule?: AnalysisSecurityGroupRule; + RuleAction?: string; /** - *

              The security groups.

              + *

              The rule number.

              */ - SecurityGroups?: AnalysisComponent[]; + RuleNumber?: number; +} +export namespace AnalysisAclRule { /** - *

              The source VPC.

              + * @internal */ - SourceVpc?: AnalysisComponent; + export const filterSensitiveLog = (obj: AnalysisAclRule): any => ({ + ...obj, + }); +} +/** + *

              Describes a load balancer listener.

              + */ +export interface AnalysisLoadBalancerListener { /** - *

              The state.

              + *

              The port on which the load balancer is listening.

              */ - State?: string; + LoadBalancerPort?: number; /** - *

              The subnet.

              + *

              [Classic Load Balancers] The back-end port for the listener.

              */ - Subnet?: AnalysisComponent; + InstancePort?: number; +} +export namespace AnalysisLoadBalancerListener { /** - *

              The route table for the subnet.

              + * @internal */ - SubnetRouteTable?: AnalysisComponent; + export const filterSensitiveLog = (obj: AnalysisLoadBalancerListener): any => ({ + ...obj, + }); +} +/** + *

              Describes a load balancer target.

              + */ +export interface AnalysisLoadBalancerTarget { /** - *

              The component VPC.

              + *

              The IP address.

              */ - Vpc?: AnalysisComponent; + Address?: string; /** - *

              The VPC endpoint.

              + *

              The Availability Zone.

              */ - VpcEndpoint?: AnalysisComponent; + AvailabilityZone?: string; /** - *

              The VPN connection.

              + *

              Information about the instance.

              */ - VpnConnection?: AnalysisComponent; + Instance?: AnalysisComponent; /** - *

              The VPN gateway.

              + *

              The port on which the target is listening.

              */ - VpnGateway?: AnalysisComponent; + Port?: number; } -export namespace Explanation { +export namespace AnalysisLoadBalancerTarget { /** * @internal */ - export const filterSensitiveLog = (obj: Explanation): any => ({ + export const filterSensitiveLog = (obj: AnalysisLoadBalancerTarget): any => ({ ...obj, }); } /** - *

              Describes a header. Reflects any changes made by a component as traffic passes through. - * The fields of an inbound header are null except for the first component of a path.

              + *

              Describes a route table route.

              */ -export interface AnalysisPacketHeader { +export interface AnalysisRouteTableRoute { /** - *

              The destination addresses.

              + *

              The destination IPv4 address, in CIDR notation.

              */ - DestinationAddresses?: string[]; + DestinationCidr?: string; /** - *

              The destination port ranges.

              + *

              The prefix of the Amazon Web Service.

              */ - DestinationPortRanges?: PortRange[]; + DestinationPrefixListId?: string; /** - *

              The protocol.

              + *

              The ID of an egress-only internet gateway.

              */ - Protocol?: string; + EgressOnlyInternetGatewayId?: string; /** - *

              The source addresses.

              + *

              The ID of the gateway, such as an internet gateway or virtual private gateway.

              */ - SourceAddresses?: string[]; + GatewayId?: string; /** - *

              The source port ranges.

              + *

              The ID of the instance, such as a NAT instance.

              */ - SourcePortRanges?: PortRange[]; -} + InstanceId?: string; -export namespace AnalysisPacketHeader { /** - * @internal + *

              The ID of a NAT gateway.

              */ - export const filterSensitiveLog = (obj: AnalysisPacketHeader): any => ({ - ...obj, - }); -} + NatGatewayId?: string; -/** - *

              Describes a path component.

              - */ -export interface PathComponent { /** - *

              The sequence number.

              + *

              The ID of a network interface.

              */ - SequenceNumber?: number; + NetworkInterfaceId?: string; /** - *

              The network ACL rule.

              + *

              Describes how the route was created. The following are possible values:

              + *
                + *
              • + *

                + * CreateRouteTable - The route was automatically created when the route table was created.

                + *
                • + *
              • + *

                + * CreateRoute - The route was manually added to the route table.

                + *
                • + *
              • + *

                + * EnableVgwRoutePropagation - The route was propagated by route propagation.

                + *
                • + *
              */ - AclRule?: AnalysisAclRule; + Origin?: string; /** - *

              The component.

              + *

              The ID of a transit gateway.

              */ - Component?: AnalysisComponent; + TransitGatewayId?: string; /** - *

              The destination VPC.

              + *

              The ID of a VPC peering connection.

              */ - DestinationVpc?: AnalysisComponent; + VpcPeeringConnectionId?: string; +} +export namespace AnalysisRouteTableRoute { /** - *

              The outbound header.

              + * @internal */ - OutboundHeader?: AnalysisPacketHeader; + export const filterSensitiveLog = (obj: AnalysisRouteTableRoute): any => ({ + ...obj, + }); +} +/** + *

              Describes a security group rule.

              + */ +export interface AnalysisSecurityGroupRule { /** - *

              The inbound header.

              + *

              The IPv4 address range, in CIDR notation.

              */ - InboundHeader?: AnalysisPacketHeader; + Cidr?: string; /** - *

              The route table route.

              + *

              The direction. The following are possible values:

              + *
                + *
              • + *

                egress

                + *
                • + *
              • + *

                ingress

                + *
                • + *
              */ - RouteTableRoute?: AnalysisRouteTableRoute; + Direction?: string; /** - *

              The security group rule.

              + *

              The security group ID.

              */ - SecurityGroupRule?: AnalysisSecurityGroupRule; + SecurityGroupId?: string; /** - *

              The source VPC.

              + *

              The port range.

              */ - SourceVpc?: AnalysisComponent; + PortRange?: PortRange; /** - *

              The subnet.

              + *

              The prefix list ID.

              */ - Subnet?: AnalysisComponent; + PrefixListId?: string; /** - *

              The component VPC.

              + *

              The protocol name.

              */ - Vpc?: AnalysisComponent; + Protocol?: string; } -export namespace PathComponent { +export namespace AnalysisSecurityGroupRule { /** * @internal */ - export const filterSensitiveLog = (obj: PathComponent): any => ({ + export const filterSensitiveLog = (obj: AnalysisSecurityGroupRule): any => ({ ...obj, }); } -export type AnalysisStatus = "failed" | "running" | "succeeded"; - /** - *

              Describes a network insights analysis.

              + *

              Describes an explanation code for an unreachable path. For more information, see Reachability Analyzer explanation codes.

              */ -export interface NetworkInsightsAnalysis { +export interface Explanation { + /** + *

              The network ACL.

              + */ + Acl?: AnalysisComponent; + /** - *

              The ID of the network insights analysis.

              + *

              The network ACL rule.

              */ - NetworkInsightsAnalysisId?: string; + AclRule?: AnalysisAclRule; /** - *

              The Amazon Resource Name (ARN) of the network insights analysis.

              + *

              The IPv4 address, in CIDR notation.

              */ - NetworkInsightsAnalysisArn?: string; + Address?: string; /** - *

              The ID of the path.

              + *

              The IPv4 addresses, in CIDR notation.

              */ - NetworkInsightsPathId?: string; + Addresses?: string[]; /** - *

              The Amazon Resource Names (ARN) of the Amazon Web Services resources that the path must traverse.

              + *

              The resource to which the component is attached.

              */ - FilterInArns?: string[]; + AttachedTo?: AnalysisComponent; /** - *

              The time the analysis started.

              + *

              The Availability Zones.

              */ - StartDate?: Date; + AvailabilityZones?: string[]; /** - *

              The status of the network insights analysis.

              + *

              The CIDR ranges.

              */ - Status?: AnalysisStatus | string; + Cidrs?: string[]; /** - *

              The status message, if the status is failed.

              + *

              The component.

              */ - StatusMessage?: string; + Component?: AnalysisComponent; /** - *

              Indicates whether the destination is reachable from the source.

              + *

              The customer gateway.

              */ - NetworkPathFound?: boolean; + CustomerGateway?: AnalysisComponent; /** - *

              The components in the path from source to destination.

              + *

              The destination.

              */ - ForwardPathComponents?: PathComponent[]; + Destination?: AnalysisComponent; /** - *

              The components in the path from destination to source.

              + *

              The destination VPC.

              */ - ReturnPathComponents?: PathComponent[]; + DestinationVpc?: AnalysisComponent; /** - *

              The explanations. For more information, see Reachability Analyzer explanation codes.

              + *

              The direction. The following are possible values:

              + *
                + *
              • + *

                egress

                + *
                • + *
              • + *

                ingress

                + *
                • + *
              */ - Explanations?: Explanation[]; + Direction?: string; /** - *

              Potential intermediate components.

              + *

              The explanation code.

              */ - AlternatePathHints?: AlternatePathHint[]; + ExplanationCode?: string; /** - *

              The tags.

              + *

              The route table.

              */ - Tags?: Tag[]; -} + IngressRouteTable?: AnalysisComponent; -export namespace NetworkInsightsAnalysis { /** - * @internal + *

              The internet gateway.

              */ - export const filterSensitiveLog = (obj: NetworkInsightsAnalysis): any => ({ - ...obj, - }); -} + InternetGateway?: AnalysisComponent; -export interface DescribeNetworkInsightsAnalysesResult { /** - *

              Information about the network insights analyses.

              + *

              The Amazon Resource Name (ARN) of the load balancer.

              */ - NetworkInsightsAnalyses?: NetworkInsightsAnalysis[]; + LoadBalancerArn?: string; /** - *

              The token to use to retrieve the next page of results. This value is null when there are no more results to return.

              + *

              The listener for a Classic Load Balancer.

              */ - NextToken?: string; -} + ClassicLoadBalancerListener?: AnalysisLoadBalancerListener; -export namespace DescribeNetworkInsightsAnalysesResult { /** - * @internal + *

              The listener port of the load balancer.

              */ - export const filterSensitiveLog = (obj: DescribeNetworkInsightsAnalysesResult): any => ({ - ...obj, - }); -} + LoadBalancerListenerPort?: number; -export interface DescribeNetworkInsightsPathsRequest { /** - *

              The IDs of the paths.

              + *

              The target.

              */ - NetworkInsightsPathIds?: string[]; + LoadBalancerTarget?: AnalysisLoadBalancerTarget; /** - *

              The filters. The following are possible values:

              - *
                - *
              • - *

                Destination - The ID of the resource.

                - *
                • - *
              • - *

                DestinationPort - The destination port.

                - *
                • - *
              • - *

                Name - The path name.

                - *
                • - *
              • - *

                Protocol - The protocol.

                - *
                • - *
              • - *

                Source - The ID of the resource.

                - *
                • - *
              + *

              The target group.

              */ - Filters?: Filter[]; + LoadBalancerTargetGroup?: AnalysisComponent; /** - *

              The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

              + *

              The target groups.

              */ - MaxResults?: number; + LoadBalancerTargetGroups?: AnalysisComponent[]; /** - *

              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

              + *

              The target port.

              */ - DryRun?: boolean; + LoadBalancerTargetPort?: number; /** - *

              The token for the next page of results.

              + *

              The load balancer listener.

              */ - NextToken?: string; -} + ElasticLoadBalancerListener?: AnalysisComponent; -export namespace DescribeNetworkInsightsPathsRequest { /** - * @internal + *

              The missing component.

              */ - export const filterSensitiveLog = (obj: DescribeNetworkInsightsPathsRequest): any => ({ - ...obj, - }); -} + MissingComponent?: string; -export interface DescribeNetworkInsightsPathsResult { /** - *

              Information about the paths.

              + *

              The NAT gateway.

              */ - NetworkInsightsPaths?: NetworkInsightsPath[]; + NatGateway?: AnalysisComponent; /** - *

              The token to use to retrieve the next page of results. This value is null when there are no more results to return.

              + *

              The network interface.

              */ - NextToken?: string; -} + NetworkInterface?: AnalysisComponent; -export namespace DescribeNetworkInsightsPathsResult { /** - * @internal + *

              The packet field.

              */ - export const filterSensitiveLog = (obj: DescribeNetworkInsightsPathsResult): any => ({ - ...obj, - }); -} + PacketField?: string; -export type NetworkInterfaceAttribute = "attachment" | "description" | "groupSet" | "sourceDestCheck"; + /** + *

              The VPC peering connection.

              + */ + VpcPeeringConnection?: AnalysisComponent; -/** - *

              Contains the parameters for DescribeNetworkInterfaceAttribute.

              - */ -export interface DescribeNetworkInterfaceAttributeRequest { /** - *

              The attribute of the network interface. This parameter is required.

              + *

              The port.

              */ - Attribute?: NetworkInterfaceAttribute | string; + Port?: number; /** - *

              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

              + *

              The port ranges.

              */ - DryRun?: boolean; + PortRanges?: PortRange[]; /** - *

              The ID of the network interface.

              + *

              The prefix list.

              */ - NetworkInterfaceId: string | undefined; -} + PrefixList?: AnalysisComponent; -export namespace DescribeNetworkInterfaceAttributeRequest { /** - * @internal + *

              The protocols.

              */ - export const filterSensitiveLog = (obj: DescribeNetworkInterfaceAttributeRequest): any => ({ - ...obj, - }); -} + Protocols?: string[]; -/** - *

              Contains the output of DescribeNetworkInterfaceAttribute.

              - */ -export interface DescribeNetworkInterfaceAttributeResult { /** - *

              The attachment (if any) of the network interface.

              + *

              The route table route.

              */ - Attachment?: NetworkInterfaceAttachment; + RouteTableRoute?: AnalysisRouteTableRoute; /** - *

              The description of the network interface.

              + *

              The route table.

              */ - Description?: AttributeValue; + RouteTable?: AnalysisComponent; /** - *

              The security groups associated with the network interface.

              + *

              The security group.

              */ - Groups?: GroupIdentifier[]; + SecurityGroup?: AnalysisComponent; /** - *

              The ID of the network interface.

              + *

              The security group rule.

              */ - NetworkInterfaceId?: string; + SecurityGroupRule?: AnalysisSecurityGroupRule; /** - *

              Indicates whether source/destination checking is enabled.

              + *

              The security groups.

              */ - SourceDestCheck?: AttributeBooleanValue; -} + SecurityGroups?: AnalysisComponent[]; -export namespace DescribeNetworkInterfaceAttributeResult { /** - * @internal + *

              The source VPC.

              */ - export const filterSensitiveLog = (obj: DescribeNetworkInterfaceAttributeResult): any => ({ - ...obj, - }); -} + SourceVpc?: AnalysisComponent; -/** - *

              Contains the parameters for DescribeNetworkInterfacePermissions.

              - */ -export interface DescribeNetworkInterfacePermissionsRequest { /** - *

              One or more network interface permission IDs.

              + *

              The state.

              */ - NetworkInterfacePermissionIds?: string[]; + State?: string; /** - *

              One or more filters.

              - *
                - *
              • - *

                - * network-interface-permission.network-interface-permission-id - The ID of the - * permission.

                - *
                • - *
              • - *

                - * network-interface-permission.network-interface-id - The ID of - * the network interface.

                - *
                • - *
              • - *

                - * network-interface-permission.aws-account-id - The Amazon Web Services account ID.

                - *
                • - *
              • - *

                - * network-interface-permission.aws-service - The Amazon Web Service.

                - *
                • - *
              • - *

                - * network-interface-permission.permission - The type of - * permission (INSTANCE-ATTACH | - * EIP-ASSOCIATE).

                - *
                • - *
              + *

              The subnet.

              */ - Filters?: Filter[]; + Subnet?: AnalysisComponent; /** - *

              The token to request the next page of results.

              + *

              The route table for the subnet.

              */ - NextToken?: string; + SubnetRouteTable?: AnalysisComponent; /** - *

              The maximum number of results to return in a single call. To retrieve the remaining results, - * make another call with the returned NextToken value. If this parameter is not specified, up to 50 results are returned by default.

              + *

              The component VPC.

              */ - MaxResults?: number; -} + Vpc?: AnalysisComponent; -export namespace DescribeNetworkInterfacePermissionsRequest { /** - * @internal + *

              The VPC endpoint.

              */ - export const filterSensitiveLog = (obj: DescribeNetworkInterfacePermissionsRequest): any => ({ - ...obj, - }); -} + VpcEndpoint?: AnalysisComponent; -/** - *

              Contains the output for DescribeNetworkInterfacePermissions.

              - */ -export interface DescribeNetworkInterfacePermissionsResult { /** - *

              The network interface permissions.

              + *

              The VPN connection.

              */ - NetworkInterfacePermissions?: NetworkInterfacePermission[]; + VpnConnection?: AnalysisComponent; /** - *

              The token to use to retrieve the next page of results.

              + *

              The VPN gateway.

              */ - NextToken?: string; + VpnGateway?: AnalysisComponent; } -export namespace DescribeNetworkInterfacePermissionsResult { +export namespace Explanation { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeNetworkInterfacePermissionsResult): any => ({ + export const filterSensitiveLog = (obj: Explanation): any => ({ ...obj, }); } /** - *

              Contains the parameters for DescribeNetworkInterfaces.

              + *

              Describes a header. Reflects any changes made by a component as traffic passes through. + * The fields of an inbound header are null except for the first component of a path.

              */ -export interface DescribeNetworkInterfacesRequest { +export interface AnalysisPacketHeader { /** - *

              One or more filters.

              - *
                - *
              • - *

                - * addresses.private-ip-address - The private IPv4 addresses - * associated with the network interface.

                - *
                • - *
              • - *

                - * addresses.primary - Whether the private IPv4 address is the primary - * IP address associated with the network interface.

                - *
                • - *
              • - *

                - * addresses.association.public-ip - The association ID returned when - * the network interface was associated with the Elastic IP address - * (IPv4).

                - *
                • - *
              • - *

                - * addresses.association.owner-id - The owner ID of the addresses associated with the network interface.

                - *
                • - *
              • - *

                - * association.association-id - The association ID returned when the - * network interface was associated with an IPv4 address.

                - *
                • - *
              • - *

                - * association.allocation-id - The allocation ID returned when you - * allocated the Elastic IP address (IPv4) for your network interface.

                - *
                • - *
              • - *

                - * association.ip-owner-id - The owner of the Elastic IP address - * (IPv4) associated with the network interface.

                - *
                • - *
              • - *

                - * association.public-ip - The address of the Elastic IP address - * (IPv4) bound to the network interface.

                - *
                • - *
              • - *

                - * association.public-dns-name - The public DNS name for the network - * interface (IPv4).

                - *
                • - *
              • - *

                - * attachment.attachment-id - The ID of the interface attachment.

                - *
                • - *
              • - *

                - * attachment.attach-time - The time that the network interface was attached to an instance.

                - *
                • - *
              • - *

                - * attachment.delete-on-termination - Indicates whether the attachment is deleted when an instance is terminated.

                - *
                • - *
              • - *

                - * attachment.device-index - The device index to which the network interface is attached.

                - *
                • - *
              • - *

                - * attachment.instance-id - The ID of the instance to which the network interface is attached.

                - *
                • - *
              • - *

                - * attachment.instance-owner-id - The owner ID of the instance to which the network interface is attached.

                - *
                • - *
              • - *

                - * attachment.status - The status of the attachment (attaching | attached | detaching | detached).

                - *
                • - *
              • - *

                - * availability-zone - The Availability Zone of the network interface.

                - *
                • - *
              • - *

                - * description - The description of the network interface.

                - *
                • - *
              • - *

                - * group-id - The ID of a security group associated with the network interface.

                - *
                • - *
              • - *

                - * group-name - The name of a security group associated with the network interface.

                - *
                • - *
              • - *

                - * ipv6-addresses.ipv6-address - An IPv6 address associated with - * the network interface.

                - *
                • - *
              • - *

                - * mac-address - The MAC address of the network interface.

                - *
                • - *
              • - *

                - * network-interface-id - The ID of the network interface.

                - *
                • - *
              • - *

                - * owner-id - The Amazon Web Services account ID of the network interface owner.

                - *
                • - *
              • - *

                - * private-ip-address - The private IPv4 address or addresses of the - * network interface.

                - *
                • - *
              • - *

                - * private-dns-name - The private DNS name of the network interface (IPv4).

                - *
                • - *
              • - *

                - * requester-id - The alias or Amazon Web Services account ID of the principal or service that created the network interface.

                - *
                • - *
              • - *

                - * requester-managed - Indicates whether the network interface is being managed by an Amazon Web Service - * (for example, Amazon Web Services Management Console, Auto Scaling, and so on).

                - *
                • - *
              • - *

                - * source-dest-check - Indicates whether the network interface performs source/destination checking. - * A value of true means checking is enabled, and false means checking is disabled. - * The value must be false for the network interface to perform network address translation (NAT) in your VPC.

                - *
                • - *
              • - *

                - * status - The status of the network interface. If the network interface is not attached to an instance, the status is available; - * if a network interface is attached to an instance the status is in-use.

                - *
                • - *
              • - *

                - * subnet-id - The ID of the subnet for the network interface.

                - *
                • - *
              • - *

                - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. - * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                - *
                • - *
              • - *

                - * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                - *
                • - *
              • - *

                - * vpc-id - The ID of the VPC for the network interface.

                - *
                • - *
              + *

              The destination addresses.

              */ - Filters?: Filter[]; + DestinationAddresses?: string[]; /** - *

              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

              + *

              The destination port ranges.

              */ - DryRun?: boolean; + DestinationPortRanges?: PortRange[]; /** - *

              One or more network interface IDs.

              - *

              Default: Describes all your network interfaces.

              + *

              The protocol.

              */ - NetworkInterfaceIds?: string[]; + Protocol?: string; /** - *

              The token to retrieve the next page of results.

              + *

              The source addresses.

              */ - NextToken?: string; + SourceAddresses?: string[]; /** - *

              The maximum number of items to return for this request. The request returns a token that you - * can specify in a subsequent call to get the next set of results. You cannot specify this - * parameter and the network interface IDs parameter in the same request.

              + *

              The source port ranges.

              */ - MaxResults?: number; + SourcePortRanges?: PortRange[]; } -export namespace DescribeNetworkInterfacesRequest { +export namespace AnalysisPacketHeader { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeNetworkInterfacesRequest): any => ({ + export const filterSensitiveLog = (obj: AnalysisPacketHeader): any => ({ ...obj, }); } /** - *

              Contains the output of DescribeNetworkInterfaces.

              + *

              Describes a path component.

              */ -export interface DescribeNetworkInterfacesResult { +export interface PathComponent { /** - *

              Information about one or more network interfaces.

              + *

              The sequence number.

              */ - NetworkInterfaces?: NetworkInterface[]; + SequenceNumber?: number; /** - *

              The token to use to retrieve the next page of results. This value is null when there are no more results to return.

              + *

              The network ACL rule.

              */ - NextToken?: string; -} + AclRule?: AnalysisAclRule; + + /** + *

              The component.

              + */ + Component?: AnalysisComponent; + + /** + *

              The destination VPC.

              + */ + DestinationVpc?: AnalysisComponent; + + /** + *

              The outbound header.

              + */ + OutboundHeader?: AnalysisPacketHeader; + + /** + *

              The inbound header.

              + */ + InboundHeader?: AnalysisPacketHeader; -export namespace DescribeNetworkInterfacesResult { /** - * @internal + *

              The route table route.

              */ - export const filterSensitiveLog = (obj: DescribeNetworkInterfacesResult): any => ({ - ...obj, - }); -} + RouteTableRoute?: AnalysisRouteTableRoute; -export interface DescribePlacementGroupsRequest { /** - *

              The filters.

              - *
                - *
              • - *

                - * group-name - The name of the placement group.

                - *
                • - *
              • - *

                - * state - The state of the placement group (pending | - * available | deleting | - * deleted).

                - *
                • - *
              • - *

                - * strategy - The strategy of the placement group - * (cluster | spread | - * partition).

                - *
                • - *
              • - *

                - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. - * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                - *
                • - *
              • - *

                - * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources that have a tag with a specific key, regardless of the tag value.

                - *
                • - *
              + *

              The security group rule.

              */ - Filters?: Filter[]; + SecurityGroupRule?: AnalysisSecurityGroupRule; /** - *

              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

              + *

              The source VPC.

              */ - DryRun?: boolean; + SourceVpc?: AnalysisComponent; /** - *

              The names of the placement groups.

              - *

              Default: Describes all your placement groups, or only those otherwise - * specified.

              + *

              The subnet.

              */ - GroupNames?: string[]; + Subnet?: AnalysisComponent; /** - *

              The IDs of the placement groups.

              + *

              The component VPC.

              */ - GroupIds?: string[]; + Vpc?: AnalysisComponent; } -export namespace DescribePlacementGroupsRequest { +export namespace PathComponent { /** * @internal */ - export const filterSensitiveLog = (obj: DescribePlacementGroupsRequest): any => ({ + export const filterSensitiveLog = (obj: PathComponent): any => ({ ...obj, }); } -export interface DescribePlacementGroupsResult { +export type AnalysisStatus = "failed" | "running" | "succeeded"; + +/** + *

              Describes a network insights analysis.

              + */ +export interface NetworkInsightsAnalysis { /** - *

              Information about the placement groups.

              + *

              The ID of the network insights analysis.

              */ - PlacementGroups?: PlacementGroup[]; -} + NetworkInsightsAnalysisId?: string; -export namespace DescribePlacementGroupsResult { /** - * @internal + *

              The Amazon Resource Name (ARN) of the network insights analysis.

              */ - export const filterSensitiveLog = (obj: DescribePlacementGroupsResult): any => ({ - ...obj, - }); -} + NetworkInsightsAnalysisArn?: string; -export interface DescribePrefixListsRequest { /** - *

              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

              + *

              The ID of the path.

              */ - DryRun?: boolean; + NetworkInsightsPathId?: string; /** - *

              One or more filters.

              - *
                - *
              • - *

                - * prefix-list-id: The ID of a prefix list.

                - *
                • - *
              • - *

                - * prefix-list-name: The name of a prefix list.

                - *
                • - *
              + *

              The Amazon Resource Names (ARN) of the Amazon Web Services resources that the path must traverse.

              */ - Filters?: Filter[]; + FilterInArns?: string[]; /** - *

              The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

              + *

              The time the analysis started.

              */ - MaxResults?: number; + StartDate?: Date; /** - *

              The token for the next page of results.

              + *

              The status of the network insights analysis.

              */ - NextToken?: string; + Status?: AnalysisStatus | string; /** - *

              One or more prefix list IDs.

              + *

              The status message, if the status is failed.

              */ - PrefixListIds?: string[]; -} + StatusMessage?: string; -export namespace DescribePrefixListsRequest { /** - * @internal + *

              Indicates whether the destination is reachable from the source.

              */ - export const filterSensitiveLog = (obj: DescribePrefixListsRequest): any => ({ - ...obj, - }); -} + NetworkPathFound?: boolean; -/** - *

              Describes prefixes for Amazon Web Services services.

              - */ -export interface PrefixList { /** - *

              The IP address range of the Amazon Web Service.

              + *

              The components in the path from source to destination.

              */ - Cidrs?: string[]; + ForwardPathComponents?: PathComponent[]; /** - *

              The ID of the prefix.

              + *

              The components in the path from destination to source.

              */ - PrefixListId?: string; + ReturnPathComponents?: PathComponent[]; /** - *

              The name of the prefix.

              + *

              The explanations. For more information, see Reachability Analyzer explanation codes.

              */ - PrefixListName?: string; + Explanations?: Explanation[]; + + /** + *

              Potential intermediate components.

              + */ + AlternatePathHints?: AlternatePathHint[]; + + /** + *

              The tags.

              + */ + Tags?: Tag[]; } -export namespace PrefixList { +export namespace NetworkInsightsAnalysis { /** * @internal */ - export const filterSensitiveLog = (obj: PrefixList): any => ({ + export const filterSensitiveLog = (obj: NetworkInsightsAnalysis): any => ({ ...obj, }); } -export interface DescribePrefixListsResult { +export interface DescribeNetworkInsightsAnalysesResult { /** - *

              The token to use to retrieve the next page of results. This value is null when there are no more results to return.

              + *

              Information about the network insights analyses.

              */ - NextToken?: string; + NetworkInsightsAnalyses?: NetworkInsightsAnalysis[]; /** - *

              All available prefix lists.

              + *

              The token to use to retrieve the next page of results. This value is null when there are no more results to return.

              */ - PrefixLists?: PrefixList[]; + NextToken?: string; } -export namespace DescribePrefixListsResult { +export namespace DescribeNetworkInsightsAnalysesResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribePrefixListsResult): any => ({ + export const filterSensitiveLog = (obj: DescribeNetworkInsightsAnalysesResult): any => ({ ...obj, }); } -export interface DescribePrincipalIdFormatRequest { +export interface DescribeNetworkInsightsPathsRequest { /** - *

              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

              + *

              The IDs of the paths.

              */ - DryRun?: boolean; + NetworkInsightsPathIds?: string[]; /** - *

              The type of resource: bundle | - * conversion-task | customer-gateway | dhcp-options | - * elastic-ip-allocation | elastic-ip-association | - * export-task | flow-log | image | - * import-task | instance | internet-gateway | - * network-acl | network-acl-association | - * network-interface | network-interface-attachment | - * prefix-list | reservation | route-table | - * route-table-association | security-group | - * snapshot | subnet | - * subnet-cidr-block-association | volume | vpc - * | vpc-cidr-block-association | vpc-endpoint | - * vpc-peering-connection | vpn-connection | vpn-gateway - *

              + *

              The filters. The following are possible values:

              + *
                + *
              • + *

                Destination - The ID of the resource.

                + *
                • + *
              • + *

                DestinationPort - The destination port.

                + *
                • + *
              • + *

                Name - The path name.

                + *
                • + *
              • + *

                Protocol - The protocol.

                + *
                • + *
              • + *

                Source - The ID of the resource.

                + *
                • + *
              */ - Resources?: string[]; + Filters?: Filter[]; /** - *

              The maximum number of results to return in a single call. To retrieve the remaining - * results, make another call with the returned NextToken value.

              + *

              The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

              */ MaxResults?: number; /** - *

              The token to request the next page of results.

              - */ - NextToken?: string; -} - -export namespace DescribePrincipalIdFormatRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DescribePrincipalIdFormatRequest): any => ({ - ...obj, - }); -} - -/** - *

              PrincipalIdFormat description

              - */ -export interface PrincipalIdFormat { - /** - *

              PrincipalIdFormatARN description

              + *

              Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

              */ - Arn?: string; + DryRun?: boolean; /** - *

              PrincipalIdFormatStatuses description

              + *

              The token for the next page of results.

              */ - Statuses?: IdFormat[]; + NextToken?: string; } -export namespace PrincipalIdFormat { +export namespace DescribeNetworkInsightsPathsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: PrincipalIdFormat): any => ({ + export const filterSensitiveLog = (obj: DescribeNetworkInsightsPathsRequest): any => ({ ...obj, }); } -export interface DescribePrincipalIdFormatResult { +export interface DescribeNetworkInsightsPathsResult { /** - *

              Information about the ID format settings for the ARN.

              + *

              Information about the paths.

              */ - Principals?: PrincipalIdFormat[]; + NetworkInsightsPaths?: NetworkInsightsPath[]; /** - *

              The token to use to retrieve the next page of results. This value is null when there are no more results to return.

              + *

              The token to use to retrieve the next page of results. This value is null when there are no more results to return.

              */ NextToken?: string; } -export namespace DescribePrincipalIdFormatResult { +export namespace DescribeNetworkInsightsPathsResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribePrincipalIdFormatResult): any => ({ + export const filterSensitiveLog = (obj: DescribeNetworkInsightsPathsResult): any => ({ ...obj, }); } -export interface DescribePublicIpv4PoolsRequest { - /** - *

              The IDs of the address pools.

              - */ - PoolIds?: string[]; +export type NetworkInterfaceAttribute = "attachment" | "description" | "groupSet" | "sourceDestCheck"; +/** + *

              Contains the parameters for DescribeNetworkInterfaceAttribute.

              + */ +export interface DescribeNetworkInterfaceAttributeRequest { /** - *

              The token for the next page of results.

              + *

              The attribute of the network interface. This parameter is required.

              */ - NextToken?: string; + Attribute?: NetworkInterfaceAttribute | string; /** - *

              The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

              + *

              Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

              */ - MaxResults?: number; + DryRun?: boolean; /** - *

              One or more filters.

              - *
                - *
              • - *

                - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. - * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                - *
                • - *
              • - *

                - * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                - *
                • - *
              + *

              The ID of the network interface.

              */ - Filters?: Filter[]; + NetworkInterfaceId: string | undefined; } -export namespace DescribePublicIpv4PoolsRequest { +export namespace DescribeNetworkInterfaceAttributeRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribePublicIpv4PoolsRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeNetworkInterfaceAttributeRequest): any => ({ ...obj, }); } /** - *

              Describes an address range of an IPv4 address pool.

              + *

              Contains the output of DescribeNetworkInterfaceAttribute.

              */ -export interface PublicIpv4PoolRange { +export interface DescribeNetworkInterfaceAttributeResult { /** - *

              The first IP address in the range.

              + *

              The attachment (if any) of the network interface.

              */ - FirstAddress?: string; + Attachment?: NetworkInterfaceAttachment; /** - *

              The last IP address in the range.

              + *

              The description of the network interface.

              */ - LastAddress?: string; + Description?: AttributeValue; /** - *

              The number of addresses in the range.

              + *

              The security groups associated with the network interface.

              */ - AddressCount?: number; + Groups?: GroupIdentifier[]; /** - *

              The number of available addresses in the range.

              + *

              The ID of the network interface.

              */ - AvailableAddressCount?: number; + NetworkInterfaceId?: string; + + /** + *

              Indicates whether source/destination checking is enabled.

              + */ + SourceDestCheck?: AttributeBooleanValue; } -export namespace PublicIpv4PoolRange { +export namespace DescribeNetworkInterfaceAttributeResult { /** * @internal */ - export const filterSensitiveLog = (obj: PublicIpv4PoolRange): any => ({ + export const filterSensitiveLog = (obj: DescribeNetworkInterfaceAttributeResult): any => ({ ...obj, }); } /** - *

              Describes an IPv4 address pool.

              + *

              Contains the parameters for DescribeNetworkInterfacePermissions.

              */ -export interface PublicIpv4Pool { - /** - *

              The ID of the address pool.

              - */ - PoolId?: string; - - /** - *

              A description of the address pool.

              - */ - Description?: string; - - /** - *

              The address ranges.

              - */ - PoolAddressRanges?: PublicIpv4PoolRange[]; - +export interface DescribeNetworkInterfacePermissionsRequest { /** - *

              The total number of addresses.

              + *

              One or more network interface permission IDs.

              */ - TotalAddressCount?: number; + NetworkInterfacePermissionIds?: string[]; /** - *

              The total number of available addresses.

              + *

              One or more filters.

              + *
                + *
              • + *

                + * network-interface-permission.network-interface-permission-id - The ID of the + * permission.

                + *
                • + *
              • + *

                + * network-interface-permission.network-interface-id - The ID of + * the network interface.

                + *
                • + *
              • + *

                + * network-interface-permission.aws-account-id - The Amazon Web Services account ID.

                + *
                • + *
              • + *

                + * network-interface-permission.aws-service - The Amazon Web Service.

                + *
                • + *
              • + *

                + * network-interface-permission.permission - The type of + * permission (INSTANCE-ATTACH | + * EIP-ASSOCIATE).

                + *
                • + *
              */ - TotalAvailableAddressCount?: number; + Filters?: Filter[]; /** - *

              The name of the location from which the address pool is advertised. - * A network border group is a unique set of Availability Zones or Local Zones - * from where Amazon Web Services advertises public IP addresses.

              + *

              The token to request the next page of results.

              */ - NetworkBorderGroup?: string; + NextToken?: string; /** - *

              Any tags for the address pool.

              + *

              The maximum number of results to return in a single call. To retrieve the remaining results, + * make another call with the returned NextToken value. If this parameter is not specified, up to 50 results are returned by default.

              */ - Tags?: Tag[]; + MaxResults?: number; } -export namespace PublicIpv4Pool { +export namespace DescribeNetworkInterfacePermissionsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: PublicIpv4Pool): any => ({ + export const filterSensitiveLog = (obj: DescribeNetworkInterfacePermissionsRequest): any => ({ ...obj, }); } -export interface DescribePublicIpv4PoolsResult { +/** + *

              Contains the output for DescribeNetworkInterfacePermissions.

              + */ +export interface DescribeNetworkInterfacePermissionsResult { /** - *

              Information about the address pools.

              + *

              The network interface permissions.

              */ - PublicIpv4Pools?: PublicIpv4Pool[]; + NetworkInterfacePermissions?: NetworkInterfacePermission[]; /** - *

              The token to use to retrieve the next page of results. This value is null when there are no more results to return.

              + *

              The token to use to retrieve the next page of results.

              */ NextToken?: string; } -export namespace DescribePublicIpv4PoolsResult { +export namespace DescribeNetworkInterfacePermissionsResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribePublicIpv4PoolsResult): any => ({ + export const filterSensitiveLog = (obj: DescribeNetworkInterfacePermissionsResult): any => ({ ...obj, }); } -export interface DescribeRegionsRequest { +/** + *

              Contains the parameters for DescribeNetworkInterfaces.

              + */ +export interface DescribeNetworkInterfacesRequest { /** - *

              The filters.

              - *
                + *

                One or more filters.

                + *
                  + *
                • + *

                  + * addresses.private-ip-address - The private IPv4 addresses + * associated with the network interface.

                  + *
                  • + *
                • + *

                  + * addresses.primary - Whether the private IPv4 address is the primary + * IP address associated with the network interface.

                  + *
                  • + *
                • + *

                  + * addresses.association.public-ip - The association ID returned when + * the network interface was associated with the Elastic IP address + * (IPv4).

                  + *
                  • + *
                • + *

                  + * addresses.association.owner-id - The owner ID of the addresses associated with the network interface.

                  + *
                  • + *
                • + *

                  + * association.association-id - The association ID returned when the + * network interface was associated with an IPv4 address.

                  + *
                  • + *
                • + *

                  + * association.allocation-id - The allocation ID returned when you + * allocated the Elastic IP address (IPv4) for your network interface.

                  + *
                  • + *
                • + *

                  + * association.ip-owner-id - The owner of the Elastic IP address + * (IPv4) associated with the network interface.

                  + *
                  • + *
                • + *

                  + * association.public-ip - The address of the Elastic IP address + * (IPv4) bound to the network interface.

                  + *
                  • + *
                • + *

                  + * association.public-dns-name - The public DNS name for the network + * interface (IPv4).

                  + *
                  • + *
                • + *

                  + * attachment.attachment-id - The ID of the interface attachment.

                  + *
                  • + *
                • + *

                  + * attachment.attach-time - The time that the network interface was attached to an instance.

                  + *
                  • + *
                • + *

                  + * attachment.delete-on-termination - Indicates whether the attachment is deleted when an instance is terminated.

                  + *
                  • + *
                • + *

                  + * attachment.device-index - The device index to which the network interface is attached.

                  + *
                  • + *
                • + *

                  + * attachment.instance-id - The ID of the instance to which the network interface is attached.

                  + *
                  • + *
                • + *

                  + * attachment.instance-owner-id - The owner ID of the instance to which the network interface is attached.

                  + *
                  • + *
                • + *

                  + * attachment.status - The status of the attachment (attaching | attached | detaching | detached).

                  + *
                  • + *
                • + *

                  + * availability-zone - The Availability Zone of the network interface.

                  + *
                  • + *
                • + *

                  + * description - The description of the network interface.

                  + *
                  • + *
                • + *

                  + * group-id - The ID of a security group associated with the network interface.

                  + *
                  • + *
                • + *

                  + * group-name - The name of a security group associated with the network interface.

                  + *
                  • + *
                • + *

                  + * ipv6-addresses.ipv6-address - An IPv6 address associated with + * the network interface.

                  + *
                  • *
                • - *

                  - * endpoint - The endpoint of the Region (for example, ec2.us-east-1.amazonaws.com).

                  - *
                  • + *

                  + * mac-address - The MAC address of the network interface.

                  + * *
                • - *

                  - * opt-in-status - The opt-in status of the Region (opt-in-not-required | opted-in | - * not-opted-in).

                  - *
                  • + *

                  + * network-interface-id - The ID of the network interface.

                  + * *
                • - *

                  - * region-name - The name of the Region (for example, us-east-1).

                  - *
                  • + *

                  + * owner-id - The Amazon Web Services account ID of the network interface owner.

                  + * + *
                • + *

                  + * private-ip-address - The private IPv4 address or addresses of the + * network interface.

                  + *
                  • + *
                • + *

                  + * private-dns-name - The private DNS name of the network interface (IPv4).

                  + *
                  • + *
                • + *

                  + * requester-id - The alias or Amazon Web Services account ID of the principal or service that created the network interface.

                  + *
                  • + *
                • + *

                  + * requester-managed - Indicates whether the network interface is being managed by an Amazon Web Service + * (for example, Amazon Web Services Management Console, Auto Scaling, and so on).

                  + *
                  • + *
                • + *

                  + * source-dest-check - Indicates whether the network interface performs source/destination checking. + * A value of true means checking is enabled, and false means checking is disabled. + * The value must be false for the network interface to perform network address translation (NAT) in your VPC.

                  + *
                  • + *
                • + *

                  + * status - The status of the network interface. If the network interface is not attached to an instance, the status is available; + * if a network interface is attached to an instance the status is in-use.

                  + *
                  • + *
                • + *

                  + * subnet-id - The ID of the subnet for the network interface.

                  + *
                  • + *
                • + *

                  + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. + * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                  + *
                  • + *
                • + *

                  + * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                  + *
                  • + *
                • + *

                  + * vpc-id - The ID of the VPC for the network interface.

                  + *
                  • *
                */ Filters?: Filter[]; - /** - *

                The names of the Regions. You can specify any Regions, whether they are enabled and disabled for your account.

                - */ - RegionNames?: string[]; - /** *

                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                */ DryRun?: boolean; /** - *

                Indicates whether to display all Regions, including Regions that are disabled for your account.

                - */ - AllRegions?: boolean; -} - -export namespace DescribeRegionsRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DescribeRegionsRequest): any => ({ - ...obj, - }); -} - -/** - *

                Describes a Region.

                - */ -export interface Region { - /** - *

                The Region service endpoint.

                - */ - Endpoint?: string; - - /** - *

                The name of the Region.

                - */ - RegionName?: string; - - /** - *

                The Region opt-in status. The possible values are opt-in-not-required, opted-in, and - * not-opted-in.

                - */ - OptInStatus?: string; -} - -export namespace Region { - /** - * @internal - */ - export const filterSensitiveLog = (obj: Region): any => ({ - ...obj, - }); -} - -export interface DescribeRegionsResult { - /** - *

                Information about the Regions.

                - */ - Regions?: Region[]; -} - -export namespace DescribeRegionsResult { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DescribeRegionsResult): any => ({ - ...obj, - }); -} - -export interface DescribeReplaceRootVolumeTasksRequest { - /** - *

                The ID of the root volume replacement task to view.

                - */ - ReplaceRootVolumeTaskIds?: string[]; - - /** - *

                Filter to use:

                - *
                  - *
                • - *

                  - * instance-id - The ID of the instance for which the root volume replacement task was created.

                  - *
                  • - *
                - */ - Filters?: Filter[]; - - /** - *

                The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

                + *

                One or more network interface IDs.

                + *

                Default: Describes all your network interfaces.

                */ - MaxResults?: number; + NetworkInterfaceIds?: string[]; /** - *

                The token for the next page of results.

                + *

                The token to retrieve the next page of results.

                */ NextToken?: string; /** - *

                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                + *

                The maximum number of items to return for this request. The request returns a token that you + * can specify in a subsequent call to get the next set of results. You cannot specify this + * parameter and the network interface IDs parameter in the same request.

                */ - DryRun?: boolean; + MaxResults?: number; } -export namespace DescribeReplaceRootVolumeTasksRequest { +export namespace DescribeNetworkInterfacesRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeReplaceRootVolumeTasksRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeNetworkInterfacesRequest): any => ({ ...obj, }); } -export interface DescribeReplaceRootVolumeTasksResult { +/** + *

                Contains the output of DescribeNetworkInterfaces.

                + */ +export interface DescribeNetworkInterfacesResult { /** - *

                Information about the root volume replacement task.

                + *

                Information about one or more network interfaces.

                */ - ReplaceRootVolumeTasks?: ReplaceRootVolumeTask[]; + NetworkInterfaces?: NetworkInterface[]; /** *

                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                @@ -6606,85 +6557,34 @@ export interface DescribeReplaceRootVolumeTasksResult { NextToken?: string; } -export namespace DescribeReplaceRootVolumeTasksResult { +export namespace DescribeNetworkInterfacesResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeReplaceRootVolumeTasksResult): any => ({ + export const filterSensitiveLog = (obj: DescribeNetworkInterfacesResult): any => ({ ...obj, }); } -export enum OfferingClassType { - CONVERTIBLE = "convertible", - STANDARD = "standard", -} - -export type OfferingTypeValues = - | "All Upfront" - | "Heavy Utilization" - | "Light Utilization" - | "Medium Utilization" - | "No Upfront" - | "Partial Upfront"; - -/** - *

                Contains the parameters for DescribeReservedInstances.

                - */ -export interface DescribeReservedInstancesRequest { +export interface DescribePlacementGroupsRequest { /** - *

                One or more filters.

                - *
                  - *
                • - *

                  - * availability-zone - The Availability Zone where the Reserved Instance can be used.

                  - *
                  • - *
                • - *

                  - * duration - The duration of the Reserved Instance (one year or three years), in seconds (31536000 | 94608000).

                  - *
                  • - *
                • - *

                  - * end - The time when the Reserved Instance expires (for example, 2015-08-07T11:54:42.000Z).

                  - *
                  • - *
                • - *

                  - * fixed-price - The purchase price of the Reserved Instance (for example, 9800.0).

                  - *
                  • - *
                • - *

                  - * instance-type - The instance type that is covered by the reservation.

                  - *
                  • - *
                • - *

                  - * scope - The scope of the Reserved Instance (Region or Availability Zone).

                  - *
                  • - *
                • - *

                  - * product-description - The Reserved Instance product platform - * description. Instances that include (Amazon VPC) in the product platform - * description will only be displayed to EC2-Classic account holders and are for use with - * Amazon VPC (Linux/UNIX | Linux/UNIX (Amazon VPC) | SUSE - * Linux | SUSE Linux (Amazon VPC) | Red Hat Enterprise - * Linux | Red Hat Enterprise Linux (Amazon VPC) | Red Hat - * Enterprise Linux with HA (Amazon VPC) | Windows | Windows - * (Amazon VPC) | Windows with SQL Server Standard | Windows with - * SQL Server Standard (Amazon VPC) | Windows with SQL Server Web | - * Windows with SQL Server Web (Amazon VPC) | Windows with SQL Server - * Enterprise | Windows with SQL Server Enterprise (Amazon - * VPC)).

                  - *
                  • + *

                  The filters.

                  + *
                    *
                  • - *

                    - * reserved-instances-id - The ID of the Reserved Instance.

                    + *

                    + * group-name - The name of the placement group.

                    *
                    • *
                  • - *

                    - * start - The time at which the Reserved Instance purchase request was placed (for example, 2014-08-07T11:54:42.000Z).

                    + *

                    + * state - The state of the placement group (pending | + * available | deleting | + * deleted).

                    *
                    • *
                  • - *

                    - * state - The state of the Reserved Instance (payment-pending | active | payment-failed | retired).

                    + *

                    + * strategy - The strategy of the placement group + * (cluster | spread | + * partition).

                    *
                    • *
                  • *

                    @@ -6693,654 +6593,655 @@ export interface DescribeReservedInstancesRequest { *

                    • *
                  • *

                    - * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                    - *
                    • - *
                  • - *

                    - * usage-price - The usage price of the Reserved Instance, per hour (for example, 0.84).

                    + * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources that have a tag with a specific key, regardless of the tag value.

                    *
                    • *
                  */ Filters?: Filter[]; /** - *

                  Describes whether the Reserved Instance is Standard or Convertible.

                  - */ - OfferingClass?: OfferingClassType | string; - - /** - *

                  One or more Reserved Instance IDs.

                  - *

                  Default: Describes all your Reserved Instances, or only those otherwise specified.

                  + *

                  Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                  */ - ReservedInstancesIds?: string[]; + DryRun?: boolean; /** - *

                  Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                  + *

                  The names of the placement groups.

                  + *

                  Default: Describes all your placement groups, or only those otherwise + * specified.

                  */ - DryRun?: boolean; + GroupNames?: string[]; /** - *

                  The Reserved Instance offering type. If you are using tools that predate the 2011-11-01 API - * version, you only have access to the Medium Utilization Reserved Instance - * offering type.

                  + *

                  The IDs of the placement groups.

                  */ - OfferingType?: OfferingTypeValues | string; + GroupIds?: string[]; } -export namespace DescribeReservedInstancesRequest { +export namespace DescribePlacementGroupsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeReservedInstancesRequest): any => ({ + export const filterSensitiveLog = (obj: DescribePlacementGroupsRequest): any => ({ ...obj, }); } -export type RIProductDescription = "Linux/UNIX" | "Linux/UNIX (Amazon VPC)" | "Windows" | "Windows (Amazon VPC)"; - -export type RecurringChargeFrequency = "Hourly"; - -/** - *

                  Describes a recurring charge.

                  - */ -export interface RecurringCharge { - /** - *

                  The amount of the recurring charge.

                  - */ - Amount?: number; - +export interface DescribePlacementGroupsResult { /** - *

                  The frequency of the recurring charge.

                  + *

                  Information about the placement groups.

                  */ - Frequency?: RecurringChargeFrequency | string; + PlacementGroups?: PlacementGroup[]; } -export namespace RecurringCharge { +export namespace DescribePlacementGroupsResult { /** * @internal */ - export const filterSensitiveLog = (obj: RecurringCharge): any => ({ + export const filterSensitiveLog = (obj: DescribePlacementGroupsResult): any => ({ ...obj, }); } -export enum Scope { - AVAILABILITY_ZONE = "Availability Zone", - REGIONAL = "Region", -} - -export type ReservedInstanceState = - | "active" - | "payment-failed" - | "payment-pending" - | "queued" - | "queued-deleted" - | "retired"; - -/** - *

                  Describes a Reserved Instance.

                  - */ -export interface ReservedInstances { - /** - *

                  The Availability Zone in which the Reserved Instance can be used.

                  - */ - AvailabilityZone?: string; - +export interface DescribePrefixListsRequest { /** - *

                  The duration of the Reserved Instance, in seconds.

                  + *

                  Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                  */ - Duration?: number; + DryRun?: boolean; /** - *

                  The time when the Reserved Instance expires.

                  + *

                  One or more filters.

                  + *
                    + *
                  • + *

                    + * prefix-list-id: The ID of a prefix list.

                    + *
                    • + *
                  • + *

                    + * prefix-list-name: The name of a prefix list.

                    + *
                    • + *
                  */ - End?: Date; + Filters?: Filter[]; /** - *

                  The purchase price of the Reserved Instance.

                  + *

                  The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                  */ - FixedPrice?: number; + MaxResults?: number; /** - *

                  The number of reservations purchased.

                  + *

                  The token for the next page of results.

                  */ - InstanceCount?: number; + NextToken?: string; /** - *

                  The instance type on which the Reserved Instance can be used.

                  + *

                  One or more prefix list IDs.

                  */ - InstanceType?: _InstanceType | string; + PrefixListIds?: string[]; +} +export namespace DescribePrefixListsRequest { /** - *

                  The Reserved Instance product platform description.

                  + * @internal */ - ProductDescription?: RIProductDescription | string; + export const filterSensitiveLog = (obj: DescribePrefixListsRequest): any => ({ + ...obj, + }); +} +/** + *

                  Describes prefixes for Amazon Web Services services.

                  + */ +export interface PrefixList { /** - *

                  The ID of the Reserved Instance.

                  + *

                  The IP address range of the Amazon Web Service.

                  */ - ReservedInstancesId?: string; + Cidrs?: string[]; /** - *

                  The date and time the Reserved Instance started.

                  + *

                  The ID of the prefix.

                  */ - Start?: Date; + PrefixListId?: string; /** - *

                  The state of the Reserved Instance purchase.

                  + *

                  The name of the prefix.

                  */ - State?: ReservedInstanceState | string; + PrefixListName?: string; +} +export namespace PrefixList { /** - *

                  The usage price of the Reserved Instance, per hour.

                  + * @internal */ - UsagePrice?: number; + export const filterSensitiveLog = (obj: PrefixList): any => ({ + ...obj, + }); +} +export interface DescribePrefixListsResult { /** - *

                  The currency of the Reserved Instance. It's specified using ISO 4217 standard currency codes. - * At this time, the only supported currency is USD.

                  + *

                  The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                  */ - CurrencyCode?: CurrencyCodeValues | string; + NextToken?: string; /** - *

                  The tenancy of the instance.

                  + *

                  All available prefix lists.

                  */ - InstanceTenancy?: Tenancy | string; + PrefixLists?: PrefixList[]; +} +export namespace DescribePrefixListsResult { /** - *

                  The offering class of the Reserved Instance.

                  + * @internal */ - OfferingClass?: OfferingClassType | string; + export const filterSensitiveLog = (obj: DescribePrefixListsResult): any => ({ + ...obj, + }); +} +export interface DescribePrincipalIdFormatRequest { /** - *

                  The Reserved Instance offering type.

                  + *

                  Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                  */ - OfferingType?: OfferingTypeValues | string; + DryRun?: boolean; /** - *

                  The recurring charge tag assigned to the resource.

                  + *

                  The type of resource: bundle | + * conversion-task | customer-gateway | dhcp-options | + * elastic-ip-allocation | elastic-ip-association | + * export-task | flow-log | image | + * import-task | instance | internet-gateway | + * network-acl | network-acl-association | + * network-interface | network-interface-attachment | + * prefix-list | reservation | route-table | + * route-table-association | security-group | + * snapshot | subnet | + * subnet-cidr-block-association | volume | vpc + * | vpc-cidr-block-association | vpc-endpoint | + * vpc-peering-connection | vpn-connection | vpn-gateway + *

                  */ - RecurringCharges?: RecurringCharge[]; + Resources?: string[]; /** - *

                  The scope of the Reserved Instance.

                  + *

                  The maximum number of results to return in a single call. To retrieve the remaining + * results, make another call with the returned NextToken value.

                  */ - Scope?: Scope | string; + MaxResults?: number; /** - *

                  Any tags assigned to the resource.

                  + *

                  The token to request the next page of results.

                  */ - Tags?: Tag[]; + NextToken?: string; } -export namespace ReservedInstances { +export namespace DescribePrincipalIdFormatRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ReservedInstances): any => ({ + export const filterSensitiveLog = (obj: DescribePrincipalIdFormatRequest): any => ({ ...obj, }); } /** - *

                  Contains the output for DescribeReservedInstances.

                  + *

                  PrincipalIdFormat description

                  */ -export interface DescribeReservedInstancesResult { +export interface PrincipalIdFormat { /** - *

                  A list of Reserved Instances.

                  + *

                  PrincipalIdFormatARN description

                  */ - ReservedInstances?: ReservedInstances[]; -} + Arn?: string; -export namespace DescribeReservedInstancesResult { /** - * @internal + *

                  PrincipalIdFormatStatuses description

                  */ - export const filterSensitiveLog = (obj: DescribeReservedInstancesResult): any => ({ - ...obj, - }); + Statuses?: IdFormat[]; } -/** - *

                  Contains the parameters for DescribeReservedInstancesListings.

                  - */ -export interface DescribeReservedInstancesListingsRequest { +export namespace PrincipalIdFormat { /** - *

                  One or more filters.

                  - *
                    - *
                  • - *

                    - * reserved-instances-id - The ID of the Reserved Instances.

                    - *
                    • - *
                  • - *

                    - * reserved-instances-listing-id - The ID of the Reserved Instances listing.

                    - *
                    • - *
                  • - *

                    - * status - The status of the Reserved Instance listing (pending | active | - * cancelled | closed).

                    - *
                    • - *
                  • - *

                    - * status-message - The reason for the status.

                    - *
                    • - *
                  + * @internal */ - Filters?: Filter[]; + export const filterSensitiveLog = (obj: PrincipalIdFormat): any => ({ + ...obj, + }); +} +export interface DescribePrincipalIdFormatResult { /** - *

                  One or more Reserved Instance IDs.

                  + *

                  Information about the ID format settings for the ARN.

                  */ - ReservedInstancesId?: string; + Principals?: PrincipalIdFormat[]; /** - *

                  One or more Reserved Instance listing IDs.

                  + *

                  The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                  */ - ReservedInstancesListingId?: string; + NextToken?: string; } -export namespace DescribeReservedInstancesListingsRequest { +export namespace DescribePrincipalIdFormatResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeReservedInstancesListingsRequest): any => ({ + export const filterSensitiveLog = (obj: DescribePrincipalIdFormatResult): any => ({ ...obj, }); } -/** - *

                  Contains the output of DescribeReservedInstancesListings.

                  - */ -export interface DescribeReservedInstancesListingsResult { +export interface DescribePublicIpv4PoolsRequest { /** - *

                  Information about the Reserved Instance listing.

                  + *

                  The IDs of the address pools.

                  */ - ReservedInstancesListings?: ReservedInstancesListing[]; -} + PoolIds?: string[]; -export namespace DescribeReservedInstancesListingsResult { /** - * @internal + *

                  The token for the next page of results.

                  */ - export const filterSensitiveLog = (obj: DescribeReservedInstancesListingsResult): any => ({ - ...obj, - }); -} + NextToken?: string; + + /** + *

                  The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                  + */ + MaxResults?: number; -/** - *

                  Contains the parameters for DescribeReservedInstancesModifications.

                  - */ -export interface DescribeReservedInstancesModificationsRequest { /** *

                  One or more filters.

                  - *
                    - *
                  • - *

                    - * client-token - The idempotency token for the modification request.

                    - *
                    • - *
                  • - *

                    - * create-date - The time when the modification request was created.

                    - *
                    • - *
                  • - *

                    - * effective-date - The time when the modification becomes effective.

                    - *
                    • - *
                  • - *

                    - * modification-result.reserved-instances-id - The ID for the Reserved Instances created as part of the modification request. This ID is only available when the status of the modification is fulfilled.

                    - *
                    • - *
                  • - *

                    - * modification-result.target-configuration.availability-zone - The Availability Zone for the new Reserved Instances.

                    - *
                    • - *
                  • - *

                    - * modification-result.target-configuration.instance-count - The number of new Reserved Instances.

                    - *
                    • - *
                  • - *

                    - * modification-result.target-configuration.instance-type - The instance type of the new Reserved Instances.

                    - *
                    • - *
                  • - *

                    - * modification-result.target-configuration.platform - The network platform of the new Reserved Instances (EC2-Classic | EC2-VPC).

                    - *
                    • - *
                  • - *

                    - * reserved-instances-id - The ID of the Reserved Instances modified.

                    - *
                    • - *
                  • - *

                    - * reserved-instances-modification-id - The ID of the modification request.

                    - *
                    • - *
                  • - *

                    - * status - The status of the Reserved Instances modification request - * (processing | fulfilled | failed).

                    - *
                    • + *
                      *
                    • - *

                      - * status-message - The reason for the status.

                      + *

                      + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. + * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                      *
                      • *
                    • - *

                      - * update-date - The time when the modification request was last updated.

                      + *

                      + * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                      *
                      • *
                    */ Filters?: Filter[]; +} +export namespace DescribePublicIpv4PoolsRequest { /** - *

                    IDs for the submitted modification request.

                    + * @internal */ - ReservedInstancesModificationIds?: string[]; + export const filterSensitiveLog = (obj: DescribePublicIpv4PoolsRequest): any => ({ + ...obj, + }); +} + +/** + *

                    Describes an address range of an IPv4 address pool.

                    + */ +export interface PublicIpv4PoolRange { + /** + *

                    The first IP address in the range.

                    + */ + FirstAddress?: string; /** - *

                    The token to retrieve the next page of results.

                    + *

                    The last IP address in the range.

                    */ - NextToken?: string; + LastAddress?: string; + + /** + *

                    The number of addresses in the range.

                    + */ + AddressCount?: number; + + /** + *

                    The number of available addresses in the range.

                    + */ + AvailableAddressCount?: number; } -export namespace DescribeReservedInstancesModificationsRequest { +export namespace PublicIpv4PoolRange { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeReservedInstancesModificationsRequest): any => ({ + export const filterSensitiveLog = (obj: PublicIpv4PoolRange): any => ({ ...obj, }); } /** - *

                    Describes the configuration settings for the modified Reserved Instances.

                    + *

                    Describes an IPv4 address pool.

                    */ -export interface ReservedInstancesConfiguration { +export interface PublicIpv4Pool { /** - *

                    The Availability Zone for the modified Reserved Instances.

                    + *

                    The ID of the address pool.

                    */ - AvailabilityZone?: string; + PoolId?: string; /** - *

                    The number of modified Reserved Instances.

                    - * - *

                    This is a required field for a request.

                    - *                     + *

                    A description of the address pool.

                    */ - InstanceCount?: number; + Description?: string; /** - *

                    The instance type for the modified Reserved Instances.

                    + *

                    The address ranges.

                    */ - InstanceType?: _InstanceType | string; + PoolAddressRanges?: PublicIpv4PoolRange[]; /** - *

                    The network platform of the modified Reserved Instances, which is either EC2-Classic or EC2-VPC.

                    + *

                    The total number of addresses.

                    */ - Platform?: string; + TotalAddressCount?: number; /** - *

                    Whether the Reserved Instance is applied to instances in a Region or instances in a specific Availability Zone.

                    + *

                    The total number of available addresses.

                    */ - Scope?: Scope | string; + TotalAvailableAddressCount?: number; + + /** + *

                    The name of the location from which the address pool is advertised. + * A network border group is a unique set of Availability Zones or Local Zones + * from where Amazon Web Services advertises public IP addresses.

                    + */ + NetworkBorderGroup?: string; + + /** + *

                    Any tags for the address pool.

                    + */ + Tags?: Tag[]; } -export namespace ReservedInstancesConfiguration { +export namespace PublicIpv4Pool { /** * @internal */ - export const filterSensitiveLog = (obj: ReservedInstancesConfiguration): any => ({ + export const filterSensitiveLog = (obj: PublicIpv4Pool): any => ({ ...obj, }); } -/** - *

                    Describes the modification request/s.

                    - */ -export interface ReservedInstancesModificationResult { +export interface DescribePublicIpv4PoolsResult { /** - *

                    The ID for the Reserved Instances that were created as part of the modification request. This field is only available when the modification is fulfilled.

                    + *

                    Information about the address pools.

                    */ - ReservedInstancesId?: string; + PublicIpv4Pools?: PublicIpv4Pool[]; /** - *

                    The target Reserved Instances configurations supplied as part of the modification request.

                    + *

                    The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                    */ - TargetConfiguration?: ReservedInstancesConfiguration; + NextToken?: string; } -export namespace ReservedInstancesModificationResult { +export namespace DescribePublicIpv4PoolsResult { /** * @internal */ - export const filterSensitiveLog = (obj: ReservedInstancesModificationResult): any => ({ + export const filterSensitiveLog = (obj: DescribePublicIpv4PoolsResult): any => ({ ...obj, }); } -/** - *

                    Describes the ID of a Reserved Instance.

                    - */ -export interface ReservedInstancesId { +export interface DescribeRegionsRequest { /** - *

                    The ID of the Reserved Instance.

                    + *

                    The filters.

                    + *
                      + *
                    • + *

                      + * endpoint - The endpoint of the Region (for example, ec2.us-east-1.amazonaws.com).

                      + *
                      • + *
                    • + *

                      + * opt-in-status - The opt-in status of the Region (opt-in-not-required | opted-in | + * not-opted-in).

                      + *
                      • + *
                    • + *

                      + * region-name - The name of the Region (for example, us-east-1).

                      + *
                      • + *
                    */ - ReservedInstancesId?: string; + Filters?: Filter[]; + + /** + *

                    The names of the Regions. You can specify any Regions, whether they are enabled and disabled for your account.

                    + */ + RegionNames?: string[]; + + /** + *

                    Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                    + */ + DryRun?: boolean; + + /** + *

                    Indicates whether to display all Regions, including Regions that are disabled for your account.

                    + */ + AllRegions?: boolean; } -export namespace ReservedInstancesId { +export namespace DescribeRegionsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ReservedInstancesId): any => ({ + export const filterSensitiveLog = (obj: DescribeRegionsRequest): any => ({ ...obj, }); } /** - *

                    Describes a Reserved Instance modification.

                    + *

                    Describes a Region.

                    */ -export interface ReservedInstancesModification { +export interface Region { /** - *

                    A unique, case-sensitive key supplied by the client to ensure that the request is idempotent. - * For more information, see Ensuring - * Idempotency.

                    + *

                    The Region service endpoint.

                    + */ + Endpoint?: string; + + /** + *

                    The name of the Region.

                    + */ + RegionName?: string; + + /** + *

                    The Region opt-in status. The possible values are opt-in-not-required, opted-in, and + * not-opted-in.

                    */ - ClientToken?: string; + OptInStatus?: string; +} +export namespace Region { /** - *

                    The time when the modification request was created.

                    + * @internal */ - CreateDate?: Date; + export const filterSensitiveLog = (obj: Region): any => ({ + ...obj, + }); +} +export interface DescribeRegionsResult { /** - *

                    The time for the modification to become effective.

                    + *

                    Information about the Regions.

                    */ - EffectiveDate?: Date; + Regions?: Region[]; +} +export namespace DescribeRegionsResult { /** - *

                    Contains target configurations along with their corresponding new Reserved Instance IDs.

                    + * @internal */ - ModificationResults?: ReservedInstancesModificationResult[]; + export const filterSensitiveLog = (obj: DescribeRegionsResult): any => ({ + ...obj, + }); +} +export interface DescribeReplaceRootVolumeTasksRequest { /** - *

                    The IDs of one or more Reserved Instances.

                    + *

                    The ID of the root volume replacement task to view.

                    */ - ReservedInstancesIds?: ReservedInstancesId[]; + ReplaceRootVolumeTaskIds?: string[]; /** - *

                    A unique ID for the Reserved Instance modification.

                    + *

                    Filter to use:

                    + *
                      + *
                    • + *

                      + * instance-id - The ID of the instance for which the root volume replacement task was created.

                      + *
                      • + *
                    */ - ReservedInstancesModificationId?: string; + Filters?: Filter[]; /** - *

                    The status of the Reserved Instances modification request.

                    + *

                    The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                    */ - Status?: string; + MaxResults?: number; /** - *

                    The reason for the status.

                    + *

                    The token for the next page of results.

                    */ - StatusMessage?: string; + NextToken?: string; /** - *

                    The time when the modification request was last updated.

                    + *

                    Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                    */ - UpdateDate?: Date; + DryRun?: boolean; } -export namespace ReservedInstancesModification { +export namespace DescribeReplaceRootVolumeTasksRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ReservedInstancesModification): any => ({ + export const filterSensitiveLog = (obj: DescribeReplaceRootVolumeTasksRequest): any => ({ ...obj, }); } -/** - *

                    Contains the output of DescribeReservedInstancesModifications.

                    - */ -export interface DescribeReservedInstancesModificationsResult { +export interface DescribeReplaceRootVolumeTasksResult { /** - *

                    The token to use to retrieve the next page of results. This value is null when - * there are no more results to return.

                    + *

                    Information about the root volume replacement task.

                    */ - NextToken?: string; + ReplaceRootVolumeTasks?: ReplaceRootVolumeTask[]; /** - *

                    The Reserved Instance modification information.

                    + *

                    The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                    */ - ReservedInstancesModifications?: ReservedInstancesModification[]; + NextToken?: string; } -export namespace DescribeReservedInstancesModificationsResult { +export namespace DescribeReplaceRootVolumeTasksResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeReservedInstancesModificationsResult): any => ({ + export const filterSensitiveLog = (obj: DescribeReplaceRootVolumeTasksResult): any => ({ ...obj, }); } +export enum OfferingClassType { + CONVERTIBLE = "convertible", + STANDARD = "standard", +} + +export type OfferingTypeValues = + | "All Upfront" + | "Heavy Utilization" + | "Light Utilization" + | "Medium Utilization" + | "No Upfront" + | "Partial Upfront"; + /** - *

                    Contains the parameters for DescribeReservedInstancesOfferings.

                    + *

                    Contains the parameters for DescribeReservedInstances.

                    */ -export interface DescribeReservedInstancesOfferingsRequest { - /** - *

                    The Availability Zone in which the Reserved Instance can be used.

                    - */ - AvailabilityZone?: string; - +export interface DescribeReservedInstancesRequest { /** *

                    One or more filters.

                    *
                      *
                    • *

                      - * availability-zone - The Availability Zone where the Reserved Instance can be - * used.

                      + * availability-zone - The Availability Zone where the Reserved Instance can be used.

                      *
                      • *
                    • *

                      - * duration - The duration of the Reserved Instance (for example, one year or - * three years), in seconds (31536000 | 94608000).

                      + * duration - The duration of the Reserved Instance (one year or three years), in seconds (31536000 | 94608000).

                      *
                      • *
                    • *

                      - * fixed-price - The purchase price of the Reserved Instance (for example, - * 9800.0).

                      + * end - The time when the Reserved Instance expires (for example, 2015-08-07T11:54:42.000Z).

                      *
                      • *
                    • *

                      - * instance-type - The instance type that is covered by the - * reservation.

                      + * fixed-price - The purchase price of the Reserved Instance (for example, 9800.0).

                      *
                      • *
                    • *

                      - * marketplace - Set to true to show only Reserved Instance - * Marketplace offerings. When this filter is not used, which is the default behavior, all - * offerings from both Amazon Web Services and the Reserved Instance Marketplace are listed.

                      + * instance-type - The instance type that is covered by the reservation.

                      *
                      • *
                    • *

                      - * product-description - The Reserved Instance product platform description. - * Instances that include (Amazon VPC) in the product platform description will - * only be displayed to EC2-Classic account holders and are for use with Amazon VPC. - * (Linux/UNIX | Linux/UNIX (Amazon VPC) | SUSE + * scope - The scope of the Reserved Instance (Region or Availability Zone).

                      + *
                      • + *
                    • + *

                      + * product-description - The Reserved Instance product platform + * description. Instances that include (Amazon VPC) in the product platform + * description will only be displayed to EC2-Classic account holders and are for use with + * Amazon VPC (Linux/UNIX | Linux/UNIX (Amazon VPC) | SUSE * Linux | SUSE Linux (Amazon VPC) | Red Hat Enterprise * Linux | Red Hat Enterprise Linux (Amazon VPC) | Red Hat * Enterprise Linux with HA (Amazon VPC) | Windows | Windows * (Amazon VPC) | Windows with SQL Server Standard | Windows with * SQL Server Standard (Amazon VPC) | Windows with SQL Server Web | - * Windows with SQL Server Web (Amazon VPC) | Windows with SQL Server - * Enterprise | Windows with SQL Server Enterprise (Amazon VPC))

                      + * Windows with SQL Server Web (Amazon VPC) | Windows with SQL Server + * Enterprise | Windows with SQL Server Enterprise (Amazon + * VPC)).

                      *
                      • *
                    • *

                      - * reserved-instances-offering-id - The Reserved Instances offering - * ID.

                      + * reserved-instances-id - The ID of the Reserved Instance.

                      *
                      • *
                    • *

                      - * scope - The scope of the Reserved Instance (Availability Zone or - * Region).

                      + * start - The time at which the Reserved Instance purchase request was placed (for example, 2014-08-07T11:54:42.000Z).

                      *
                      • *
                    • *

                      - * usage-price - The usage price of the Reserved Instance, per hour (for - * example, 0.84).

                      + * state - The state of the Reserved Instance (payment-pending | active | payment-failed | retired).

                      + *
                      • + *
                    • + *

                      + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. + * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                      + *
                      • + *
                    • + *

                      + * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                      + *
                      • + *
                    • + *

                      + * usage-price - The usage price of the Reserved Instance, per hour (for example, 0.84).

                      *
                      • *
                    */ Filters?: Filter[]; /** - *

                    Include Reserved Instance Marketplace offerings in the response.

                    - */ - IncludeMarketplace?: boolean; - - /** - *

                    The instance type that the reservation will cover (for example, m1.small). For more information, see - * Instance types in the - * Amazon EC2 User Guide.

                    - */ - InstanceType?: _InstanceType | string; - - /** - *

                    The maximum duration (in seconds) to filter when searching for offerings.

                    - *

                    Default: 94608000 (3 years)

                    - */ - MaxDuration?: number; - - /** - *

                    The maximum number of instances to filter when searching for offerings.

                    - *

                    Default: 20

                    - */ - MaxInstanceCount?: number; - - /** - *

                    The minimum duration (in seconds) to filter when searching for offerings.

                    - *

                    Default: 2592000 (1 month)

                    - */ - MinDuration?: number; - - /** - *

                    The offering class of the Reserved Instance. Can be standard or convertible.

                    + *

                    Describes whether the Reserved Instance is Standard or Convertible.

                    */ OfferingClass?: OfferingClassType | string; /** - *

                    The Reserved Instance product platform description. Instances that include (Amazon - * VPC) in the description are for use with Amazon VPC.

                    - */ - ProductDescription?: RIProductDescription | string; - - /** - *

                    One or more Reserved Instances offering IDs.

                    + *

                    One or more Reserved Instance IDs.

                    + *

                    Default: Describes all your Reserved Instances, or only those otherwise specified.

                    */ - ReservedInstancesOfferingIds?: string[]; + ReservedInstancesIds?: string[]; /** *

                    Checks whether you have the required permissions for the action, without actually making the request, @@ -7349,75 +7250,68 @@ export interface DescribeReservedInstancesOfferingsRequest { */ DryRun?: boolean; - /** - *

                    The tenancy of the instances covered by the reservation. A Reserved Instance with a tenancy - * of dedicated is applied to instances that run in a VPC on single-tenant hardware - * (i.e., Dedicated Instances).

                    - *

                    - * Important: The host value cannot be used with this parameter. Use the default or dedicated values only.

                    - *

                    Default: default - *

                    - */ - InstanceTenancy?: Tenancy | string; - - /** - *

                    The maximum number of results to return for the request in a single page. The remaining - * results of the initial request can be seen by sending another request with the returned - * NextToken value. The maximum is 100.

                    - *

                    Default: 100

                    - */ - MaxResults?: number; - - /** - *

                    The token to retrieve the next page of results.

                    - */ - NextToken?: string; - /** *

                    The Reserved Instance offering type. If you are using tools that predate the 2011-11-01 API * version, you only have access to the Medium Utilization Reserved Instance - * offering type.

                    + * offering type.

                    */ OfferingType?: OfferingTypeValues | string; } -export namespace DescribeReservedInstancesOfferingsRequest { +export namespace DescribeReservedInstancesRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeReservedInstancesOfferingsRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeReservedInstancesRequest): any => ({ ...obj, }); } +export type RIProductDescription = "Linux/UNIX" | "Linux/UNIX (Amazon VPC)" | "Windows" | "Windows (Amazon VPC)"; + +export type RecurringChargeFrequency = "Hourly"; + /** - *

                    Describes a Reserved Instance offering.

                    + *

                    Describes a recurring charge.

                    */ -export interface PricingDetail { +export interface RecurringCharge { /** - *

                    The number of reservations available for the price.

                    + *

                    The amount of the recurring charge.

                    */ - Count?: number; + Amount?: number; /** - *

                    The price per instance.

                    + *

                    The frequency of the recurring charge.

                    */ - Price?: number; + Frequency?: RecurringChargeFrequency | string; } -export namespace PricingDetail { +export namespace RecurringCharge { /** * @internal */ - export const filterSensitiveLog = (obj: PricingDetail): any => ({ + export const filterSensitiveLog = (obj: RecurringCharge): any => ({ ...obj, }); } +export enum Scope { + AVAILABILITY_ZONE = "Availability Zone", + REGIONAL = "Region", +} + +export type ReservedInstanceState = + | "active" + | "payment-failed" + | "payment-pending" + | "queued" + | "queued-deleted" + | "retired"; + /** - *

                    Describes a Reserved Instance offering.

                    + *

                    Describes a Reserved Instance.

                    */ -export interface ReservedInstancesOffering { +export interface ReservedInstances { /** *

                    The Availability Zone in which the Reserved Instance can be used.

                    */ @@ -7428,11 +7322,21 @@ export interface ReservedInstancesOffering { */ Duration?: number; + /** + *

                    The time when the Reserved Instance expires.

                    + */ + End?: Date; + /** *

                    The purchase price of the Reserved Instance.

                    */ FixedPrice?: number; + /** + *

                    The number of reservations purchased.

                    + */ + InstanceCount?: number; + /** *

                    The instance type on which the Reserved Instance can be used.

                    */ @@ -7444,10 +7348,19 @@ export interface ReservedInstancesOffering { ProductDescription?: RIProductDescription | string; /** - *

                    The ID of the Reserved Instance offering. This is the offering ID used in GetReservedInstancesExchangeQuote - * to confirm that an exchange can be made.

                    + *

                    The ID of the Reserved Instance.

                    */ - ReservedInstancesOfferingId?: string; + ReservedInstancesId?: string; + + /** + *

                    The date and time the Reserved Instance started.

                    + */ + Start?: Date; + + /** + *

                    The state of the Reserved Instance purchase.

                    + */ + State?: ReservedInstanceState | string; /** *

                    The usage price of the Reserved Instance, per hour.

                    @@ -7455,9 +7368,8 @@ export interface ReservedInstancesOffering { UsagePrice?: number; /** - *

                    The currency of the Reserved Instance offering you are purchasing. It's - * specified using ISO 4217 standard currency codes. At this time, - * the only supported currency is USD.

                    + *

                    The currency of the Reserved Instance. It's specified using ISO 4217 standard currency codes. + * At this time, the only supported currency is USD.

                    */ CurrencyCode?: CurrencyCodeValues | string; @@ -7467,15 +7379,7 @@ export interface ReservedInstancesOffering { InstanceTenancy?: Tenancy | string; /** - *

                    Indicates whether the offering is available through the Reserved Instance Marketplace (resale) or Amazon Web Services. - * If it's a Reserved Instance Marketplace offering, this is true.

                    - */ - Marketplace?: boolean; - - /** - *

                    If convertible it can be exchanged for Reserved Instances of - * the same or higher monetary value, with different configurations. If standard, it is not - * possible to perform an exchange.

                    + *

                    The offering class of the Reserved Instance.

                    */ OfferingClass?: OfferingClassType | string; @@ -7484,1000 +7388,788 @@ export interface ReservedInstancesOffering { */ OfferingType?: OfferingTypeValues | string; - /** - *

                    The pricing details of the Reserved Instance offering.

                    - */ - PricingDetails?: PricingDetail[]; - /** *

                    The recurring charge tag assigned to the resource.

                    */ RecurringCharges?: RecurringCharge[]; /** - *

                    Whether the Reserved Instance is applied to instances in a Region or an Availability Zone.

                    + *

                    The scope of the Reserved Instance.

                    */ Scope?: Scope | string; + + /** + *

                    Any tags assigned to the resource.

                    + */ + Tags?: Tag[]; } -export namespace ReservedInstancesOffering { +export namespace ReservedInstances { /** * @internal */ - export const filterSensitiveLog = (obj: ReservedInstancesOffering): any => ({ + export const filterSensitiveLog = (obj: ReservedInstances): any => ({ ...obj, }); } /** - *

                    Contains the output of DescribeReservedInstancesOfferings.

                    + *

                    Contains the output for DescribeReservedInstances.

                    */ -export interface DescribeReservedInstancesOfferingsResult { - /** - *

                    A list of Reserved Instances offerings.

                    - */ - ReservedInstancesOfferings?: ReservedInstancesOffering[]; - +export interface DescribeReservedInstancesResult { /** - *

                    The token to use to retrieve the next page of results. This value is null when - * there are no more results to return.

                    + *

                    A list of Reserved Instances.

                    */ - NextToken?: string; + ReservedInstances?: ReservedInstances[]; } -export namespace DescribeReservedInstancesOfferingsResult { +export namespace DescribeReservedInstancesResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeReservedInstancesOfferingsResult): any => ({ + export const filterSensitiveLog = (obj: DescribeReservedInstancesResult): any => ({ ...obj, }); } -export interface DescribeRouteTablesRequest { +/** + *

                    Contains the parameters for DescribeReservedInstancesListings.

                    + */ +export interface DescribeReservedInstancesListingsRequest { /** *

                    One or more filters.

                    - *
                      - *
                    • - *

                      - * association.route-table-association-id - The ID of an association - * ID for the route table.

                      - *
                      • - *
                    • - *

                      - * association.route-table-id - The ID of the route table involved in - * the association.

                      - *
                      • - *
                    • - *

                      - * association.subnet-id - The ID of the subnet involved in the - * association.

                      - *
                      • - *
                    • - *

                      - * association.main - Indicates whether the route table is the main - * route table for the VPC (true | false). Route tables - * that do not have an association ID are not returned in the response.

                      - *
                      • - *
                    • - *

                      - * owner-id - The ID of the Amazon Web Services account that owns the route table.

                      - *
                      • - *
                    • - *

                      - * route-table-id - The ID of the route table.

                      - *
                      • - *
                    • - *

                      - * route.destination-cidr-block - The IPv4 CIDR range specified in a - * route in the table.

                      - *
                      • - *
                    • - *

                      - * route.destination-ipv6-cidr-block - The IPv6 CIDR range specified in a route in the route table.

                      - *
                      • - *
                    • - *

                      - * route.destination-prefix-list-id - The ID (prefix) of the Amazon Web Service - * specified in a route in the table.

                      - *
                      • - *
                    • - *

                      - * route.egress-only-internet-gateway-id - The ID of an - * egress-only Internet gateway specified in a route in the route table.

                      - *
                      • - *
                    • - *

                      - * route.gateway-id - The ID of a gateway specified in a route in the table.

                      - *
                      • - *
                    • - *

                      - * route.instance-id - The ID of an instance specified in a route in the table.

                      - *
                      • - *
                    • - *

                      - * route.nat-gateway-id - The ID of a NAT gateway.

                      - *
                      • - *
                    • - *

                      - * route.transit-gateway-id - The ID of a transit gateway.

                      - *
                      • - *
                    • - *

                      - * route.origin - Describes how the route was created. - * CreateRouteTable indicates that the route was automatically - * created when the route table was created; CreateRoute indicates - * that the route was manually added to the route table; - * EnableVgwRoutePropagation indicates that the route was - * propagated by route propagation.

                      - *
                      • - *
                    • - *

                      - * route.state - The state of a route in the route table - * (active | blackhole). The blackhole state - * indicates that the route's target isn't available (for example, the specified - * gateway isn't attached to the VPC, the specified NAT instance has been - * terminated, and so on).

                      - *
                      • + *
                        *
                      • - *

                        - * route.vpc-peering-connection-id - The ID of a VPC peering - * connection specified in a route in the table.

                        - *
                        • + *

                        + * reserved-instances-id - The ID of the Reserved Instances.

                        + * *
                      • - *

                        - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. - * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                        - *
                        • + *

                        + * reserved-instances-listing-id - The ID of the Reserved Instances listing.

                        + * *
                      • - *

                        - * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                        - *
                        • + *

                        + * status - The status of the Reserved Instance listing (pending | active | + * cancelled | closed).

                        + * *
                      • - *

                        - * vpc-id - The ID of the VPC for the route table.

                        - *
                        • + *

                        + * status-message - The reason for the status.

                        + * *
                      */ - Filters?: Filter[]; - - /** - *

                      Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                      - */ - DryRun?: boolean; - - /** - *

                      One or more route table IDs.

                      - *

                      Default: Describes all your route tables.

                      - */ - RouteTableIds?: string[]; - - /** - *

                      The token for the next page of results.

                      - */ - NextToken?: string; - - /** - *

                      The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

                      - */ - MaxResults?: number; -} - -export namespace DescribeRouteTablesRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DescribeRouteTablesRequest): any => ({ - ...obj, - }); -} - -/** - *

                      Contains the output of DescribeRouteTables.

                      - */ -export interface DescribeRouteTablesResult { - /** - *

                      Information about one or more route tables.

                      - */ - RouteTables?: RouteTable[]; - - /** - *

                      The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                      - */ - NextToken?: string; -} - -export namespace DescribeRouteTablesResult { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DescribeRouteTablesResult): any => ({ - ...obj, - }); -} + Filters?: Filter[]; -/** - *

                      Describes the time period for a Scheduled Instance to start its first schedule. The time period must span less than one day.

                      - */ -export interface SlotDateTimeRangeRequest { /** - *

                      The earliest date and time, in UTC, for the Scheduled Instance to start.

                      + *

                      One or more Reserved Instance IDs.

                      */ - EarliestTime: Date | undefined; + ReservedInstancesId?: string; /** - *

                      The latest date and time, in UTC, for the Scheduled Instance to start. This value must be later than or equal to the earliest date and at most three months in the future.

                      + *

                      One or more Reserved Instance listing IDs.

                      */ - LatestTime: Date | undefined; + ReservedInstancesListingId?: string; } -export namespace SlotDateTimeRangeRequest { +export namespace DescribeReservedInstancesListingsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: SlotDateTimeRangeRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeReservedInstancesListingsRequest): any => ({ ...obj, }); } /** - *

                      Describes the recurring schedule for a Scheduled Instance.

                      + *

                      Contains the output of DescribeReservedInstancesListings.

                      */ -export interface ScheduledInstanceRecurrenceRequest { - /** - *

                      The frequency (Daily, Weekly, or Monthly).

                      - */ - Frequency?: string; - - /** - *

                      The interval quantity. The interval unit depends on the value of Frequency. For example, every 2 - * weeks or every 2 months.

                      - */ - Interval?: number; - - /** - *

                      The days. For a monthly schedule, this is one or more days of the month (1-31). For a weekly schedule, this is one or more days of the week (1-7, where 1 is Sunday). You can't specify this value with a daily schedule. If the occurrence is relative to the end of the month, you can specify only a single day.

                      - */ - OccurrenceDays?: number[]; - - /** - *

                      Indicates whether the occurrence is relative to the end of the specified week or month. You can't specify this value with a daily schedule.

                      - */ - OccurrenceRelativeToEnd?: boolean; - +export interface DescribeReservedInstancesListingsResult { /** - *

                      The unit for OccurrenceDays (DayOfWeek or DayOfMonth). - * This value is required for a monthly schedule. - * You can't specify DayOfWeek with a weekly schedule. - * You can't specify this value with a daily schedule.

                      + *

                      Information about the Reserved Instance listing.

                      */ - OccurrenceUnit?: string; + ReservedInstancesListings?: ReservedInstancesListing[]; } -export namespace ScheduledInstanceRecurrenceRequest { +export namespace DescribeReservedInstancesListingsResult { /** * @internal */ - export const filterSensitiveLog = (obj: ScheduledInstanceRecurrenceRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeReservedInstancesListingsResult): any => ({ ...obj, }); } /** - *

                      Contains the parameters for DescribeScheduledInstanceAvailability.

                      + *

                      Contains the parameters for DescribeReservedInstancesModifications.

                      */ -export interface DescribeScheduledInstanceAvailabilityRequest { - /** - *

                      Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                      - */ - DryRun?: boolean; - +export interface DescribeReservedInstancesModificationsRequest { /** - *

                      The filters.

                      + *

                      One or more filters.

                      *
                        *
                      • *

                        - * availability-zone - The Availability Zone (for example, us-west-2a).

                        + * client-token - The idempotency token for the modification request.

                        *
                        • *
                      • *

                        - * instance-type - The instance type (for example, c4.large).

                        + * create-date - The time when the modification request was created.

                        *
                        • *
                      • *

                        - * network-platform - The network platform (EC2-Classic or EC2-VPC).

                        + * effective-date - The time when the modification becomes effective.

                        *
                        • *
                      • *

                        - * platform - The platform (Linux/UNIX or Windows).

                        + * modification-result.reserved-instances-id - The ID for the Reserved Instances created as part of the modification request. This ID is only available when the status of the modification is fulfilled.

                        + *
                        • + *
                      • + *

                        + * modification-result.target-configuration.availability-zone - The Availability Zone for the new Reserved Instances.

                        + *
                        • + *
                      • + *

                        + * modification-result.target-configuration.instance-count - The number of new Reserved Instances.

                        + *
                        • + *
                      • + *

                        + * modification-result.target-configuration.instance-type - The instance type of the new Reserved Instances.

                        + *
                        • + *
                      • + *

                        + * modification-result.target-configuration.platform - The network platform of the new Reserved Instances (EC2-Classic | EC2-VPC).

                        + *
                        • + *
                      • + *

                        + * reserved-instances-id - The ID of the Reserved Instances modified.

                        + *
                        • + *
                      • + *

                        + * reserved-instances-modification-id - The ID of the modification request.

                        + *
                        • + *
                      • + *

                        + * status - The status of the Reserved Instances modification request + * (processing | fulfilled | failed).

                        + *
                        • + *
                      • + *

                        + * status-message - The reason for the status.

                        + *
                        • + *
                      • + *

                        + * update-date - The time when the modification request was last updated.

                        *
                        • *
                      */ Filters?: Filter[]; /** - *

                      The time period for the first schedule to start.

                      - */ - FirstSlotStartTimeRange: SlotDateTimeRangeRequest | undefined; - - /** - *

                      The maximum number of results to return in a single call. - * This value can be between 5 and 300. The default value is 300. - * To retrieve the remaining results, make another call with the returned - * NextToken value.

                      - */ - MaxResults?: number; - - /** - *

                      The maximum available duration, in hours. This value must be greater than MinSlotDurationInHours - * and less than 1,720.

                      - */ - MaxSlotDurationInHours?: number; - - /** - *

                      The minimum available duration, in hours. The minimum required duration is 1,200 hours per year. For example, the minimum daily schedule is 4 hours, the minimum weekly schedule is 24 hours, and the minimum monthly schedule is 100 hours.

                      + *

                      IDs for the submitted modification request.

                      */ - MinSlotDurationInHours?: number; + ReservedInstancesModificationIds?: string[]; /** - *

                      The token for the next set of results.

                      + *

                      The token to retrieve the next page of results.

                      */ NextToken?: string; - - /** - *

                      The schedule recurrence.

                      - */ - Recurrence: ScheduledInstanceRecurrenceRequest | undefined; } -export namespace DescribeScheduledInstanceAvailabilityRequest { +export namespace DescribeReservedInstancesModificationsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeScheduledInstanceAvailabilityRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeReservedInstancesModificationsRequest): any => ({ ...obj, }); } /** - *

                      Describes the recurring schedule for a Scheduled Instance.

                      + *

                      Describes the configuration settings for the modified Reserved Instances.

                      */ -export interface ScheduledInstanceRecurrence { +export interface ReservedInstancesConfiguration { /** - *

                      The frequency (Daily, Weekly, or Monthly).

                      + *

                      The Availability Zone for the modified Reserved Instances.

                      */ - Frequency?: string; + AvailabilityZone?: string; /** - *

                      The interval quantity. The interval unit depends on the value of frequency. For example, every 2 - * weeks or every 2 months.

                      + *

                      The number of modified Reserved Instances.

                      + * + *

                      This is a required field for a request.

                      + *                       */ - Interval?: number; + InstanceCount?: number; /** - *

                      The days. For a monthly schedule, this is one or more days of the month (1-31). For a weekly schedule, this is one or more days of the week (1-7, where 1 is Sunday).

                      + *

                      The instance type for the modified Reserved Instances.

                      */ - OccurrenceDaySet?: number[]; + InstanceType?: _InstanceType | string; /** - *

                      Indicates whether the occurrence is relative to the end of the specified week or month.

                      + *

                      The network platform of the modified Reserved Instances, which is either EC2-Classic or EC2-VPC.

                      */ - OccurrenceRelativeToEnd?: boolean; + Platform?: string; /** - *

                      The unit for occurrenceDaySet (DayOfWeek or DayOfMonth).

                      + *

                      Whether the Reserved Instance is applied to instances in a Region or instances in a specific Availability Zone.

                      */ - OccurrenceUnit?: string; + Scope?: Scope | string; } -export namespace ScheduledInstanceRecurrence { +export namespace ReservedInstancesConfiguration { /** * @internal */ - export const filterSensitiveLog = (obj: ScheduledInstanceRecurrence): any => ({ + export const filterSensitiveLog = (obj: ReservedInstancesConfiguration): any => ({ ...obj, }); } /** - *

                      Describes a schedule that is available for your Scheduled Instances.

                      + *

                      Describes the modification request/s.

                      */ -export interface ScheduledInstanceAvailability { - /** - *

                      The Availability Zone.

                      - */ - AvailabilityZone?: string; - - /** - *

                      The number of available instances.

                      - */ - AvailableInstanceCount?: number; - +export interface ReservedInstancesModificationResult { /** - *

                      The time period for the first schedule to start.

                      + *

                      The ID for the Reserved Instances that were created as part of the modification request. This field is only available when the modification is fulfilled.

                      */ - FirstSlotStartTime?: Date; + ReservedInstancesId?: string; /** - *

                      The hourly price for a single instance.

                      + *

                      The target Reserved Instances configurations supplied as part of the modification request.

                      */ - HourlyPrice?: string; + TargetConfiguration?: ReservedInstancesConfiguration; +} +export namespace ReservedInstancesModificationResult { /** - *

                      The instance type. You can specify one of the C3, C4, M4, or R3 instance types.

                      + * @internal */ - InstanceType?: string; + export const filterSensitiveLog = (obj: ReservedInstancesModificationResult): any => ({ + ...obj, + }); +} +/** + *

                      Describes the ID of a Reserved Instance.

                      + */ +export interface ReservedInstancesId { /** - *

                      The maximum term. The only possible value is 365 days.

                      + *

                      The ID of the Reserved Instance.

                      */ - MaxTermDurationInDays?: number; + ReservedInstancesId?: string; +} +export namespace ReservedInstancesId { /** - *

                      The minimum term. The only possible value is 365 days.

                      + * @internal */ - MinTermDurationInDays?: number; + export const filterSensitiveLog = (obj: ReservedInstancesId): any => ({ + ...obj, + }); +} +/** + *

                      Describes a Reserved Instance modification.

                      + */ +export interface ReservedInstancesModification { /** - *

                      The network platform (EC2-Classic or EC2-VPC).

                      + *

                      A unique, case-sensitive key supplied by the client to ensure that the request is idempotent. + * For more information, see Ensuring + * Idempotency.

                      */ - NetworkPlatform?: string; + ClientToken?: string; /** - *

                      The platform (Linux/UNIX or Windows).

                      + *

                      The time when the modification request was created.

                      */ - Platform?: string; + CreateDate?: Date; /** - *

                      The purchase token. This token expires in two hours.

                      + *

                      The time for the modification to become effective.

                      */ - PurchaseToken?: string; + EffectiveDate?: Date; /** - *

                      The schedule recurrence.

                      + *

                      Contains target configurations along with their corresponding new Reserved Instance IDs.

                      */ - Recurrence?: ScheduledInstanceRecurrence; + ModificationResults?: ReservedInstancesModificationResult[]; /** - *

                      The number of hours in the schedule.

                      + *

                      The IDs of one or more Reserved Instances.

                      */ - SlotDurationInHours?: number; + ReservedInstancesIds?: ReservedInstancesId[]; /** - *

                      The total number of hours for a single instance for the entire term.

                      + *

                      A unique ID for the Reserved Instance modification.

                      */ - TotalScheduledInstanceHours?: number; -} + ReservedInstancesModificationId?: string; -export namespace ScheduledInstanceAvailability { /** - * @internal + *

                      The status of the Reserved Instances modification request.

                      */ - export const filterSensitiveLog = (obj: ScheduledInstanceAvailability): any => ({ - ...obj, - }); -} + Status?: string; -/** - *

                      Contains the output of DescribeScheduledInstanceAvailability.

                      - */ -export interface DescribeScheduledInstanceAvailabilityResult { /** - *

                      The token required to retrieve the next set of results. This value is null when there are no more results to return.

                      + *

                      The reason for the status.

                      */ - NextToken?: string; + StatusMessage?: string; /** - *

                      Information about the available Scheduled Instances.

                      + *

                      The time when the modification request was last updated.

                      */ - ScheduledInstanceAvailabilitySet?: ScheduledInstanceAvailability[]; + UpdateDate?: Date; } -export namespace DescribeScheduledInstanceAvailabilityResult { +export namespace ReservedInstancesModification { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeScheduledInstanceAvailabilityResult): any => ({ + export const filterSensitiveLog = (obj: ReservedInstancesModification): any => ({ ...obj, }); } /** - *

                      Describes the time period for a Scheduled Instance to start its first schedule.

                      + *

                      Contains the output of DescribeReservedInstancesModifications.

                      */ -export interface SlotStartTimeRangeRequest { +export interface DescribeReservedInstancesModificationsResult { /** - *

                      The earliest date and time, in UTC, for the Scheduled Instance to start.

                      + *

                      The token to use to retrieve the next page of results. This value is null when + * there are no more results to return.

                      */ - EarliestTime?: Date; + NextToken?: string; /** - *

                      The latest date and time, in UTC, for the Scheduled Instance to start.

                      + *

                      The Reserved Instance modification information.

                      */ - LatestTime?: Date; + ReservedInstancesModifications?: ReservedInstancesModification[]; } -export namespace SlotStartTimeRangeRequest { +export namespace DescribeReservedInstancesModificationsResult { /** * @internal */ - export const filterSensitiveLog = (obj: SlotStartTimeRangeRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeReservedInstancesModificationsResult): any => ({ ...obj, }); } /** - *

                      Contains the parameters for DescribeScheduledInstances.

                      + *

                      Contains the parameters for DescribeReservedInstancesOfferings.

                      */ -export interface DescribeScheduledInstancesRequest { +export interface DescribeReservedInstancesOfferingsRequest { /** - *

                      Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                      + *

                      The Availability Zone in which the Reserved Instance can be used.

                      */ - DryRun?: boolean; + AvailabilityZone?: string; /** - *

                      The filters.

                      + *

                      One or more filters.

                      *
                        *
                      • *

                        - * availability-zone - The Availability Zone (for example, us-west-2a).

                        + * availability-zone - The Availability Zone where the Reserved Instance can be + * used.

                        *
                        • *
                      • *

                        - * instance-type - The instance type (for example, c4.large).

                        + * duration - The duration of the Reserved Instance (for example, one year or + * three years), in seconds (31536000 | 94608000).

                        *
                        • *
                      • *

                        - * network-platform - The network platform (EC2-Classic or EC2-VPC).

                        + * fixed-price - The purchase price of the Reserved Instance (for example, + * 9800.0).

                        *
                        • *
                      • *

                        - * platform - The platform (Linux/UNIX or Windows).

                        + * instance-type - The instance type that is covered by the + * reservation.

                        + *
                        • + *
                      • + *

                        + * marketplace - Set to true to show only Reserved Instance + * Marketplace offerings. When this filter is not used, which is the default behavior, all + * offerings from both Amazon Web Services and the Reserved Instance Marketplace are listed.

                        + *
                        • + *
                      • + *

                        + * product-description - The Reserved Instance product platform description. + * Instances that include (Amazon VPC) in the product platform description will + * only be displayed to EC2-Classic account holders and are for use with Amazon VPC. + * (Linux/UNIX | Linux/UNIX (Amazon VPC) | SUSE + * Linux | SUSE Linux (Amazon VPC) | Red Hat Enterprise + * Linux | Red Hat Enterprise Linux (Amazon VPC) | Red Hat + * Enterprise Linux with HA (Amazon VPC) | Windows | Windows + * (Amazon VPC) | Windows with SQL Server Standard | Windows with + * SQL Server Standard (Amazon VPC) | Windows with SQL Server Web | + * Windows with SQL Server Web (Amazon VPC) | Windows with SQL Server + * Enterprise | Windows with SQL Server Enterprise (Amazon VPC))

                        + *
                        • + *
                      • + *

                        + * reserved-instances-offering-id - The Reserved Instances offering + * ID.

                        + *
                        • + *
                      • + *

                        + * scope - The scope of the Reserved Instance (Availability Zone or + * Region).

                        + *
                        • + *
                      • + *

                        + * usage-price - The usage price of the Reserved Instance, per hour (for + * example, 0.84).

                        *
                        • *
                      */ Filters?: Filter[]; /** - *

                      The maximum number of results to return in a single call. - * This value can be between 5 and 300. The default value is 100. - * To retrieve the remaining results, make another call with the returned - * NextToken value.

                      - */ - MaxResults?: number; - - /** - *

                      The token for the next set of results.

                      - */ - NextToken?: string; - - /** - *

                      The Scheduled Instance IDs.

                      - */ - ScheduledInstanceIds?: string[]; - - /** - *

                      The time period for the first schedule to start.

                      - */ - SlotStartTimeRange?: SlotStartTimeRangeRequest; -} - -export namespace DescribeScheduledInstancesRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DescribeScheduledInstancesRequest): any => ({ - ...obj, - }); -} - -/** - *

                      Describes a Scheduled Instance.

                      - */ -export interface ScheduledInstance { - /** - *

                      The Availability Zone.

                      - */ - AvailabilityZone?: string; - - /** - *

                      The date when the Scheduled Instance was purchased.

                      - */ - CreateDate?: Date; - - /** - *

                      The hourly price for a single instance.

                      + *

                      Include Reserved Instance Marketplace offerings in the response.

                      */ - HourlyPrice?: string; + IncludeMarketplace?: boolean; /** - *

                      The number of instances.

                      + *

                      The instance type that the reservation will cover (for example, m1.small). For more information, see + * Instance types in the + * Amazon EC2 User Guide.

                      */ - InstanceCount?: number; + InstanceType?: _InstanceType | string; /** - *

                      The instance type.

                      + *

                      The maximum duration (in seconds) to filter when searching for offerings.

                      + *

                      Default: 94608000 (3 years)

                      */ - InstanceType?: string; + MaxDuration?: number; /** - *

                      The network platform (EC2-Classic or EC2-VPC).

                      + *

                      The maximum number of instances to filter when searching for offerings.

                      + *

                      Default: 20

                      */ - NetworkPlatform?: string; + MaxInstanceCount?: number; /** - *

                      The time for the next schedule to start.

                      + *

                      The minimum duration (in seconds) to filter when searching for offerings.

                      + *

                      Default: 2592000 (1 month)

                      */ - NextSlotStartTime?: Date; + MinDuration?: number; /** - *

                      The platform (Linux/UNIX or Windows).

                      + *

                      The offering class of the Reserved Instance. Can be standard or convertible.

                      */ - Platform?: string; + OfferingClass?: OfferingClassType | string; /** - *

                      The time that the previous schedule ended or will end.

                      + *

                      The Reserved Instance product platform description. Instances that include (Amazon + * VPC) in the description are for use with Amazon VPC.

                      */ - PreviousSlotEndTime?: Date; + ProductDescription?: RIProductDescription | string; /** - *

                      The schedule recurrence.

                      + *

                      One or more Reserved Instances offering IDs.

                      */ - Recurrence?: ScheduledInstanceRecurrence; + ReservedInstancesOfferingIds?: string[]; /** - *

                      The Scheduled Instance ID.

                      + *

                      Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                      */ - ScheduledInstanceId?: string; + DryRun?: boolean; /** - *

                      The number of hours in the schedule.

                      + *

                      The tenancy of the instances covered by the reservation. A Reserved Instance with a tenancy + * of dedicated is applied to instances that run in a VPC on single-tenant hardware + * (i.e., Dedicated Instances).

                      + *

                      + * Important: The host value cannot be used with this parameter. Use the default or dedicated values only.

                      + *

                      Default: default + *

                      */ - SlotDurationInHours?: number; + InstanceTenancy?: Tenancy | string; /** - *

                      The end date for the Scheduled Instance.

                      + *

                      The maximum number of results to return for the request in a single page. The remaining + * results of the initial request can be seen by sending another request with the returned + * NextToken value. The maximum is 100.

                      + *

                      Default: 100

                      */ - TermEndDate?: Date; + MaxResults?: number; /** - *

                      The start date for the Scheduled Instance.

                      + *

                      The token to retrieve the next page of results.

                      */ - TermStartDate?: Date; + NextToken?: string; /** - *

                      The total number of hours for a single instance for the entire term.

                      + *

                      The Reserved Instance offering type. If you are using tools that predate the 2011-11-01 API + * version, you only have access to the Medium Utilization Reserved Instance + * offering type.

                      */ - TotalScheduledInstanceHours?: number; + OfferingType?: OfferingTypeValues | string; } -export namespace ScheduledInstance { +export namespace DescribeReservedInstancesOfferingsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ScheduledInstance): any => ({ + export const filterSensitiveLog = (obj: DescribeReservedInstancesOfferingsRequest): any => ({ ...obj, }); } /** - *

                      Contains the output of DescribeScheduledInstances.

                      + *

                      Describes a Reserved Instance offering.

                      */ -export interface DescribeScheduledInstancesResult { +export interface PricingDetail { /** - *

                      The token required to retrieve the next set of results. This value is null when there are no more results to return.

                      + *

                      The number of reservations available for the price.

                      */ - NextToken?: string; + Count?: number; /** - *

                      Information about the Scheduled Instances.

                      + *

                      The price per instance.

                      */ - ScheduledInstanceSet?: ScheduledInstance[]; + Price?: number; } -export namespace DescribeScheduledInstancesResult { +export namespace PricingDetail { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeScheduledInstancesResult): any => ({ + export const filterSensitiveLog = (obj: PricingDetail): any => ({ ...obj, }); } -export interface DescribeSecurityGroupReferencesRequest { +/** + *

                      Describes a Reserved Instance offering.

                      + */ +export interface ReservedInstancesOffering { /** - *

                      Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                      + *

                      The Availability Zone in which the Reserved Instance can be used.

                      + */ + AvailabilityZone?: string; + + /** + *

                      The duration of the Reserved Instance, in seconds.

                      */ - DryRun?: boolean; + Duration?: number; /** - *

                      The IDs of the security groups in your account.

                      + *

                      The purchase price of the Reserved Instance.

                      */ - GroupId: string[] | undefined; -} + FixedPrice?: number; -export namespace DescribeSecurityGroupReferencesRequest { /** - * @internal + *

                      The instance type on which the Reserved Instance can be used.

                      */ - export const filterSensitiveLog = (obj: DescribeSecurityGroupReferencesRequest): any => ({ - ...obj, - }); -} + InstanceType?: _InstanceType | string; -/** - *

                      Describes a VPC with a security group that references your security group.

                      - */ -export interface SecurityGroupReference { /** - *

                      The ID of your security group.

                      + *

                      The Reserved Instance product platform description.

                      */ - GroupId?: string; + ProductDescription?: RIProductDescription | string; /** - *

                      The ID of the VPC with the referencing security group.

                      + *

                      The ID of the Reserved Instance offering. This is the offering ID used in GetReservedInstancesExchangeQuote + * to confirm that an exchange can be made.

                      */ - ReferencingVpcId?: string; + ReservedInstancesOfferingId?: string; /** - *

                      The ID of the VPC peering connection.

                      + *

                      The usage price of the Reserved Instance, per hour.

                      */ - VpcPeeringConnectionId?: string; -} + UsagePrice?: number; -export namespace SecurityGroupReference { /** - * @internal + *

                      The currency of the Reserved Instance offering you are purchasing. It's + * specified using ISO 4217 standard currency codes. At this time, + * the only supported currency is USD.

                      */ - export const filterSensitiveLog = (obj: SecurityGroupReference): any => ({ - ...obj, - }); -} + CurrencyCode?: CurrencyCodeValues | string; -export interface DescribeSecurityGroupReferencesResult { /** - *

                      Information about the VPCs with the referencing security groups.

                      + *

                      The tenancy of the instance.

                      */ - SecurityGroupReferenceSet?: SecurityGroupReference[]; -} + InstanceTenancy?: Tenancy | string; -export namespace DescribeSecurityGroupReferencesResult { /** - * @internal + *

                      Indicates whether the offering is available through the Reserved Instance Marketplace (resale) or Amazon Web Services. + * If it's a Reserved Instance Marketplace offering, this is true.

                      */ - export const filterSensitiveLog = (obj: DescribeSecurityGroupReferencesResult): any => ({ - ...obj, - }); -} + Marketplace?: boolean; -export interface DescribeSecurityGroupRulesRequest { /** - *

                      One or more filters.

                      - *
                        - *
                      • - *

                        - * group-id - The ID of the security group.

                        - *
                        • - *
                      • - *

                        - * security-group-rule-id - The ID of the security group rule.

                        - *
                        • - *
                      • - *

                        - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. - * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                        - *
                        • - *
                      + *

                      If convertible it can be exchanged for Reserved Instances of + * the same or higher monetary value, with different configurations. If standard, it is not + * possible to perform an exchange.

                      */ - Filters?: Filter[]; + OfferingClass?: OfferingClassType | string; /** - *

                      The IDs of the security group rules.

                      + *

                      The Reserved Instance offering type.

                      */ - SecurityGroupRuleIds?: string[]; + OfferingType?: OfferingTypeValues | string; /** - *

                      Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                      + *

                      The pricing details of the Reserved Instance offering.

                      */ - DryRun?: boolean; + PricingDetails?: PricingDetail[]; /** - *

                      The token for the next page of results.

                      + *

                      The recurring charge tag assigned to the resource.

                      */ - NextToken?: string; + RecurringCharges?: RecurringCharge[]; /** - *

                      The maximum number of results to return in a single call. To retrieve the remaining - * results, make another request with the returned NextToken value. This value - * can be between 5 and 1000. If this parameter is not specified, then all results are - * returned.

                      + *

                      Whether the Reserved Instance is applied to instances in a Region or an Availability Zone.

                      */ - MaxResults?: number; + Scope?: Scope | string; } -export namespace DescribeSecurityGroupRulesRequest { +export namespace ReservedInstancesOffering { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeSecurityGroupRulesRequest): any => ({ + export const filterSensitiveLog = (obj: ReservedInstancesOffering): any => ({ ...obj, }); } -export interface DescribeSecurityGroupRulesResult { +/** + *

                      Contains the output of DescribeReservedInstancesOfferings.

                      + */ +export interface DescribeReservedInstancesOfferingsResult { /** - *

                      Information about security group rules.

                      + *

                      A list of Reserved Instances offerings.

                      */ - SecurityGroupRules?: SecurityGroupRule[]; + ReservedInstancesOfferings?: ReservedInstancesOffering[]; /** - *

                      The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                      + *

                      The token to use to retrieve the next page of results. This value is null when + * there are no more results to return.

                      */ NextToken?: string; } -export namespace DescribeSecurityGroupRulesResult { +export namespace DescribeReservedInstancesOfferingsResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeSecurityGroupRulesResult): any => ({ + export const filterSensitiveLog = (obj: DescribeReservedInstancesOfferingsResult): any => ({ ...obj, }); } -export interface DescribeSecurityGroupsRequest { +export interface DescribeRouteTablesRequest { /** - *

                      The filters. If using multiple filters for rules, the results include security groups for which any combination of rules - not necessarily a single rule - match all filters.

                      - *
                        - *
                      • - *

                        - * description - The description of the security group.

                        - *
                        • - *
                      • - *

                        - * egress.ip-permission.cidr - An IPv4 CIDR block for an outbound - * security group rule.

                        - *
                        • - *
                      • - *

                        - * egress.ip-permission.from-port - For an outbound rule, the - * start of port range for the TCP and UDP protocols, or an ICMP type - * number.

                        - *
                        • - *
                      • - *

                        - * egress.ip-permission.group-id - The ID of a security group - * that has been referenced in an outbound security group rule.

                        - *
                        • - *
                      • - *

                        - * egress.ip-permission.group-name - The name of a security group - * that is referenced in an outbound security group rule.

                        - *
                        • + *

                        One or more filters.

                        + *
                          *
                        • - *

                          - * egress.ip-permission.ipv6-cidr - An IPv6 CIDR block for an - * outbound security group rule.

                          - *
                          • + *

                          + * association.route-table-association-id - The ID of an association + * ID for the route table.

                          + * *
                        • - *

                          - * egress.ip-permission.prefix-list-id - The ID of a prefix list to which a security group rule allows outbound access.

                          - *
                          • + *

                          + * association.route-table-id - The ID of the route table involved in + * the association.

                          + * *
                        • - *

                          - * egress.ip-permission.protocol - The IP protocol for an - * outbound security group rule (tcp | udp | - * icmp, a protocol number, or -1 for all protocols).

                          - *
                          • + *

                          + * association.subnet-id - The ID of the subnet involved in the + * association.

                          + * *
                        • - *

                          - * egress.ip-permission.to-port - For an outbound rule, the end - * of port range for the TCP and UDP protocols, or an ICMP code.

                          - *
                          • + *

                          + * association.main - Indicates whether the route table is the main + * route table for the VPC (true | false). Route tables + * that do not have an association ID are not returned in the response.

                          + * *
                        • - *

                          - * egress.ip-permission.user-id - The ID of an Amazon Web Services account that - * has been referenced in an outbound security group rule.

                          - *
                          • + *

                          + * owner-id - The ID of the Amazon Web Services account that owns the route table.

                          + * *
                        • - *

                          - * group-id - The ID of the security group.

                          - *
                          • + *

                          + * route-table-id - The ID of the route table.

                          + * *
                        • - *

                          - * group-name - The name of the security group.

                          - *
                          • + *

                          + * route.destination-cidr-block - The IPv4 CIDR range specified in a + * route in the table.

                          + * *
                        • - *

                          - * ip-permission.cidr - An IPv4 CIDR block for an inbound security - * group rule.

                          - *
                          • + *

                          + * route.destination-ipv6-cidr-block - The IPv6 CIDR range specified in a route in the route table.

                          + * *
                        • - *

                          - * ip-permission.from-port - For an inbound rule, the start of port - * range for the TCP and UDP protocols, or an ICMP type number.

                          - *
                          • + *

                          + * route.destination-prefix-list-id - The ID (prefix) of the Amazon Web Service + * specified in a route in the table.

                          + * *
                        • - *

                          - * ip-permission.group-id - The ID of a security group that has been - * referenced in an inbound security group rule.

                          - *
                          • + *

                          + * route.egress-only-internet-gateway-id - The ID of an + * egress-only Internet gateway specified in a route in the route table.

                          + * *
                        • - *

                          - * ip-permission.group-name - The name of a security group that is - * referenced in an inbound security group rule.

                          - *
                          • + *

                          + * route.gateway-id - The ID of a gateway specified in a route in the table.

                          + * *
                        • - *

                          - * ip-permission.ipv6-cidr - An IPv6 CIDR block for an inbound security - * group rule.

                          - *
                          • + *

                          + * route.instance-id - The ID of an instance specified in a route in the table.

                          + * *
                        • - *

                          - * ip-permission.prefix-list-id - The ID of a prefix list from which a security group rule allows inbound access.

                          - *
                          • + *

                          + * route.nat-gateway-id - The ID of a NAT gateway.

                          + * *
                        • - *

                          - * ip-permission.protocol - The IP protocol for an inbound security - * group rule (tcp | udp | icmp, a - * protocol number, or -1 for all protocols).

                          - *
                          • + *

                          + * route.transit-gateway-id - The ID of a transit gateway.

                          + * *
                        • - *

                          - * ip-permission.to-port - For an inbound rule, the end of port range - * for the TCP and UDP protocols, or an ICMP code.

                          - *
                          • + *

                          + * route.origin - Describes how the route was created. + * CreateRouteTable indicates that the route was automatically + * created when the route table was created; CreateRoute indicates + * that the route was manually added to the route table; + * EnableVgwRoutePropagation indicates that the route was + * propagated by route propagation.

                          + * *
                        • - *

                          - * ip-permission.user-id - The ID of an Amazon Web Services account that has been - * referenced in an inbound security group rule.

                          - *
                          • + *

                          + * route.state - The state of a route in the route table + * (active | blackhole). The blackhole state + * indicates that the route's target isn't available (for example, the specified + * gateway isn't attached to the VPC, the specified NAT instance has been + * terminated, and so on).

                          + * *
                        • - *

                          - * owner-id - The Amazon Web Services account ID of the owner of the security group.

                          - *
                          • + *

                          + * route.vpc-peering-connection-id - The ID of a VPC peering + * connection specified in a route in the table.

                          + * *
                        • - *

                          + *

                          * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                          - *
                          • + * *
                        • - *

                          + *

                          * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                          - *
                          • + * *
                        • - *

                          - * vpc-id - The ID of the VPC specified when the security group was created.

                          - *
                          • + *

                          + * vpc-id - The ID of the VPC for the route table.

                          + * *
                        */ Filters?: Filter[]; - /** - *

                        The IDs of the security groups. Required for security groups in a nondefault VPC.

                        - *

                        Default: Describes all of your security groups.

                        - */ - GroupIds?: string[]; - - /** - *

                        [EC2-Classic and default VPC only] The names of the security groups. You can specify either - * the security group name or the security group ID. For security groups in a nondefault VPC, use - * the group-name filter to describe security groups by name.

                        - *

                        Default: Describes all of your security groups.

                        - */ - GroupNames?: string[]; - /** *

                        Checks whether you have the required permissions for the action, without actually making the request, * and provides an error response. If you have the required permissions, the error response is DryRunOperation. @@ -8486,87 +8178,40 @@ export interface DescribeSecurityGroupsRequest { DryRun?: boolean; /** - *

                        The token to request the next page of results.

                        + *

                        One or more route table IDs.

                        + *

                        Default: Describes all your route tables.

                        + */ + RouteTableIds?: string[]; + + /** + *

                        The token for the next page of results.

                        */ NextToken?: string; /** - *

                        The maximum number of results to return in a single call. To retrieve the remaining - * results, make another request with the returned NextToken value. This value - * can be between 5 and 1000. If this parameter is not specified, then all results are - * returned.

                        + *

                        The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                        */ MaxResults?: number; } -export namespace DescribeSecurityGroupsRequest { +export namespace DescribeRouteTablesRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeSecurityGroupsRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeRouteTablesRequest): any => ({ ...obj, }); } /** - *

                        Describes a security group.

                        + *

                        Contains the output of DescribeRouteTables.

                        */ -export interface SecurityGroup { - /** - *

                        A description of the security group.

                        - */ - Description?: string; - - /** - *

                        The name of the security group.

                        - */ - GroupName?: string; - - /** - *

                        The inbound rules associated with the security group.

                        - */ - IpPermissions?: IpPermission[]; - - /** - *

                        The Amazon Web Services account ID of the owner of the security group.

                        - */ - OwnerId?: string; - - /** - *

                        The ID of the security group.

                        - */ - GroupId?: string; - - /** - *

                        [VPC only] The outbound rules associated with the security group.

                        - */ - IpPermissionsEgress?: IpPermission[]; - - /** - *

                        Any tags assigned to the security group.

                        - */ - Tags?: Tag[]; - - /** - *

                        [VPC only] The ID of the VPC for the security group.

                        - */ - VpcId?: string; -} - -export namespace SecurityGroup { - /** - * @internal - */ - export const filterSensitiveLog = (obj: SecurityGroup): any => ({ - ...obj, - }); -} - -export interface DescribeSecurityGroupsResult { +export interface DescribeRouteTablesResult { /** - *

                        Information about the security groups.

                        + *

                        Information about one or more route tables.

                        */ - SecurityGroups?: SecurityGroup[]; + RouteTables?: RouteTable[]; /** *

                        The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                        @@ -8574,1719 +8219,1664 @@ export interface DescribeSecurityGroupsResult { NextToken?: string; } -export namespace DescribeSecurityGroupsResult { +export namespace DescribeRouteTablesResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeSecurityGroupsResult): any => ({ + export const filterSensitiveLog = (obj: DescribeRouteTablesResult): any => ({ ...obj, }); } -export type SnapshotAttributeName = "createVolumePermission" | "productCodes"; - -export interface DescribeSnapshotAttributeRequest { - /** - *

                        The snapshot attribute you would like to view.

                        - */ - Attribute: SnapshotAttributeName | string | undefined; - +/** + *

                        Describes the time period for a Scheduled Instance to start its first schedule. The time period must span less than one day.

                        + */ +export interface SlotDateTimeRangeRequest { /** - *

                        The ID of the EBS snapshot.

                        + *

                        The earliest date and time, in UTC, for the Scheduled Instance to start.

                        */ - SnapshotId: string | undefined; + EarliestTime: Date | undefined; /** - *

                        Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                        + *

                        The latest date and time, in UTC, for the Scheduled Instance to start. This value must be later than or equal to the earliest date and at most three months in the future.

                        */ - DryRun?: boolean; + LatestTime: Date | undefined; } -export namespace DescribeSnapshotAttributeRequest { +export namespace SlotDateTimeRangeRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeSnapshotAttributeRequest): any => ({ + export const filterSensitiveLog = (obj: SlotDateTimeRangeRequest): any => ({ ...obj, }); } /** - *

                        Describes the user or group to be added or removed from the list of create volume - * permissions for a volume.

                        + *

                        Describes the recurring schedule for a Scheduled Instance.

                        */ -export interface CreateVolumePermission { - /** - *

                        The group to be added or removed. The possible value is all.

                        - */ - Group?: PermissionGroup | string; - +export interface ScheduledInstanceRecurrenceRequest { /** - *

                        The ID of the Amazon Web Services account to be added or removed.

                        + *

                        The frequency (Daily, Weekly, or Monthly).

                        */ - UserId?: string; -} + Frequency?: string; -export namespace CreateVolumePermission { /** - * @internal + *

                        The interval quantity. The interval unit depends on the value of Frequency. For example, every 2 + * weeks or every 2 months.

                        */ - export const filterSensitiveLog = (obj: CreateVolumePermission): any => ({ - ...obj, - }); -} + Interval?: number; -export interface DescribeSnapshotAttributeResult { /** - *

                        The users and groups that have the permissions for creating volumes from the - * snapshot.

                        + *

                        The days. For a monthly schedule, this is one or more days of the month (1-31). For a weekly schedule, this is one or more days of the week (1-7, where 1 is Sunday). You can't specify this value with a daily schedule. If the occurrence is relative to the end of the month, you can specify only a single day.

                        */ - CreateVolumePermissions?: CreateVolumePermission[]; + OccurrenceDays?: number[]; /** - *

                        The product codes.

                        + *

                        Indicates whether the occurrence is relative to the end of the specified week or month. You can't specify this value with a daily schedule.

                        */ - ProductCodes?: ProductCode[]; + OccurrenceRelativeToEnd?: boolean; /** - *

                        The ID of the EBS snapshot.

                        + *

                        The unit for OccurrenceDays (DayOfWeek or DayOfMonth). + * This value is required for a monthly schedule. + * You can't specify DayOfWeek with a weekly schedule. + * You can't specify this value with a daily schedule.

                        */ - SnapshotId?: string; + OccurrenceUnit?: string; } -export namespace DescribeSnapshotAttributeResult { +export namespace ScheduledInstanceRecurrenceRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeSnapshotAttributeResult): any => ({ - ...obj, - }); -} - -export interface DescribeSnapshotsRequest { - /** - *

                        The filters.

                        - *
                          - *
                        • - *

                          - * description - A description of the snapshot.

                          - *
                          • - *
                        • - *

                          - * encrypted - Indicates whether the snapshot is encrypted - * (true | false)

                          - *
                          • - *
                        • - *

                          - * owner-alias - The owner alias, from an Amazon-maintained list - * (amazon). - * This is not the user-configured Amazon Web Services account alias set using the IAM console. - * We recommend that you use the related parameter instead of this filter.

                          - *
                          • - *
                        • - *

                          - * owner-id - The Amazon Web Services account ID of the owner. We recommend that - * you use the related parameter instead of this filter.

                          - *
                          • - *
                        • - *

                          - * progress - The progress of the snapshot, as a percentage (for example, - * 80%).

                          - *
                          • - *
                        • - *

                          - * snapshot-id - The snapshot ID.

                          - *
                          • - *
                        • - *

                          - * start-time - The time stamp when the snapshot was initiated.

                          - *
                          • - *
                        • - *

                          - * status - The status of the snapshot (pending | - * completed | error).

                          - *
                          • + export const filterSensitiveLog = (obj: ScheduledInstanceRecurrenceRequest): any => ({ + ...obj, + }); +} + +/** + *

                          Contains the parameters for DescribeScheduledInstanceAvailability.

                          + */ +export interface DescribeScheduledInstanceAvailabilityRequest { + /** + *

                          Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                          + */ + DryRun?: boolean; + + /** + *

                          The filters.

                          + *
                            *
                          • *

                            - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. - * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                            + * availability-zone - The Availability Zone (for example, us-west-2a).

                            *
                            • *
                          • *

                            - * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                            + * instance-type - The instance type (for example, c4.large).

                            *
                            • *
                          • *

                            - * volume-id - The ID of the volume the snapshot is for.

                            + * network-platform - The network platform (EC2-Classic or EC2-VPC).

                            *
                            • *
                          • *

                            - * volume-size - The size of the volume, in GiB.

                            + * platform - The platform (Linux/UNIX or Windows).

                            *
                            • *
                          */ Filters?: Filter[]; /** - *

                          The maximum number of snapshot results returned by DescribeSnapshots in - * paginated output. When this parameter is used, DescribeSnapshots only returns - * MaxResults results in a single page along with a NextToken - * response element. The remaining results of the initial request can be seen by sending another - * DescribeSnapshots request with the returned NextToken value. This - * value can be between 5 and 1,000; if MaxResults is given a value larger than 1,000, - * only 1,000 results are returned. If this parameter is not used, then - * DescribeSnapshots returns all results. You cannot specify this parameter and - * the snapshot IDs parameter in the same request.

                          + *

                          The time period for the first schedule to start.

                          */ - MaxResults?: number; + FirstSlotStartTimeRange: SlotDateTimeRangeRequest | undefined; /** - *

                          The NextToken value returned from a previous paginated - * DescribeSnapshots request where MaxResults was used and the - * results exceeded the value of that parameter. Pagination continues from the end of the - * previous results that returned the NextToken value. This value is - * null when there are no more results to return.

                          + *

                          The maximum number of results to return in a single call. + * This value can be between 5 and 300. The default value is 300. + * To retrieve the remaining results, make another call with the returned + * NextToken value.

                          */ - NextToken?: string; + MaxResults?: number; /** - *

                          Scopes the results to snapshots with the specified owners. You can specify a combination of - * Amazon Web Services account IDs, self, and amazon.

                          + *

                          The maximum available duration, in hours. This value must be greater than MinSlotDurationInHours + * and less than 1,720.

                          */ - OwnerIds?: string[]; + MaxSlotDurationInHours?: number; /** - *

                          The IDs of the Amazon Web Services accounts that can create volumes from the snapshot.

                          + *

                          The minimum available duration, in hours. The minimum required duration is 1,200 hours per year. For example, the minimum daily schedule is 4 hours, the minimum weekly schedule is 24 hours, and the minimum monthly schedule is 100 hours.

                          */ - RestorableByUserIds?: string[]; + MinSlotDurationInHours?: number; /** - *

                          The snapshot IDs.

                          - *

                          Default: Describes the snapshots for which you have create volume permissions.

                          + *

                          The token for the next set of results.

                          */ - SnapshotIds?: string[]; + NextToken?: string; /** - *

                          Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                          + *

                          The schedule recurrence.

                          */ - DryRun?: boolean; + Recurrence: ScheduledInstanceRecurrenceRequest | undefined; } -export namespace DescribeSnapshotsRequest { +export namespace DescribeScheduledInstanceAvailabilityRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeSnapshotsRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeScheduledInstanceAvailabilityRequest): any => ({ ...obj, }); } -export interface DescribeSnapshotsResult { +/** + *

                          Describes the recurring schedule for a Scheduled Instance.

                          + */ +export interface ScheduledInstanceRecurrence { /** - *

                          Information about the snapshots.

                          + *

                          The frequency (Daily, Weekly, or Monthly).

                          */ - Snapshots?: Snapshot[]; + Frequency?: string; /** - *

                          The NextToken value to include in a future DescribeSnapshots - * request. When the results of a DescribeSnapshots request exceed - * MaxResults, this value can be used to retrieve the next page of results. This - * value is null when there are no more results to return.

                          + *

                          The interval quantity. The interval unit depends on the value of frequency. For example, every 2 + * weeks or every 2 months.

                          */ - NextToken?: string; -} + Interval?: number; -export namespace DescribeSnapshotsResult { /** - * @internal + *

                          The days. For a monthly schedule, this is one or more days of the month (1-31). For a weekly schedule, this is one or more days of the week (1-7, where 1 is Sunday).

                          */ - export const filterSensitiveLog = (obj: DescribeSnapshotsResult): any => ({ - ...obj, - }); -} + OccurrenceDaySet?: number[]; -/** - *

                          Contains the parameters for DescribeSpotDatafeedSubscription.

                          - */ -export interface DescribeSpotDatafeedSubscriptionRequest { /** - *

                          Checks whether you have the required permissions for the action, without actually - * making the request, and provides an error response. If you have the required - * permissions, the error response is DryRunOperation. Otherwise, it is - * UnauthorizedOperation.

                          + *

                          Indicates whether the occurrence is relative to the end of the specified week or month.

                          */ - DryRun?: boolean; + OccurrenceRelativeToEnd?: boolean; + + /** + *

                          The unit for occurrenceDaySet (DayOfWeek or DayOfMonth).

                          + */ + OccurrenceUnit?: string; } -export namespace DescribeSpotDatafeedSubscriptionRequest { +export namespace ScheduledInstanceRecurrence { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeSpotDatafeedSubscriptionRequest): any => ({ + export const filterSensitiveLog = (obj: ScheduledInstanceRecurrence): any => ({ ...obj, }); } /** - *

                          Contains the output of DescribeSpotDatafeedSubscription.

                          + *

                          Describes a schedule that is available for your Scheduled Instances.

                          */ -export interface DescribeSpotDatafeedSubscriptionResult { +export interface ScheduledInstanceAvailability { /** - *

                          The Spot Instance data feed subscription.

                          + *

                          The Availability Zone.

                          */ - SpotDatafeedSubscription?: SpotDatafeedSubscription; -} + AvailabilityZone?: string; -export namespace DescribeSpotDatafeedSubscriptionResult { /** - * @internal + *

                          The number of available instances.

                          */ - export const filterSensitiveLog = (obj: DescribeSpotDatafeedSubscriptionResult): any => ({ - ...obj, - }); -} + AvailableInstanceCount?: number; -/** - *

                          Contains the parameters for DescribeSpotFleetInstances.

                          - */ -export interface DescribeSpotFleetInstancesRequest { /** - *

                          Checks whether you have the required permissions for the action, without actually - * making the request, and provides an error response. If you have the required - * permissions, the error response is DryRunOperation. Otherwise, it is - * UnauthorizedOperation.

                          + *

                          The time period for the first schedule to start.

                          */ - DryRun?: boolean; + FirstSlotStartTime?: Date; /** - *

                          The maximum number of results to return in a single call. Specify a value between 1 - * and 1000. The default value is 1000. To retrieve the remaining results, make another - * call with the returned NextToken value.

                          + *

                          The hourly price for a single instance.

                          */ - MaxResults?: number; + HourlyPrice?: string; /** - *

                          The token for the next set of results.

                          + *

                          The instance type. You can specify one of the C3, C4, M4, or R3 instance types.

                          */ - NextToken?: string; + InstanceType?: string; /** - *

                          The ID of the Spot Fleet request.

                          + *

                          The maximum term. The only possible value is 365 days.

                          */ - SpotFleetRequestId: string | undefined; -} + MaxTermDurationInDays?: number; -export namespace DescribeSpotFleetInstancesRequest { /** - * @internal + *

                          The minimum term. The only possible value is 365 days.

                          */ - export const filterSensitiveLog = (obj: DescribeSpotFleetInstancesRequest): any => ({ - ...obj, - }); -} + MinTermDurationInDays?: number; -/** - *

                          Contains the output of DescribeSpotFleetInstances.

                          - */ -export interface DescribeSpotFleetInstancesResponse { /** - *

                          The running instances. This list is refreshed periodically and might be out of - * date.

                          + *

                          The network platform (EC2-Classic or EC2-VPC).

                          */ - ActiveInstances?: ActiveInstance[]; + NetworkPlatform?: string; /** - *

                          The token required to retrieve the next set of results. This value is - * null when there are no more results to return.

                          + *

                          The platform (Linux/UNIX or Windows).

                          */ - NextToken?: string; + Platform?: string; /** - *

                          The ID of the Spot Fleet request.

                          + *

                          The purchase token. This token expires in two hours.

                          */ - SpotFleetRequestId?: string; + PurchaseToken?: string; + + /** + *

                          The schedule recurrence.

                          + */ + Recurrence?: ScheduledInstanceRecurrence; + + /** + *

                          The number of hours in the schedule.

                          + */ + SlotDurationInHours?: number; + + /** + *

                          The total number of hours for a single instance for the entire term.

                          + */ + TotalScheduledInstanceHours?: number; } -export namespace DescribeSpotFleetInstancesResponse { +export namespace ScheduledInstanceAvailability { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeSpotFleetInstancesResponse): any => ({ + export const filterSensitiveLog = (obj: ScheduledInstanceAvailability): any => ({ ...obj, }); } -export enum EventType { - BATCH_CHANGE = "fleetRequestChange", - ERROR = "error", - INFORMATION = "information", - INSTANCE_CHANGE = "instanceChange", -} - /** - *

                          Contains the parameters for DescribeSpotFleetRequestHistory.

                          + *

                          Contains the output of DescribeScheduledInstanceAvailability.

                          */ -export interface DescribeSpotFleetRequestHistoryRequest { - /** - *

                          Checks whether you have the required permissions for the action, without actually - * making the request, and provides an error response. If you have the required - * permissions, the error response is DryRunOperation. Otherwise, it is - * UnauthorizedOperation.

                          - */ - DryRun?: boolean; - +export interface DescribeScheduledInstanceAvailabilityResult { /** - *

                          The type of events to describe. By default, all events are described.

                          + *

                          The token required to retrieve the next set of results. This value is null when there are no more results to return.

                          */ - EventType?: EventType | string; + NextToken?: string; /** - *

                          The maximum number of results to return in a single call. Specify a value between 1 - * and 1000. The default value is 1000. To retrieve the remaining results, make another - * call with the returned NextToken value.

                          + *

                          Information about the available Scheduled Instances.

                          */ - MaxResults?: number; + ScheduledInstanceAvailabilitySet?: ScheduledInstanceAvailability[]; +} +export namespace DescribeScheduledInstanceAvailabilityResult { /** - *

                          The token for the next set of results.

                          + * @internal */ - NextToken?: string; + export const filterSensitiveLog = (obj: DescribeScheduledInstanceAvailabilityResult): any => ({ + ...obj, + }); +} +/** + *

                          Describes the time period for a Scheduled Instance to start its first schedule.

                          + */ +export interface SlotStartTimeRangeRequest { /** - *

                          The ID of the Spot Fleet request.

                          + *

                          The earliest date and time, in UTC, for the Scheduled Instance to start.

                          */ - SpotFleetRequestId: string | undefined; + EarliestTime?: Date; /** - *

                          The starting date and time for the events, in UTC format (for example, - * YYYY-MM-DDTHH:MM:SSZ).

                          + *

                          The latest date and time, in UTC, for the Scheduled Instance to start.

                          */ - StartTime: Date | undefined; + LatestTime?: Date; } -export namespace DescribeSpotFleetRequestHistoryRequest { +export namespace SlotStartTimeRangeRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeSpotFleetRequestHistoryRequest): any => ({ + export const filterSensitiveLog = (obj: SlotStartTimeRangeRequest): any => ({ ...obj, }); } /** - *

                          Describes an event in the history of the Spot Fleet request.

                          + *

                          Contains the parameters for DescribeScheduledInstances.

                          */ -export interface HistoryRecord { +export interface DescribeScheduledInstancesRequest { /** - *

                          Information about the event.

                          + *

                          Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                          */ - EventInformation?: EventInformation; + DryRun?: boolean; /** - *

                          The event type.

                          - *
                            + *

                            The filters.

                            + *
                              *
                            • - *

                              - * error - An error with the Spot Fleet request.

                              + *

                              + * availability-zone - The Availability Zone (for example, us-west-2a).

                              *
                              • *
                            • - *

                              - * fleetRequestChange - A change in the status or configuration of - * the Spot Fleet request.

                              + *

                              + * instance-type - The instance type (for example, c4.large).

                              *
                              • *
                            • - *

                              - * instanceChange - An instance was launched or terminated.

                              + *

                              + * network-platform - The network platform (EC2-Classic or EC2-VPC).

                              *
                              • *
                            • - *

                              - * Information - An informational event.

                              + *

                              + * platform - The platform (Linux/UNIX or Windows).

                              *
                              • *
                            */ - EventType?: EventType | string; + Filters?: Filter[]; /** - *

                            The date and time of the event, in UTC format (for example, - * YYYY-MM-DDTHH:MM:SSZ).

                            + *

                            The maximum number of results to return in a single call. + * This value can be between 5 and 300. The default value is 100. + * To retrieve the remaining results, make another call with the returned + * NextToken value.

                            */ - Timestamp?: Date; + MaxResults?: number; + + /** + *

                            The token for the next set of results.

                            + */ + NextToken?: string; + + /** + *

                            The Scheduled Instance IDs.

                            + */ + ScheduledInstanceIds?: string[]; + + /** + *

                            The time period for the first schedule to start.

                            + */ + SlotStartTimeRange?: SlotStartTimeRangeRequest; } -export namespace HistoryRecord { +export namespace DescribeScheduledInstancesRequest { /** * @internal */ - export const filterSensitiveLog = (obj: HistoryRecord): any => ({ + export const filterSensitiveLog = (obj: DescribeScheduledInstancesRequest): any => ({ ...obj, }); } /** - *

                            Contains the output of DescribeSpotFleetRequestHistory.

                            + *

                            Describes a Scheduled Instance.

                            */ -export interface DescribeSpotFleetRequestHistoryResponse { +export interface ScheduledInstance { /** - *

                            Information about the events in the history of the Spot Fleet request.

                            + *

                            The Availability Zone.

                            */ - HistoryRecords?: HistoryRecord[]; + AvailabilityZone?: string; /** - *

                            The last date and time for the events, in UTC format (for example, - * YYYY-MM-DDTHH:MM:SSZ). - * All records up to this time were retrieved.

                            - *

                            If nextToken indicates that there are more results, this value is not - * present.

                            + *

                            The date when the Scheduled Instance was purchased.

                            */ - LastEvaluatedTime?: Date; + CreateDate?: Date; /** - *

                            The token required to retrieve the next set of results. This value is - * null when there are no more results to return.

                            + *

                            The hourly price for a single instance.

                            */ - NextToken?: string; + HourlyPrice?: string; /** - *

                            The ID of the Spot Fleet request.

                            + *

                            The number of instances.

                            */ - SpotFleetRequestId?: string; + InstanceCount?: number; /** - *

                            The starting date and time for the events, in UTC format (for example, - * YYYY-MM-DDTHH:MM:SSZ).

                            + *

                            The instance type.

                            */ - StartTime?: Date; -} + InstanceType?: string; -export namespace DescribeSpotFleetRequestHistoryResponse { /** - * @internal + *

                            The network platform (EC2-Classic or EC2-VPC).

                            */ - export const filterSensitiveLog = (obj: DescribeSpotFleetRequestHistoryResponse): any => ({ - ...obj, - }); -} + NetworkPlatform?: string; -/** - *

                            Contains the parameters for DescribeSpotFleetRequests.

                            - */ -export interface DescribeSpotFleetRequestsRequest { /** - *

                            Checks whether you have the required permissions for the action, without actually - * making the request, and provides an error response. If you have the required - * permissions, the error response is DryRunOperation. Otherwise, it is - * UnauthorizedOperation.

                            + *

                            The time for the next schedule to start.

                            */ - DryRun?: boolean; + NextSlotStartTime?: Date; /** - *

                            The maximum number of results to return in a single call. Specify a value between 1 - * and 1000. The default value is 1000. To retrieve the remaining results, make another - * call with the returned NextToken value.

                            + *

                            The platform (Linux/UNIX or Windows).

                            */ - MaxResults?: number; + Platform?: string; /** - *

                            The token for the next set of results.

                            + *

                            The time that the previous schedule ended or will end.

                            */ - NextToken?: string; + PreviousSlotEndTime?: Date; /** - *

                            The IDs of the Spot Fleet requests.

                            + *

                            The schedule recurrence.

                            */ - SpotFleetRequestIds?: string[]; -} + Recurrence?: ScheduledInstanceRecurrence; -export namespace DescribeSpotFleetRequestsRequest { /** - * @internal + *

                            The Scheduled Instance ID.

                            */ - export const filterSensitiveLog = (obj: DescribeSpotFleetRequestsRequest): any => ({ - ...obj, - }); -} + ScheduledInstanceId?: string; -export enum ExcessCapacityTerminationPolicy { - DEFAULT = "default", - NO_TERMINATION = "noTermination", -} + /** + *

                            The number of hours in the schedule.

                            + */ + SlotDurationInHours?: number; -/** - *

                            Describes whether monitoring is enabled.

                            - */ -export interface SpotFleetMonitoring { /** - *

                            Enables monitoring for the instance.

                            - *

                            Default: false - *

                            + *

                            The end date for the Scheduled Instance.

                            */ - Enabled?: boolean; + TermEndDate?: Date; + + /** + *

                            The start date for the Scheduled Instance.

                            + */ + TermStartDate?: Date; + + /** + *

                            The total number of hours for a single instance for the entire term.

                            + */ + TotalScheduledInstanceHours?: number; } -export namespace SpotFleetMonitoring { +export namespace ScheduledInstance { /** * @internal */ - export const filterSensitiveLog = (obj: SpotFleetMonitoring): any => ({ + export const filterSensitiveLog = (obj: ScheduledInstance): any => ({ ...obj, }); } /** - *

                            Describes a network interface.

                            + *

                            Contains the output of DescribeScheduledInstances.

                            */ -export interface InstanceNetworkInterfaceSpecification { +export interface DescribeScheduledInstancesResult { /** - *

                            Indicates whether to assign a public IPv4 address to an instance you launch in a VPC. The - * public IP address can only be assigned to a network interface for eth0, and can only be - * assigned to a new network interface, not an existing one. You cannot specify more than one - * network interface in the request. If launching into a default subnet, the default value is - * true.

                            + *

                            The token required to retrieve the next set of results. This value is null when there are no more results to return.

                            */ - AssociatePublicIpAddress?: boolean; + NextToken?: string; /** - *

                            If set to true, the interface is deleted when the instance is terminated. You can - * specify true only if creating a new network interface when launching an - * instance.

                            + *

                            Information about the Scheduled Instances.

                            */ - DeleteOnTermination?: boolean; + ScheduledInstanceSet?: ScheduledInstance[]; +} +export namespace DescribeScheduledInstancesResult { /** - *

                            The description of the network interface. Applies only if creating a network interface when launching an instance.

                            + * @internal */ - Description?: string; + export const filterSensitiveLog = (obj: DescribeScheduledInstancesResult): any => ({ + ...obj, + }); +} +export interface DescribeSecurityGroupReferencesRequest { /** - *

                            The position of the network interface in the attachment order. - * A primary network interface has a device index of 0.

                            - *

                            If you specify a network interface when launching an instance, - * you must specify the device index.

                            + *

                            Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                            */ - DeviceIndex?: number; + DryRun?: boolean; /** - *

                            The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.

                            + *

                            The IDs of the security groups in your account.

                            */ - Groups?: string[]; + GroupId: string[] | undefined; +} +export namespace DescribeSecurityGroupReferencesRequest { /** - *

                            A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses - * the IPv6 addresses from the range of the subnet. You cannot specify this option and the - * option to assign specific IPv6 addresses in the same request. You can specify this - * option if you've specified a minimum number of instances to launch.

                            + * @internal */ - Ipv6AddressCount?: number; + export const filterSensitiveLog = (obj: DescribeSecurityGroupReferencesRequest): any => ({ + ...obj, + }); +} +/** + *

                            Describes a VPC with a security group that references your security group.

                            + */ +export interface SecurityGroupReference { /** - *

                            One or more IPv6 addresses to assign to the network interface. You cannot specify - * this option and the option to assign a number of IPv6 addresses in the same request. You - * cannot specify this option if you've specified a minimum number of instances to - * launch.

                            + *

                            The ID of your security group.

                            */ - Ipv6Addresses?: InstanceIpv6Address[]; + GroupId?: string; /** - *

                            The ID of the network interface.

                            - *

                            If you are creating a Spot Fleet, omit this parameter because you can’t specify a network interface ID in a launch specification.

                            + *

                            The ID of the VPC with the referencing security group.

                            */ - NetworkInterfaceId?: string; + ReferencingVpcId?: string; /** - *

                            The private IPv4 address of the network interface. Applies only if creating a network interface when launching an instance. You cannot specify this option if you're launching - * more than one instance in a RunInstances request.

                            + *

                            The ID of the VPC peering connection.

                            */ - PrivateIpAddress?: string; + VpcPeeringConnectionId?: string; +} + +export namespace SecurityGroupReference { + /** + * @internal + */ + export const filterSensitiveLog = (obj: SecurityGroupReference): any => ({ + ...obj, + }); +} +export interface DescribeSecurityGroupReferencesResult { /** - *

                            One or more private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary. You cannot specify this option if you're - * launching more than one instance in a RunInstances request.

                            + *

                            Information about the VPCs with the referencing security groups.

                            */ - PrivateIpAddresses?: PrivateIpAddressSpecification[]; + SecurityGroupReferenceSet?: SecurityGroupReference[]; +} +export namespace DescribeSecurityGroupReferencesResult { /** - *

                            The number of secondary private IPv4 addresses. You can't specify this option and specify more than one private IP address using the private IP addresses option. You cannot specify this option if you're - * launching more than one instance in a RunInstances request.

                            + * @internal */ - SecondaryPrivateIpAddressCount?: number; + export const filterSensitiveLog = (obj: DescribeSecurityGroupReferencesResult): any => ({ + ...obj, + }); +} +export interface DescribeSecurityGroupRulesRequest { /** - *

                            The ID of the subnet associated with the network interface. Applies only if creating a network interface when launching an instance.

                            + *

                            One or more filters.

                            + *
                              + *
                            • + *

                              + * group-id - The ID of the security group.

                              + *
                              • + *
                            • + *

                              + * security-group-rule-id - The ID of the security group rule.

                              + *
                              • + *
                            • + *

                              + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. + * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                              + *
                              • + *
                            */ - SubnetId?: string; + Filters?: Filter[]; /** - *

                            Indicates whether to assign a carrier IP address to the network interface.

                            - *

                            You can only assign a carrier IP address to a network interface that is in a subnet in a Wavelength Zone. - * For more information about carrier IP addresses, see Carrier IP addresses in the Amazon Web Services Wavelength Developer Guide.

                            + *

                            The IDs of the security group rules.

                            */ - AssociateCarrierIpAddress?: boolean; + SecurityGroupRuleIds?: string[]; /** - *

                            The type of network interface.

                            - *

                            To create an Elastic Fabric Adapter (EFA), specify - * efa. For more information, see Elastic Fabric Adapter in the - * Amazon Elastic Compute Cloud User Guide.

                            - * - *

                            Valid values: interface | efa - *

                            + *

                            Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                            */ - InterfaceType?: string; + DryRun?: boolean; /** - *

                            The index of the network card. Some instance types support multiple network cards. - * The primary network interface must be assigned to network card index 0. - * The default is network card index 0.

                            - *

                            If you are using RequestSpotInstances to create Spot Instances, omit this parameter because - * you can’t specify the network card index when using this API. To specify the network - * card index, use RunInstances.

                            + *

                            The token for the next page of results.

                            */ - NetworkCardIndex?: number; + NextToken?: string; /** - *

                            One or more IPv4 delegated prefixes to be assigned to the network interface. You cannot - * use this option if you use the Ipv4PrefixCount option.

                            + *

                            The maximum number of results to return in a single call. To retrieve the remaining + * results, make another request with the returned NextToken value. This value + * can be between 5 and 1000. If this parameter is not specified, then all results are + * returned.

                            */ - Ipv4Prefixes?: Ipv4PrefixSpecificationRequest[]; + MaxResults?: number; +} +export namespace DescribeSecurityGroupRulesRequest { /** - *

                            The number of IPv4 delegated prefixes to be automatically assigned to the network interface. - * You cannot use this option if you use the Ipv4Prefix option.

                            + * @internal */ - Ipv4PrefixCount?: number; + export const filterSensitiveLog = (obj: DescribeSecurityGroupRulesRequest): any => ({ + ...obj, + }); +} +export interface DescribeSecurityGroupRulesResult { /** - *

                            One or more IPv6 delegated prefixes to be assigned to the network interface. You cannot - * use this option if you use the Ipv6PrefixCount option.

                            + *

                            Information about security group rules.

                            */ - Ipv6Prefixes?: Ipv6PrefixSpecificationRequest[]; + SecurityGroupRules?: SecurityGroupRule[]; /** - *

                            The number of IPv6 delegated prefixes to be automatically assigned to the network interface. - * You cannot use this option if you use the Ipv6Prefix option.

                            + *

                            The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                            */ - Ipv6PrefixCount?: number; + NextToken?: string; } -export namespace InstanceNetworkInterfaceSpecification { +export namespace DescribeSecurityGroupRulesResult { /** * @internal */ - export const filterSensitiveLog = (obj: InstanceNetworkInterfaceSpecification): any => ({ + export const filterSensitiveLog = (obj: DescribeSecurityGroupRulesResult): any => ({ ...obj, }); } -/** - *

                            Describes Spot Instance placement.

                            - */ -export interface SpotPlacement { +export interface DescribeSecurityGroupsRequest { /** - *

                            The Availability Zone.

                            - *

                            [Spot Fleet only] To specify multiple Availability Zones, separate them using commas; - * for example, "us-west-2a, us-west-2b".

                            + *

                            The filters. If using multiple filters for rules, the results include security groups for which any combination of rules - not necessarily a single rule - match all filters.

                            + *
                              + *
                            • + *

                              + * description - The description of the security group.

                              + *
                              • + *
                            • + *

                              + * egress.ip-permission.cidr - An IPv4 CIDR block for an outbound + * security group rule.

                              + *
                              • + *
                            • + *

                              + * egress.ip-permission.from-port - For an outbound rule, the + * start of port range for the TCP and UDP protocols, or an ICMP type + * number.

                              + *
                              • + *
                            • + *

                              + * egress.ip-permission.group-id - The ID of a security group + * that has been referenced in an outbound security group rule.

                              + *
                              • + *
                            • + *

                              + * egress.ip-permission.group-name - The name of a security group + * that is referenced in an outbound security group rule.

                              + *
                              • + *
                            • + *

                              + * egress.ip-permission.ipv6-cidr - An IPv6 CIDR block for an + * outbound security group rule.

                              + *
                              • + *
                            • + *

                              + * egress.ip-permission.prefix-list-id - The ID of a prefix list to which a security group rule allows outbound access.

                              + *
                              • + *
                            • + *

                              + * egress.ip-permission.protocol - The IP protocol for an + * outbound security group rule (tcp | udp | + * icmp, a protocol number, or -1 for all protocols).

                              + *
                              • + *
                            • + *

                              + * egress.ip-permission.to-port - For an outbound rule, the end + * of port range for the TCP and UDP protocols, or an ICMP code.

                              + *
                              • + *
                            • + *

                              + * egress.ip-permission.user-id - The ID of an Amazon Web Services account that + * has been referenced in an outbound security group rule.

                              + *
                              • + *
                            • + *

                              + * group-id - The ID of the security group.

                              + *
                              • + *
                            • + *

                              + * group-name - The name of the security group.

                              + *
                              • + *
                            • + *

                              + * ip-permission.cidr - An IPv4 CIDR block for an inbound security + * group rule.

                              + *
                              • + *
                            • + *

                              + * ip-permission.from-port - For an inbound rule, the start of port + * range for the TCP and UDP protocols, or an ICMP type number.

                              + *
                              • + *
                            • + *

                              + * ip-permission.group-id - The ID of a security group that has been + * referenced in an inbound security group rule.

                              + *
                              • + *
                            • + *

                              + * ip-permission.group-name - The name of a security group that is + * referenced in an inbound security group rule.

                              + *
                              • + *
                            • + *

                              + * ip-permission.ipv6-cidr - An IPv6 CIDR block for an inbound security + * group rule.

                              + *
                              • + *
                            • + *

                              + * ip-permission.prefix-list-id - The ID of a prefix list from which a security group rule allows inbound access.

                              + *
                              • + *
                            • + *

                              + * ip-permission.protocol - The IP protocol for an inbound security + * group rule (tcp | udp | icmp, a + * protocol number, or -1 for all protocols).

                              + *
                              • + *
                            • + *

                              + * ip-permission.to-port - For an inbound rule, the end of port range + * for the TCP and UDP protocols, or an ICMP code.

                              + *
                              • + *
                            • + *

                              + * ip-permission.user-id - The ID of an Amazon Web Services account that has been + * referenced in an inbound security group rule.

                              + *
                              • + *
                            • + *

                              + * owner-id - The Amazon Web Services account ID of the owner of the security group.

                              + *
                              • + *
                            • + *

                              + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. + * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                              + *
                              • + *
                            • + *

                              + * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                              + *
                              • + *
                            • + *

                              + * vpc-id - The ID of the VPC specified when the security group was created.

                              + *
                              • + *
                            */ - AvailabilityZone?: string; + Filters?: Filter[]; /** - *

                            The name of the placement group.

                            + *

                            The IDs of the security groups. Required for security groups in a nondefault VPC.

                            + *

                            Default: Describes all of your security groups.

                            */ - GroupName?: string; + GroupIds?: string[]; /** - *

                            The tenancy of the instance (if the instance is running in a VPC). An instance with a - * tenancy of dedicated runs on single-tenant hardware. The host - * tenancy is not supported for Spot Instances.

                            + *

                            [EC2-Classic and default VPC only] The names of the security groups. You can specify either + * the security group name or the security group ID. For security groups in a nondefault VPC, use + * the group-name filter to describe security groups by name.

                            + *

                            Default: Describes all of your security groups.

                            */ - Tenancy?: Tenancy | string; -} + GroupNames?: string[]; -export namespace SpotPlacement { /** - * @internal + *

                            Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                            */ - export const filterSensitiveLog = (obj: SpotPlacement): any => ({ - ...obj, - }); -} + DryRun?: boolean; -/** - *

                            The tags for a Spot Fleet resource.

                            - */ -export interface SpotFleetTagSpecification { /** - *

                            The type of resource. Currently, the only resource type that is supported is - * instance. To tag the Spot Fleet request on creation, use the - * TagSpecifications parameter in - * SpotFleetRequestConfigData - * .

                            + *

                            The token to request the next page of results.

                            */ - ResourceType?: ResourceType | string; + NextToken?: string; /** - *

                            The tags.

                            + *

                            The maximum number of results to return in a single call. To retrieve the remaining + * results, make another request with the returned NextToken value. This value + * can be between 5 and 1000. If this parameter is not specified, then all results are + * returned.

                            */ - Tags?: Tag[]; + MaxResults?: number; } -export namespace SpotFleetTagSpecification { +export namespace DescribeSecurityGroupsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: SpotFleetTagSpecification): any => ({ + export const filterSensitiveLog = (obj: DescribeSecurityGroupsRequest): any => ({ ...obj, }); } /** - *

                            Describes the launch specification for one or more Spot Instances. If you include - * On-Demand capacity in your fleet request or want to specify an EFA network device, you - * can't use SpotFleetLaunchSpecification; you must use LaunchTemplateConfig.

                            + *

                            Describes a security group.

                            */ -export interface SpotFleetLaunchSpecification { +export interface SecurityGroup { /** - *

                            One or more security groups. When requesting instances in a VPC, you must specify the IDs of the security groups. When requesting instances in EC2-Classic, you can specify the names or the IDs of the security groups.

                            + *

                            A description of the security group.

                            */ - SecurityGroups?: GroupIdentifier[]; + Description?: string; /** - *

                            Deprecated.

                            + *

                            The name of the security group.

                            */ - AddressingType?: string; + GroupName?: string; /** - *

                            One or more block devices that are mapped to the Spot Instances. You can't specify both - * a snapshot ID and an encryption value. This is because only blank volumes can be - * encrypted on creation. If a snapshot is the basis for a volume, it is not blank and its - * encryption status is used for the volume encryption status.

                            + *

                            The inbound rules associated with the security group.

                            */ - BlockDeviceMappings?: BlockDeviceMapping[]; + IpPermissions?: IpPermission[]; /** - *

                            Indicates whether the instances are optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.

                            - *

                            Default: false - *

                            + *

                            The Amazon Web Services account ID of the owner of the security group.

                            */ - EbsOptimized?: boolean; + OwnerId?: string; /** - *

                            The IAM instance profile.

                            + *

                            The ID of the security group.

                            */ - IamInstanceProfile?: IamInstanceProfileSpecification; + GroupId?: string; /** - *

                            The ID of the AMI.

                            + *

                            [VPC only] The outbound rules associated with the security group.

                            */ - ImageId?: string; + IpPermissionsEgress?: IpPermission[]; /** - *

                            The instance type.

                            + *

                            Any tags assigned to the security group.

                            */ - InstanceType?: _InstanceType | string; + Tags?: Tag[]; /** - *

                            The ID of the kernel.

                            + *

                            [VPC only] The ID of the VPC for the security group.

                            */ - KernelId?: string; + VpcId?: string; +} +export namespace SecurityGroup { /** - *

                            The name of the key pair.

                            + * @internal */ - KeyName?: string; + export const filterSensitiveLog = (obj: SecurityGroup): any => ({ + ...obj, + }); +} +export interface DescribeSecurityGroupsResult { /** - *

                            Enable or disable monitoring for the instances.

                            + *

                            Information about the security groups.

                            */ - Monitoring?: SpotFleetMonitoring; + SecurityGroups?: SecurityGroup[]; /** - *

                            One or more network interfaces. If you specify a network interface, you must specify - * subnet IDs and security group IDs using the network interface.

                            - * - *

                            - * SpotFleetLaunchSpecification currently does not support Elastic Fabric Adapter (EFA). To specify an EFA, you must use LaunchTemplateConfig.

                            - *                             + *

                            The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                            */ - NetworkInterfaces?: InstanceNetworkInterfaceSpecification[]; + NextToken?: string; +} +export namespace DescribeSecurityGroupsResult { /** - *

                            The placement information.

                            + * @internal */ - Placement?: SpotPlacement; + export const filterSensitiveLog = (obj: DescribeSecurityGroupsResult): any => ({ + ...obj, + }); +} + +export type SnapshotAttributeName = "createVolumePermission" | "productCodes"; +export interface DescribeSnapshotAttributeRequest { /** - *

                            The ID of the RAM disk. Some kernels require additional drivers at launch. Check the kernel - * requirements for information about whether you need to specify a RAM disk. To find kernel - * requirements, refer to the Amazon Web Services Resource Center and search for the kernel ID.

                            + *

                            The snapshot attribute you would like to view.

                            */ - RamdiskId?: string; + Attribute: SnapshotAttributeName | string | undefined; /** - *

                            The maximum price per unit hour that you are willing to pay for a Spot Instance. - * If this value is not specified, the default is the Spot price specified for the fleet. - * To determine the Spot price per unit hour, divide the Spot price by the - * value of WeightedCapacity.

                            + *

                            The ID of the EBS snapshot.

                            */ - SpotPrice?: string; + SnapshotId: string | undefined; /** - *

                            The IDs of the subnets in which to launch the instances. To specify multiple subnets, separate - * them using commas; for example, "subnet-1234abcdeexample1, subnet-0987cdef6example2".

                            + *

                            Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                            */ - SubnetId?: string; + DryRun?: boolean; +} +export namespace DescribeSnapshotAttributeRequest { /** - *

                            The Base64-encoded user data that instances use when starting up.

                            + * @internal */ - UserData?: string; + export const filterSensitiveLog = (obj: DescribeSnapshotAttributeRequest): any => ({ + ...obj, + }); +} +/** + *

                            Describes the user or group to be added or removed from the list of create volume + * permissions for a volume.

                            + */ +export interface CreateVolumePermission { /** - *

                            The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.

                            - *

                            If the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.

                            + *

                            The group to be added or removed. The possible value is all.

                            */ - WeightedCapacity?: number; + Group?: PermissionGroup | string; /** - *

                            The tags to apply during creation.

                            + *

                            The ID of the Amazon Web Services account to be added or removed.

                            */ - TagSpecifications?: SpotFleetTagSpecification[]; + UserId?: string; } -export namespace SpotFleetLaunchSpecification { +export namespace CreateVolumePermission { /** * @internal */ - export const filterSensitiveLog = (obj: SpotFleetLaunchSpecification): any => ({ + export const filterSensitiveLog = (obj: CreateVolumePermission): any => ({ ...obj, }); } -/** - *

                            Describes overrides for a launch template.

                            - */ -export interface LaunchTemplateOverrides { +export interface DescribeSnapshotAttributeResult { /** - *

                            The instance type.

                            + *

                            The users and groups that have the permissions for creating volumes from the + * snapshot.

                            */ - InstanceType?: _InstanceType | string; + CreateVolumePermissions?: CreateVolumePermission[]; /** - *

                            The maximum price per unit hour that you are willing to pay for a Spot - * Instance.

                            + *

                            The product codes.

                            */ - SpotPrice?: string; + ProductCodes?: ProductCode[]; /** - *

                            The ID of the subnet in which to launch the instances.

                            + *

                            The ID of the EBS snapshot.

                            */ - SubnetId?: string; + SnapshotId?: string; +} +export namespace DescribeSnapshotAttributeResult { /** - *

                            The Availability Zone in which to launch the instances.

                            + * @internal */ - AvailabilityZone?: string; + export const filterSensitiveLog = (obj: DescribeSnapshotAttributeResult): any => ({ + ...obj, + }); +} +export interface DescribeSnapshotsRequest { /** - *

                            The number of units provided by the specified instance type.

                            + *

                            The filters.

                            + *
                              + *
                            • + *

                              + * description - A description of the snapshot.

                              + *
                              • + *
                            • + *

                              + * encrypted - Indicates whether the snapshot is encrypted + * (true | false)

                              + *
                              • + *
                            • + *

                              + * owner-alias - The owner alias, from an Amazon-maintained list + * (amazon). + * This is not the user-configured Amazon Web Services account alias set using the IAM console. + * We recommend that you use the related parameter instead of this filter.

                              + *
                              • + *
                            • + *

                              + * owner-id - The Amazon Web Services account ID of the owner. We recommend that + * you use the related parameter instead of this filter.

                              + *
                              • + *
                            • + *

                              + * progress - The progress of the snapshot, as a percentage (for example, + * 80%).

                              + *
                              • + *
                            • + *

                              + * snapshot-id - The snapshot ID.

                              + *
                              • + *
                            • + *

                              + * start-time - The time stamp when the snapshot was initiated.

                              + *
                              • + *
                            • + *

                              + * status - The status of the snapshot (pending | + * completed | error).

                              + *
                              • + *
                            • + *

                              + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. + * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                              + *
                              • + *
                            • + *

                              + * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                              + *
                              • + *
                            • + *

                              + * volume-id - The ID of the volume the snapshot is for.

                              + *
                              • + *
                            • + *

                              + * volume-size - The size of the volume, in GiB.

                              + *
                              • + *
                            + */ + Filters?: Filter[]; + + /** + *

                            The maximum number of snapshot results returned by DescribeSnapshots in + * paginated output. When this parameter is used, DescribeSnapshots only returns + * MaxResults results in a single page along with a NextToken + * response element. The remaining results of the initial request can be seen by sending another + * DescribeSnapshots request with the returned NextToken value. This + * value can be between 5 and 1,000; if MaxResults is given a value larger than 1,000, + * only 1,000 results are returned. If this parameter is not used, then + * DescribeSnapshots returns all results. You cannot specify this parameter and + * the snapshot IDs parameter in the same request.

                            + */ + MaxResults?: number; + + /** + *

                            The NextToken value returned from a previous paginated + * DescribeSnapshots request where MaxResults was used and the + * results exceeded the value of that parameter. Pagination continues from the end of the + * previous results that returned the NextToken value. This value is + * null when there are no more results to return.

                            */ - WeightedCapacity?: number; + NextToken?: string; /** - *

                            The priority for the launch template override. The highest priority is launched - * first.

                            - *

                            If OnDemandAllocationStrategy is set to prioritized, Spot Fleet - * uses priority to determine which launch template override to use first in fulfilling - * On-Demand capacity.

                            - *

                            If the Spot AllocationStrategy is set to - * capacityOptimizedPrioritized, Spot Fleet uses priority on a best-effort basis - * to determine which launch template override to use in fulfilling Spot capacity, but - * optimizes for capacity first.

                            - *

                            Valid values are whole numbers starting at 0. The lower the number, the - * higher the priority. If no number is set, the launch template override has the lowest - * priority. You can set the same priority for different launch template overrides.

                            + *

                            Scopes the results to snapshots with the specified owners. You can specify a combination of + * Amazon Web Services account IDs, self, and amazon.

                            */ - Priority?: number; -} + OwnerIds?: string[]; -export namespace LaunchTemplateOverrides { /** - * @internal + *

                            The IDs of the Amazon Web Services accounts that can create volumes from the snapshot.

                            */ - export const filterSensitiveLog = (obj: LaunchTemplateOverrides): any => ({ - ...obj, - }); -} + RestorableByUserIds?: string[]; -/** - *

                            Describes a launch template and overrides.

                            - */ -export interface LaunchTemplateConfig { /** - *

                            The launch template.

                            + *

                            The snapshot IDs.

                            + *

                            Default: Describes the snapshots for which you have create volume permissions.

                            */ - LaunchTemplateSpecification?: FleetLaunchTemplateSpecification; + SnapshotIds?: string[]; /** - *

                            Any parameters that you specify override the same parameters in the launch - * template.

                            + *

                            Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                            */ - Overrides?: LaunchTemplateOverrides[]; + DryRun?: boolean; } -export namespace LaunchTemplateConfig { +export namespace DescribeSnapshotsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: LaunchTemplateConfig): any => ({ + export const filterSensitiveLog = (obj: DescribeSnapshotsRequest): any => ({ ...obj, }); } -/** - *

                            Describes a Classic Load Balancer.

                            - */ -export interface ClassicLoadBalancer { +export interface DescribeSnapshotsResult { /** - *

                            The name of the load balancer.

                            + *

                            Information about the snapshots.

                            */ - Name?: string; + Snapshots?: Snapshot[]; + + /** + *

                            The NextToken value to include in a future DescribeSnapshots + * request. When the results of a DescribeSnapshots request exceed + * MaxResults, this value can be used to retrieve the next page of results. This + * value is null when there are no more results to return.

                            + */ + NextToken?: string; } -export namespace ClassicLoadBalancer { +export namespace DescribeSnapshotsResult { /** * @internal */ - export const filterSensitiveLog = (obj: ClassicLoadBalancer): any => ({ + export const filterSensitiveLog = (obj: DescribeSnapshotsResult): any => ({ ...obj, }); } /** - *

                            Describes the Classic Load Balancers to attach to a Spot Fleet. Spot Fleet registers - * the running Spot Instances with these Classic Load Balancers.

                            + *

                            Contains the parameters for DescribeSpotDatafeedSubscription.

                            */ -export interface ClassicLoadBalancersConfig { +export interface DescribeSpotDatafeedSubscriptionRequest { /** - *

                            One or more Classic Load Balancers.

                            + *

                            Checks whether you have the required permissions for the action, without actually + * making the request, and provides an error response. If you have the required + * permissions, the error response is DryRunOperation. Otherwise, it is + * UnauthorizedOperation.

                            */ - ClassicLoadBalancers?: ClassicLoadBalancer[]; + DryRun?: boolean; } -export namespace ClassicLoadBalancersConfig { +export namespace DescribeSpotDatafeedSubscriptionRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ClassicLoadBalancersConfig): any => ({ + export const filterSensitiveLog = (obj: DescribeSpotDatafeedSubscriptionRequest): any => ({ ...obj, }); } /** - *

                            Describes a load balancer target group.

                            + *

                            Contains the output of DescribeSpotDatafeedSubscription.

                            */ -export interface TargetGroup { +export interface DescribeSpotDatafeedSubscriptionResult { /** - *

                            The Amazon Resource Name (ARN) of the target group.

                            + *

                            The Spot Instance data feed subscription.

                            */ - Arn?: string; + SpotDatafeedSubscription?: SpotDatafeedSubscription; } -export namespace TargetGroup { +export namespace DescribeSpotDatafeedSubscriptionResult { /** * @internal */ - export const filterSensitiveLog = (obj: TargetGroup): any => ({ + export const filterSensitiveLog = (obj: DescribeSpotDatafeedSubscriptionResult): any => ({ ...obj, }); } /** - *

                            Describes the target groups to attach to a Spot Fleet. Spot Fleet registers the - * running Spot Instances with these target groups.

                            + *

                            Contains the parameters for DescribeSpotFleetInstances.

                            */ -export interface TargetGroupsConfig { +export interface DescribeSpotFleetInstancesRequest { /** - *

                            One or more target groups.

                            + *

                            Checks whether you have the required permissions for the action, without actually + * making the request, and provides an error response. If you have the required + * permissions, the error response is DryRunOperation. Otherwise, it is + * UnauthorizedOperation.

                            */ - TargetGroups?: TargetGroup[]; -} + DryRun?: boolean; -export namespace TargetGroupsConfig { /** - * @internal + *

                            The maximum number of results to return in a single call. Specify a value between 1 + * and 1000. The default value is 1000. To retrieve the remaining results, make another + * call with the returned NextToken value.

                            */ - export const filterSensitiveLog = (obj: TargetGroupsConfig): any => ({ - ...obj, - }); -} + MaxResults?: number; -/** - *

                            Describes the Classic Load Balancers and target groups to attach to a Spot Fleet - * request.

                            - */ -export interface LoadBalancersConfig { /** - *

                            The Classic Load Balancers.

                            + *

                            The token for the next set of results.

                            */ - ClassicLoadBalancersConfig?: ClassicLoadBalancersConfig; + NextToken?: string; /** - *

                            The target groups.

                            + *

                            The ID of the Spot Fleet request.

                            */ - TargetGroupsConfig?: TargetGroupsConfig; + SpotFleetRequestId: string | undefined; } -export namespace LoadBalancersConfig { +export namespace DescribeSpotFleetInstancesRequest { /** * @internal */ - export const filterSensitiveLog = (obj: LoadBalancersConfig): any => ({ + export const filterSensitiveLog = (obj: DescribeSpotFleetInstancesRequest): any => ({ ...obj, }); } -export enum OnDemandAllocationStrategy { - LOWEST_PRICE = "lowestPrice", - PRIORITIZED = "prioritized", -} - -export enum ReplacementStrategy { - LAUNCH = "launch", -} - /** - *

                            The Spot Instance replacement strategy to use when Amazon EC2 emits a signal that your - * Spot Instance is at an elevated risk of being interrupted. For more information, see - * Capacity rebalancing in the Amazon EC2 User Guide for Linux Instances.

                            + *

                            Contains the output of DescribeSpotFleetInstances.

                            */ -export interface SpotCapacityRebalance { +export interface DescribeSpotFleetInstancesResponse { /** - *

                            The replacement strategy to use. Only available for fleets of type - * maintain. You must specify a value, otherwise you get an error.

                            - *

                            To allow Spot Fleet to launch a replacement Spot Instance when an instance rebalance - * notification is emitted for a Spot Instance in the fleet, specify - * launch.

                            - * - *

                            When a replacement instance is launched, the instance marked for rebalance is not - * automatically terminated. You can terminate it, or you can leave it running. You are - * charged for all instances while they are running.

                            - *                             + *

                            The running instances. This list is refreshed periodically and might be out of + * date.

                            */ - ReplacementStrategy?: ReplacementStrategy | string; -} + ActiveInstances?: ActiveInstance[]; -export namespace SpotCapacityRebalance { /** - * @internal + *

                            The token required to retrieve the next set of results. This value is + * null when there are no more results to return.

                            */ - export const filterSensitiveLog = (obj: SpotCapacityRebalance): any => ({ - ...obj, - }); -} + NextToken?: string; -/** - *

                            The strategies for managing your Spot Instances that are at an elevated risk of being - * interrupted.

                            - */ -export interface SpotMaintenanceStrategies { /** - *

                            The strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an - * elevated risk of being interrupted.

                            + *

                            The ID of the Spot Fleet request.

                            */ - CapacityRebalance?: SpotCapacityRebalance; + SpotFleetRequestId?: string; } -export namespace SpotMaintenanceStrategies { +export namespace DescribeSpotFleetInstancesResponse { /** * @internal */ - export const filterSensitiveLog = (obj: SpotMaintenanceStrategies): any => ({ + export const filterSensitiveLog = (obj: DescribeSpotFleetInstancesResponse): any => ({ ...obj, }); } +export enum EventType { + BATCH_CHANGE = "fleetRequestChange", + ERROR = "error", + INFORMATION = "information", + INSTANCE_CHANGE = "instanceChange", +} + /** - *

                            Describes the configuration of a Spot Fleet request.

                            + *

                            Contains the parameters for DescribeSpotFleetRequestHistory.

                            */ -export interface SpotFleetRequestConfigData { - /** - *

                            Indicates how to allocate the target Spot Instance capacity across the Spot Instance pools specified by - * the Spot Fleet request.

                            - *

                            If the allocation strategy is lowestPrice, Spot Fleet launches instances from - * the Spot Instance pools with the lowest price. This is the default allocation strategy.

                            - *

                            If the allocation strategy is diversified, Spot Fleet launches instances from - * all the Spot Instance pools that you specify.

                            - *

                            If the allocation strategy is capacityOptimized (recommended), Spot Fleet - * launches instances from Spot Instance pools with optimal capacity for the number of instances - * that are launching. To give certain instance types a higher chance of launching first, - * use capacityOptimizedPrioritized. Set a priority for each instance type by - * using the Priority parameter for LaunchTemplateOverrides. You - * can assign the same priority to different LaunchTemplateOverrides. EC2 - * implements the priorities on a best-effort basis, but optimizes for capacity first. - * capacityOptimizedPrioritized is supported only if your Spot Fleet uses a - * launch template. Note that if the OnDemandAllocationStrategy is set to - * prioritized, the same priority is applied when fulfilling On-Demand - * capacity.

                            - */ - AllocationStrategy?: AllocationStrategy | string; - - /** - *

                            The order of the launch template overrides to use in fulfilling On-Demand capacity. If - * you specify lowestPrice, Spot Fleet uses price to determine the order, launching - * the lowest price first. If you specify prioritized, Spot Fleet uses the priority - * that you assign to each Spot Fleet launch template override, launching the highest priority - * first. If you do not specify a value, Spot Fleet defaults to lowestPrice.

                            - */ - OnDemandAllocationStrategy?: OnDemandAllocationStrategy | string; - - /** - *

                            The strategies for managing your Spot Instances that are at an elevated risk of being - * interrupted.

                            - */ - SpotMaintenanceStrategies?: SpotMaintenanceStrategies; - - /** - *

                            A unique, case-sensitive identifier that you provide to ensure the idempotency of your - * listings. This helps to avoid duplicate listings. For more information, see Ensuring Idempotency.

                            - */ - ClientToken?: string; - +export interface DescribeSpotFleetRequestHistoryRequest { /** - *

                            Indicates whether running Spot Instances should be terminated if you decrease the - * target capacity of the Spot Fleet request below the current size of the Spot - * Fleet.

                            + *

                            Checks whether you have the required permissions for the action, without actually + * making the request, and provides an error response. If you have the required + * permissions, the error response is DryRunOperation. Otherwise, it is + * UnauthorizedOperation.

                            */ - ExcessCapacityTerminationPolicy?: ExcessCapacityTerminationPolicy | string; + DryRun?: boolean; /** - *

                            The number of units fulfilled by this request compared to the set target capacity. You - * cannot set this value.

                            + *

                            The type of events to describe. By default, all events are described.

                            */ - FulfilledCapacity?: number; + EventType?: EventType | string; /** - *

                            The number of On-Demand units fulfilled by this request compared to the set target - * On-Demand capacity.

                            + *

                            The maximum number of results to return in a single call. Specify a value between 1 + * and 1000. The default value is 1000. To retrieve the remaining results, make another + * call with the returned NextToken value.

                            */ - OnDemandFulfilledCapacity?: number; + MaxResults?: number; /** - *

                            The Amazon Resource Name (ARN) of an Identity and Access Management (IAM) role that - * grants the Spot Fleet the permission to request, launch, terminate, and tag instances on - * your behalf. For more information, see Spot - * Fleet prerequisites in the Amazon EC2 User Guide for Linux Instances. Spot Fleet - * can terminate Spot Instances on your behalf when you cancel its Spot Fleet request using - * CancelSpotFleetRequests or when the Spot Fleet request expires, if you set - * TerminateInstancesWithExpiration.

                            + *

                            The token for the next set of results.

                            */ - IamFleetRole: string | undefined; + NextToken?: string; /** - *

                            The launch specifications for the Spot Fleet request. If you specify - * LaunchSpecifications, you can't specify - * LaunchTemplateConfigs. If you include On-Demand capacity in your - * request, you must use LaunchTemplateConfigs.

                            + *

                            The ID of the Spot Fleet request.

                            */ - LaunchSpecifications?: SpotFleetLaunchSpecification[]; + SpotFleetRequestId: string | undefined; /** - *

                            The launch template and overrides. If you specify LaunchTemplateConfigs, - * you can't specify LaunchSpecifications. If you include On-Demand capacity - * in your request, you must use LaunchTemplateConfigs.

                            + *

                            The starting date and time for the events, in UTC format (for example, + * YYYY-MM-DDTHH:MM:SSZ).

                            */ - LaunchTemplateConfigs?: LaunchTemplateConfig[]; + StartTime: Date | undefined; +} +export namespace DescribeSpotFleetRequestHistoryRequest { /** - *

                            The maximum price per unit hour that you are willing to pay for a Spot Instance. The - * default is the On-Demand price.

                            + * @internal */ - SpotPrice?: string; + export const filterSensitiveLog = (obj: DescribeSpotFleetRequestHistoryRequest): any => ({ + ...obj, + }); +} +/** + *

                            Describes an event in the history of the Spot Fleet request.

                            + */ +export interface HistoryRecord { /** - *

                            The number of units to request for the Spot Fleet. You can choose to set the target - * capacity in terms of instances or a performance characteristic that is important to your - * application workload, such as vCPUs, memory, or I/O. If the request type is - * maintain, you can specify a target capacity of 0 and add capacity - * later.

                            + *

                            Information about the event.

                            */ - TargetCapacity: number | undefined; + EventInformation?: EventInformation; /** - *

                            The number of On-Demand units to request. You can choose to set the target capacity in - * terms of instances or a performance characteristic that is important to your application - * workload, such as vCPUs, memory, or I/O. If the request type is maintain, - * you can specify a target capacity of 0 and add capacity later.

                            + *

                            The event type.

                            + *
                              + *
                            • + *

                              + * error - An error with the Spot Fleet request.

                              + *
                              • + *
                            • + *

                              + * fleetRequestChange - A change in the status or configuration of + * the Spot Fleet request.

                              + *
                              • + *
                            • + *

                              + * instanceChange - An instance was launched or terminated.

                              + *
                              • + *
                            • + *

                              + * Information - An informational event.

                              + *
                              • + *
                            */ - OnDemandTargetCapacity?: number; + EventType?: EventType | string; /** - *

                            The maximum amount per hour for On-Demand Instances that you're willing to pay. You - * can use the onDemandMaxTotalPrice parameter, the - * spotMaxTotalPrice parameter, or both parameters to ensure that your - * fleet cost does not exceed your budget. If you set a maximum price per hour for the - * On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the - * maximum amount you're willing to pay. When the maximum amount you're willing to pay is - * reached, the fleet stops launching instances even if it hasn’t met the target - * capacity.

                            + *

                            The date and time of the event, in UTC format (for example, + * YYYY-MM-DDTHH:MM:SSZ).

                            */ - OnDemandMaxTotalPrice?: string; + Timestamp?: Date; +} +export namespace HistoryRecord { /** - *

                            The maximum amount per hour for Spot Instances that you're willing to pay. You can use - * the spotdMaxTotalPrice parameter, the onDemandMaxTotalPrice - * parameter, or both parameters to ensure that your fleet cost does not exceed your - * budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, - * Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. - * When the maximum amount you're willing to pay is reached, the fleet stops launching - * instances even if it hasn’t met the target capacity.

                            + * @internal */ - SpotMaxTotalPrice?: string; + export const filterSensitiveLog = (obj: HistoryRecord): any => ({ + ...obj, + }); +} +/** + *

                            Contains the output of DescribeSpotFleetRequestHistory.

                            + */ +export interface DescribeSpotFleetRequestHistoryResponse { /** - *

                            Indicates whether running Spot Instances are terminated when the Spot Fleet request - * expires.

                            + *

                            Information about the events in the history of the Spot Fleet request.

                            */ - TerminateInstancesWithExpiration?: boolean; + HistoryRecords?: HistoryRecord[]; /** - *

                            The type of request. Indicates whether the Spot Fleet only requests the target - * capacity or also attempts to maintain it. When this value is request, the - * Spot Fleet only places the required requests. It does not attempt to replenish Spot - * Instances if capacity is diminished, nor does it submit requests in alternative Spot - * pools if capacity is not available. When this value is maintain, the Spot - * Fleet maintains the target capacity. The Spot Fleet places the required requests to meet - * capacity and automatically replenishes any interrupted instances. Default: - * maintain. instant is listed but is not used by Spot - * Fleet.

                            + *

                            The last date and time for the events, in UTC format (for example, + * YYYY-MM-DDTHH:MM:SSZ). + * All records up to this time were retrieved.

                            + *

                            If nextToken indicates that there are more results, this value is not + * present.

                            */ - Type?: FleetType | string; + LastEvaluatedTime?: Date; /** - *

                            The start date and time of the request, in UTC format - * (YYYY-MM-DDTHH:MM:SSZ). - * By default, Amazon EC2 starts fulfilling the request immediately.

                            + *

                            The token required to retrieve the next set of results. This value is + * null when there are no more results to return.

                            */ - ValidFrom?: Date; + NextToken?: string; /** - *

                            The end date and time of the request, in UTC format - * (YYYY-MM-DDTHH:MM:SSZ). - * After the end date and time, no new Spot Instance requests are placed or able to fulfill - * the request. If no value is specified, the Spot Fleet request remains until you cancel - * it.

                            + *

                            The ID of the Spot Fleet request.

                            */ - ValidUntil?: Date; + SpotFleetRequestId?: string; /** - *

                            Indicates whether Spot Fleet should replace unhealthy instances.

                            + *

                            The starting date and time for the events, in UTC format (for example, + * YYYY-MM-DDTHH:MM:SSZ).

                            */ - ReplaceUnhealthyInstances?: boolean; + StartTime?: Date; +} +export namespace DescribeSpotFleetRequestHistoryResponse { /** - *

                            The behavior when a Spot Instance is interrupted. The default is - * terminate.

                            + * @internal */ - InstanceInterruptionBehavior?: InstanceInterruptionBehavior | string; + export const filterSensitiveLog = (obj: DescribeSpotFleetRequestHistoryResponse): any => ({ + ...obj, + }); +} +/** + *

                            Contains the parameters for DescribeSpotFleetRequests.

                            + */ +export interface DescribeSpotFleetRequestsRequest { /** - *

                            One or more Classic Load Balancers and target groups to attach to the Spot Fleet - * request. Spot Fleet registers the running Spot Instances with the specified Classic Load - * Balancers and target groups.

                            - *

                            With Network Load Balancers, Spot Fleet cannot register instances that have the - * following instance types: C1, CC1, CC2, CG1, CG2, CR1, CS1, G1, G2, HI1, HS1, M1, M2, - * M3, and T1.

                            + *

                            Checks whether you have the required permissions for the action, without actually + * making the request, and provides an error response. If you have the required + * permissions, the error response is DryRunOperation. Otherwise, it is + * UnauthorizedOperation.

                            */ - LoadBalancersConfig?: LoadBalancersConfig; + DryRun?: boolean; /** - *

                            The number of Spot pools across which to allocate your target Spot capacity. Valid - * only when Spot AllocationStrategy is set to - * lowest-price. Spot Fleet selects the cheapest Spot pools and evenly - * allocates your target Spot capacity across the number of Spot pools that you - * specify.

                            - *

                            Note that Spot Fleet attempts to draw Spot Instances from the number of pools that you specify on a - * best effort basis. If a pool runs out of Spot capacity before fulfilling your target - * capacity, Spot Fleet will continue to fulfill your request by drawing from the next cheapest - * pool. To ensure that your target capacity is met, you might receive Spot Instances from more than - * the number of pools that you specified. Similarly, if most of the pools have no Spot - * capacity, you might receive your full target capacity from fewer than the number of - * pools that you specified.

                            + *

                            The maximum number of results to return in a single call. Specify a value between 1 + * and 1000. The default value is 1000. To retrieve the remaining results, make another + * call with the returned NextToken value.

                            */ - InstancePoolsToUseCount?: number; + MaxResults?: number; /** - *

                            Reserved.

                            + *

                            The token for the next set of results.

                            */ - Context?: string; + NextToken?: string; /** - *

                            The key-value pair for tagging the Spot Fleet request on creation. The value for - * ResourceType must be spot-fleet-request, otherwise the - * Spot Fleet request fails. To tag instances at launch, specify the tags in the launch - * template (valid only if you use LaunchTemplateConfigs) or in - * the - * SpotFleetTagSpecification - * (valid only if you use - * LaunchSpecifications). For information about tagging after launch, see - * Tagging Your Resources.

                            + *

                            The IDs of the Spot Fleet requests.

                            */ - TagSpecifications?: TagSpecification[]; + SpotFleetRequestIds?: string[]; } -export namespace SpotFleetRequestConfigData { +export namespace DescribeSpotFleetRequestsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: SpotFleetRequestConfigData): any => ({ + export const filterSensitiveLog = (obj: DescribeSpotFleetRequestsRequest): any => ({ ...obj, }); } +export enum ExcessCapacityTerminationPolicy { + DEFAULT = "default", + NO_TERMINATION = "noTermination", +} + /** - *

                            Describes a Spot Fleet request.

                            + *

                            Describes whether monitoring is enabled.

                            */ -export interface SpotFleetRequestConfig { +export interface SpotFleetMonitoring { /** - *

                            The progress of the Spot Fleet request. - * If there is an error, the status is error. - * After all requests are placed, the status is pending_fulfillment. - * If the size of the fleet is equal to or greater than its target capacity, the status is fulfilled. - * If the size of the fleet is decreased, the status is pending_termination - * while Spot Instances are terminating.

                            + *

                            Enables monitoring for the instance.

                            + *

                            Default: false + *

                            */ - ActivityStatus?: ActivityStatus | string; + Enabled?: boolean; +} +export namespace SpotFleetMonitoring { /** - *

                            The creation date and time of the request.

                            + * @internal */ - CreateTime?: Date; + export const filterSensitiveLog = (obj: SpotFleetMonitoring): any => ({ + ...obj, + }); +} +/** + *

                            Describes a network interface.

                            + */ +export interface InstanceNetworkInterfaceSpecification { /** - *

                            The configuration of the Spot Fleet request.

                            + *

                            Indicates whether to assign a public IPv4 address to an instance you launch in a VPC. The + * public IP address can only be assigned to a network interface for eth0, and can only be + * assigned to a new network interface, not an existing one. You cannot specify more than one + * network interface in the request. If launching into a default subnet, the default value is + * true.

                            */ - SpotFleetRequestConfig?: SpotFleetRequestConfigData; + AssociatePublicIpAddress?: boolean; /** - *

                            The ID of the Spot Fleet request.

                            + *

                            If set to true, the interface is deleted when the instance is terminated. You can + * specify true only if creating a new network interface when launching an + * instance.

                            */ - SpotFleetRequestId?: string; + DeleteOnTermination?: boolean; /** - *

                            The state of the Spot Fleet request.

                            + *

                            The description of the network interface. Applies only if creating a network interface when launching an instance.

                            */ - SpotFleetRequestState?: BatchState | string; + Description?: string; /** - *

                            The tags for a Spot Fleet resource.

                            + *

                            The position of the network interface in the attachment order. + * A primary network interface has a device index of 0.

                            + *

                            If you specify a network interface when launching an instance, + * you must specify the device index.

                            */ - Tags?: Tag[]; -} + DeviceIndex?: number; -export namespace SpotFleetRequestConfig { /** - * @internal + *

                            The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.

                            */ - export const filterSensitiveLog = (obj: SpotFleetRequestConfig): any => ({ - ...obj, - }); -} + Groups?: string[]; -/** - *

                            Contains the output of DescribeSpotFleetRequests.

                            - */ -export interface DescribeSpotFleetRequestsResponse { /** - *

                            The token required to retrieve the next set of results. This value is - * null when there are no more results to return.

                            + *

                            A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses + * the IPv6 addresses from the range of the subnet. You cannot specify this option and the + * option to assign specific IPv6 addresses in the same request. You can specify this + * option if you've specified a minimum number of instances to launch.

                            */ - NextToken?: string; + Ipv6AddressCount?: number; /** - *

                            Information about the configuration of your Spot Fleet.

                            + *

                            One or more IPv6 addresses to assign to the network interface. You cannot specify + * this option and the option to assign a number of IPv6 addresses in the same request. You + * cannot specify this option if you've specified a minimum number of instances to + * launch.

                            */ - SpotFleetRequestConfigs?: SpotFleetRequestConfig[]; -} + Ipv6Addresses?: InstanceIpv6Address[]; -export namespace DescribeSpotFleetRequestsResponse { /** - * @internal + *

                            The ID of the network interface.

                            + *

                            If you are creating a Spot Fleet, omit this parameter because you can’t specify a network interface ID in a launch specification.

                            */ - export const filterSensitiveLog = (obj: DescribeSpotFleetRequestsResponse): any => ({ - ...obj, - }); -} - -/** - *

                            Contains the parameters for DescribeSpotInstanceRequests.

                            - */ -export interface DescribeSpotInstanceRequestsRequest { - /** - *

                            One or more filters.

                            - *
                              - *
                            • - *

                              - * availability-zone-group - The Availability Zone group.

                              - *
                              • - *
                            • - *

                              - * create-time - The time stamp when the Spot Instance request was - * created.

                              - *
                              • - *
                            • - *

                              - * fault-code - The fault code related to the request.

                              - *
                              • - *
                            • - *

                              - * fault-message - The fault message related to the request.

                              - *
                              • - *
                            • - *

                              - * instance-id - The ID of the instance that fulfilled the - * request.

                              - *
                              • - *
                            • - *

                              - * launch-group - The Spot Instance launch group.

                              - *
                              • - *
                            • - *

                              - * launch.block-device-mapping.delete-on-termination - Indicates - * whether the EBS volume is deleted on instance termination.

                              - *
                              • - *
                            • - *

                              - * launch.block-device-mapping.device-name - The device name for the - * volume in the block device mapping (for example, /dev/sdh or - * xvdh).

                              - *
                              • - *
                            • - *

                              - * launch.block-device-mapping.snapshot-id - The ID of the snapshot - * for the EBS volume.

                              - *
                              • - *
                            • - *

                              - * launch.block-device-mapping.volume-size - The size of the EBS - * volume, in GiB.

                              - *
                              • - *
                            • - *

                              - * launch.block-device-mapping.volume-type - The type of EBS volume: - * gp2 for General Purpose SSD, io1 or - * io2 for Provisioned IOPS SSD, st1 for Throughput - * Optimized HDD, sc1for Cold HDD, or standard for - * Magnetic.

                              - *
                              • - *
                            • - *

                              - * launch.group-id - The ID of the security group for the - * instance.

                              - *
                              • - *
                            • - *

                              - * launch.group-name - The name of the security group for the - * instance.

                              - *
                              • - *
                            • - *

                              - * launch.image-id - The ID of the AMI.

                              - *
                              • - *
                            • - *

                              - * launch.instance-type - The type of instance (for example, - * m3.medium).

                              - *
                              • - *
                            • - *

                              - * launch.kernel-id - The kernel ID.

                              - *
                              • - *
                            • - *

                              - * launch.key-name - The name of the key pair the instance launched - * with.

                              - *
                              • - *
                            • - *

                              - * launch.monitoring-enabled - Whether detailed monitoring is - * enabled for the Spot Instance.

                              - *
                              • - *
                            • - *

                              - * launch.ramdisk-id - The RAM disk ID.

                              - *
                              • - *
                            • - *

                              - * launched-availability-zone - The Availability Zone in which the - * request is launched.

                              - *
                              • - *
                            • - *

                              - * network-interface.addresses.primary - Indicates whether the IP - * address is the primary private IP address.

                              - *
                              • - *
                            • - *

                              - * network-interface.delete-on-termination - Indicates whether the - * network interface is deleted when the instance is terminated.

                              - *
                              • - *
                            • - *

                              - * network-interface.description - A description of the network - * interface.

                              - *
                              • - *
                            • - *

                              - * network-interface.device-index - The index of the device for the - * network interface attachment on the instance.

                              - *
                              • - *
                            • - *

                              - * network-interface.group-id - The ID of the security group - * associated with the network interface.

                              - *
                              • - *
                            • - *

                              - * network-interface.network-interface-id - The ID of the network - * interface.

                              - *
                              • - *
                            • - *

                              - * network-interface.private-ip-address - The primary private IP - * address of the network interface.

                              - *
                              • - *
                            • - *

                              - * network-interface.subnet-id - The ID of the subnet for the - * instance.

                              - *
                              • - *
                            • - *

                              - * product-description - The product description associated with the - * instance (Linux/UNIX | Windows).

                              - *
                              • - *
                            • - *

                              - * spot-instance-request-id - The Spot Instance request ID.

                              - *
                              • - *
                            • - *

                              - * spot-price - The maximum hourly price for any Spot Instance - * launched to fulfill the request.

                              - *
                              • - *
                            • - *

                              - * state - The state of the Spot Instance request (open - * | active | closed | cancelled | - * failed). Spot request status information can help you track - * your Amazon EC2 Spot Instance requests. For more information, see Spot - * request status in the Amazon EC2 User Guide for Linux Instances.

                              - *
                              • - *
                            • - *

                              - * status-code - The short code describing the most recent - * evaluation of your Spot Instance request.

                              - *
                              • - *
                            • - *

                              - * status-message - The message explaining the status of the Spot - * Instance request.

                              - *
                              • - *
                            • - *

                              - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. - * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                              - *
                              • - *
                            • - *

                              - * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                              - *
                              • - *
                            • - *

                              - * type - The type of Spot Instance request (one-time | - * persistent).

                              - *
                              • - *
                            • - *

                              - * valid-from - The start date of the request.

                              - *
                              • - *
                            • - *

                              - * valid-until - The end date of the request.

                              - *
                              • - *
                            + NetworkInterfaceId?: string; + + /** + *

                            The private IPv4 address of the network interface. Applies only if creating a network interface when launching an instance. You cannot specify this option if you're launching + * more than one instance in a RunInstances request.

                            */ - Filters?: Filter[]; + PrivateIpAddress?: string; /** - *

                            Checks whether you have the required permissions for the action, without actually - * making the request, and provides an error response. If you have the required - * permissions, the error response is DryRunOperation. Otherwise, it is - * UnauthorizedOperation.

                            + *

                            One or more private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary. You cannot specify this option if you're + * launching more than one instance in a RunInstances request.

                            */ - DryRun?: boolean; + PrivateIpAddresses?: PrivateIpAddressSpecification[]; /** - *

                            One or more Spot Instance request IDs.

                            + *

                            The number of secondary private IPv4 addresses. You can't specify this option and specify more than one private IP address using the private IP addresses option. You cannot specify this option if you're + * launching more than one instance in a RunInstances request.

                            */ - SpotInstanceRequestIds?: string[]; + SecondaryPrivateIpAddressCount?: number; /** - *

                            The token to request the next set of results. This value is null when - * there are no more results to return.

                            + *

                            The ID of the subnet associated with the network interface. Applies only if creating a network interface when launching an instance.

                            */ - NextToken?: string; + SubnetId?: string; /** - *

                            The maximum number of results to return in a single call. Specify a value between 5 - * and 1000. To retrieve the remaining results, make another call with the returned - * NextToken value.

                            + *

                            Indicates whether to assign a carrier IP address to the network interface.

                            + *

                            You can only assign a carrier IP address to a network interface that is in a subnet in a Wavelength Zone. + * For more information about carrier IP addresses, see Carrier IP addresses in the Amazon Web Services Wavelength Developer Guide.

                            */ - MaxResults?: number; + AssociateCarrierIpAddress?: boolean; + + /** + *

                            The type of network interface.

                            + *

                            To create an Elastic Fabric Adapter (EFA), specify + * efa. For more information, see Elastic Fabric Adapter in the + * Amazon Elastic Compute Cloud User Guide.

                            + * + *

                            Valid values: interface | efa + *

                            + */ + InterfaceType?: string; + + /** + *

                            The index of the network card. Some instance types support multiple network cards. + * The primary network interface must be assigned to network card index 0. + * The default is network card index 0.

                            + *

                            If you are using RequestSpotInstances to create Spot Instances, omit this parameter because + * you can’t specify the network card index when using this API. To specify the network + * card index, use RunInstances.

                            + */ + NetworkCardIndex?: number; + + /** + *

                            One or more IPv4 delegated prefixes to be assigned to the network interface. You cannot + * use this option if you use the Ipv4PrefixCount option.

                            + */ + Ipv4Prefixes?: Ipv4PrefixSpecificationRequest[]; + + /** + *

                            The number of IPv4 delegated prefixes to be automatically assigned to the network interface. + * You cannot use this option if you use the Ipv4Prefix option.

                            + */ + Ipv4PrefixCount?: number; + + /** + *

                            One or more IPv6 delegated prefixes to be assigned to the network interface. You cannot + * use this option if you use the Ipv6PrefixCount option.

                            + */ + Ipv6Prefixes?: Ipv6PrefixSpecificationRequest[]; + + /** + *

                            The number of IPv6 delegated prefixes to be automatically assigned to the network interface. + * You cannot use this option if you use the Ipv6Prefix option.

                            + */ + Ipv6PrefixCount?: number; } -export namespace DescribeSpotInstanceRequestsRequest { +export namespace InstanceNetworkInterfaceSpecification { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeSpotInstanceRequestsRequest): any => ({ + export const filterSensitiveLog = (obj: InstanceNetworkInterfaceSpecification): any => ({ ...obj, }); } /** - *

                            Describes the monitoring of an instance.

                            + *

                            Describes Spot Instance placement.

                            */ -export interface RunInstancesMonitoringEnabled { +export interface SpotPlacement { /** - *

                            Indicates whether detailed monitoring is enabled. Otherwise, basic monitoring is - * enabled.

                            + *

                            The Availability Zone.

                            + *

                            [Spot Fleet only] To specify multiple Availability Zones, separate them using commas; + * for example, "us-west-2a, us-west-2b".

                            */ - Enabled: boolean | undefined; + AvailabilityZone?: string; + + /** + *

                            The name of the placement group.

                            + */ + GroupName?: string; + + /** + *

                            The tenancy of the instance (if the instance is running in a VPC). An instance with a + * tenancy of dedicated runs on single-tenant hardware. The host + * tenancy is not supported for Spot Instances.

                            + */ + Tenancy?: Tenancy | string; } -export namespace RunInstancesMonitoringEnabled { +export namespace SpotPlacement { /** * @internal */ - export const filterSensitiveLog = (obj: RunInstancesMonitoringEnabled): any => ({ + export const filterSensitiveLog = (obj: SpotPlacement): any => ({ ...obj, }); } /** - *

                            Describes the launch specification for an instance.

                            + *

                            The tags for a Spot Fleet resource.

                            */ -export interface LaunchSpecification { +export interface SpotFleetTagSpecification { /** - *

                            The Base64-encoded user data for the instance.

                            + *

                            The type of resource. Currently, the only resource type that is supported is + * instance. To tag the Spot Fleet request on creation, use the + * TagSpecifications parameter in + * SpotFleetRequestConfigData + * .

                            */ - UserData?: string; + ResourceType?: ResourceType | string; + + /** + *

                            The tags.

                            + */ + Tags?: Tag[]; +} + +export namespace SpotFleetTagSpecification { + /** + * @internal + */ + export const filterSensitiveLog = (obj: SpotFleetTagSpecification): any => ({ + ...obj, + }); +} +/** + *

                            Describes the launch specification for one or more Spot Instances. If you include + * On-Demand capacity in your fleet request or want to specify an EFA network device, you + * can't use SpotFleetLaunchSpecification; you must use LaunchTemplateConfig.

                            + */ +export interface SpotFleetLaunchSpecification { /** *

                            One or more security groups. When requesting instances in a VPC, you must specify the IDs of the security groups. When requesting instances in EC2-Classic, you can specify the names or the IDs of the security groups.

                            */ @@ -10298,12 +9888,15 @@ export interface LaunchSpecification { AddressingType?: string; /** - *

                            One or more block device mapping entries.

                            + *

                            One or more block devices that are mapped to the Spot Instances. You can't specify both + * a snapshot ID and an encryption value. This is because only blank volumes can be + * encrypted on creation. If a snapshot is the basis for a volume, it is not blank and its + * encryption status is used for the volume encryption status.

                            */ BlockDeviceMappings?: BlockDeviceMapping[]; /** - *

                            Indicates whether the instance is optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.

                            + *

                            Indicates whether the instances are optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.

                            *

                            Default: false *

                            */ @@ -10334,1090 +9927,1330 @@ export interface LaunchSpecification { */ KeyName?: string; + /** + *

                            Enable or disable monitoring for the instances.

                            + */ + Monitoring?: SpotFleetMonitoring; + /** *

                            One or more network interfaces. If you specify a network interface, you must specify - * subnet IDs and security group IDs using the network interface.

                            + * subnet IDs and security group IDs using the network interface.

                            + * + *

                            + * SpotFleetLaunchSpecification currently does not support Elastic Fabric Adapter (EFA). To specify an EFA, you must use LaunchTemplateConfig.

                            + *                             */ NetworkInterfaces?: InstanceNetworkInterfaceSpecification[]; /** - *

                            The placement information for the instance.

                            + *

                            The placement information.

                            */ Placement?: SpotPlacement; /** - *

                            The ID of the RAM disk.

                            + *

                            The ID of the RAM disk. Some kernels require additional drivers at launch. Check the kernel + * requirements for information about whether you need to specify a RAM disk. To find kernel + * requirements, refer to the Amazon Web Services Resource Center and search for the kernel ID.

                            + */ + RamdiskId?: string; + + /** + *

                            The maximum price per unit hour that you are willing to pay for a Spot Instance. + * If this value is not specified, the default is the Spot price specified for the fleet. + * To determine the Spot price per unit hour, divide the Spot price by the + * value of WeightedCapacity.

                            + */ + SpotPrice?: string; + + /** + *

                            The IDs of the subnets in which to launch the instances. To specify multiple subnets, separate + * them using commas; for example, "subnet-1234abcdeexample1, subnet-0987cdef6example2".

                            + */ + SubnetId?: string; + + /** + *

                            The Base64-encoded user data that instances use when starting up.

                            + */ + UserData?: string; + + /** + *

                            The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.

                            + *

                            If the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.

                            + */ + WeightedCapacity?: number; + + /** + *

                            The tags to apply during creation.

                            + */ + TagSpecifications?: SpotFleetTagSpecification[]; +} + +export namespace SpotFleetLaunchSpecification { + /** + * @internal + */ + export const filterSensitiveLog = (obj: SpotFleetLaunchSpecification): any => ({ + ...obj, + }); +} + +/** + *

                            Describes overrides for a launch template.

                            + */ +export interface LaunchTemplateOverrides { + /** + *

                            The instance type.

                            + */ + InstanceType?: _InstanceType | string; + + /** + *

                            The maximum price per unit hour that you are willing to pay for a Spot + * Instance.

                            + */ + SpotPrice?: string; + + /** + *

                            The ID of the subnet in which to launch the instances.

                            + */ + SubnetId?: string; + + /** + *

                            The Availability Zone in which to launch the instances.

                            + */ + AvailabilityZone?: string; + + /** + *

                            The number of units provided by the specified instance type.

                            + */ + WeightedCapacity?: number; + + /** + *

                            The priority for the launch template override. The highest priority is launched + * first.

                            + *

                            If OnDemandAllocationStrategy is set to prioritized, Spot Fleet + * uses priority to determine which launch template override to use first in fulfilling + * On-Demand capacity.

                            + *

                            If the Spot AllocationStrategy is set to + * capacityOptimizedPrioritized, Spot Fleet uses priority on a best-effort basis + * to determine which launch template override to use in fulfilling Spot capacity, but + * optimizes for capacity first.

                            + *

                            Valid values are whole numbers starting at 0. The lower the number, the + * higher the priority. If no number is set, the launch template override has the lowest + * priority. You can set the same priority for different launch template overrides.

                            + */ + Priority?: number; +} + +export namespace LaunchTemplateOverrides { + /** + * @internal */ - RamdiskId?: string; + export const filterSensitiveLog = (obj: LaunchTemplateOverrides): any => ({ + ...obj, + }); +} +/** + *

                            Describes a launch template and overrides.

                            + */ +export interface LaunchTemplateConfig { /** - *

                            The ID of the subnet in which to launch the instance.

                            + *

                            The launch template.

                            */ - SubnetId?: string; + LaunchTemplateSpecification?: FleetLaunchTemplateSpecification; /** - *

                            Describes the monitoring of an instance.

                            + *

                            Any parameters that you specify override the same parameters in the launch + * template.

                            */ - Monitoring?: RunInstancesMonitoringEnabled; + Overrides?: LaunchTemplateOverrides[]; } -export namespace LaunchSpecification { +export namespace LaunchTemplateConfig { /** * @internal */ - export const filterSensitiveLog = (obj: LaunchSpecification): any => ({ + export const filterSensitiveLog = (obj: LaunchTemplateConfig): any => ({ ...obj, }); } -export type SpotInstanceState = "active" | "cancelled" | "closed" | "failed" | "open"; - /** - *

                            Describes the status of a Spot Instance request.

                            + *

                            Describes a Classic Load Balancer.

                            */ -export interface SpotInstanceStatus { +export interface ClassicLoadBalancer { /** - *

                            The status code. For a list of status codes, see Spot status codes in the Amazon EC2 User Guide for Linux Instances.

                            + *

                            The name of the load balancer.

                            */ - Code?: string; + Name?: string; +} +export namespace ClassicLoadBalancer { /** - *

                            The description for the status code.

                            + * @internal */ - Message?: string; + export const filterSensitiveLog = (obj: ClassicLoadBalancer): any => ({ + ...obj, + }); +} +/** + *

                            Describes the Classic Load Balancers to attach to a Spot Fleet. Spot Fleet registers + * the running Spot Instances with these Classic Load Balancers.

                            + */ +export interface ClassicLoadBalancersConfig { /** - *

                            The date and time of the most recent status update, in UTC format (for example, - * YYYY-MM-DDTHH:MM:SSZ).

                            + *

                            One or more Classic Load Balancers.

                            */ - UpdateTime?: Date; + ClassicLoadBalancers?: ClassicLoadBalancer[]; } -export namespace SpotInstanceStatus { +export namespace ClassicLoadBalancersConfig { /** * @internal */ - export const filterSensitiveLog = (obj: SpotInstanceStatus): any => ({ + export const filterSensitiveLog = (obj: ClassicLoadBalancersConfig): any => ({ ...obj, }); } /** - *

                            Describes a Spot Instance request.

                            + *

                            Describes a load balancer target group.

                            */ -export interface SpotInstanceRequest { +export interface TargetGroup { /** - *

                            Deprecated.

                            + *

                            The Amazon Resource Name (ARN) of the target group.

                            */ - ActualBlockHourlyPrice?: string; + Arn?: string; +} +export namespace TargetGroup { /** - *

                            The Availability Zone group. If you specify the same Availability Zone group for all Spot Instance requests, all Spot Instances are launched in the same Availability Zone.

                            + * @internal */ - AvailabilityZoneGroup?: string; + export const filterSensitiveLog = (obj: TargetGroup): any => ({ + ...obj, + }); +} +/** + *

                            Describes the target groups to attach to a Spot Fleet. Spot Fleet registers the + * running Spot Instances with these target groups.

                            + */ +export interface TargetGroupsConfig { /** - *

                            Deprecated.

                            + *

                            One or more target groups.

                            */ - BlockDurationMinutes?: number; + TargetGroups?: TargetGroup[]; +} +export namespace TargetGroupsConfig { /** - *

                            The date and time when the Spot Instance request was created, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ).

                            + * @internal */ - CreateTime?: Date; + export const filterSensitiveLog = (obj: TargetGroupsConfig): any => ({ + ...obj, + }); +} +/** + *

                            Describes the Classic Load Balancers and target groups to attach to a Spot Fleet + * request.

                            + */ +export interface LoadBalancersConfig { /** - *

                            The fault codes for the Spot Instance request, if any.

                            + *

                            The Classic Load Balancers.

                            */ - Fault?: SpotInstanceStateFault; + ClassicLoadBalancersConfig?: ClassicLoadBalancersConfig; /** - *

                            The instance ID, if an instance has been launched to fulfill the Spot Instance request.

                            + *

                            The target groups.

                            */ - InstanceId?: string; + TargetGroupsConfig?: TargetGroupsConfig; +} +export namespace LoadBalancersConfig { /** - *

                            The instance launch group. Launch groups are Spot Instances that launch together and terminate together.

                            + * @internal */ - LaunchGroup?: string; + export const filterSensitiveLog = (obj: LoadBalancersConfig): any => ({ + ...obj, + }); +} - /** - *

                            Additional information for launching instances.

                            - */ - LaunchSpecification?: LaunchSpecification; +export enum OnDemandAllocationStrategy { + LOWEST_PRICE = "lowestPrice", + PRIORITIZED = "prioritized", +} - /** - *

                            The Availability Zone in which the request is launched.

                            - */ - LaunchedAvailabilityZone?: string; +export enum ReplacementStrategy { + LAUNCH = "launch", +} +/** + *

                            The Spot Instance replacement strategy to use when Amazon EC2 emits a signal that your + * Spot Instance is at an elevated risk of being interrupted. For more information, see + * Capacity rebalancing in the Amazon EC2 User Guide for Linux Instances.

                            + */ +export interface SpotCapacityRebalance { /** - *

                            The product description associated with the Spot Instance.

                            + *

                            The replacement strategy to use. Only available for fleets of type + * maintain. You must specify a value, otherwise you get an error.

                            + *

                            To allow Spot Fleet to launch a replacement Spot Instance when an instance rebalance + * notification is emitted for a Spot Instance in the fleet, specify + * launch.

                            + * + *

                            When a replacement instance is launched, the instance marked for rebalance is not + * automatically terminated. You can terminate it, or you can leave it running. You are + * charged for all instances while they are running.

                            + *                             */ - ProductDescription?: RIProductDescription | string; + ReplacementStrategy?: ReplacementStrategy | string; +} +export namespace SpotCapacityRebalance { /** - *

                            The ID of the Spot Instance request.

                            + * @internal */ - SpotInstanceRequestId?: string; + export const filterSensitiveLog = (obj: SpotCapacityRebalance): any => ({ + ...obj, + }); +} +/** + *

                            The strategies for managing your Spot Instances that are at an elevated risk of being + * interrupted.

                            + */ +export interface SpotMaintenanceStrategies { /** - *

                            The maximum price per hour that you are willing to pay for a Spot Instance.

                            + *

                            The strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an + * elevated risk of being interrupted.

                            */ - SpotPrice?: string; + CapacityRebalance?: SpotCapacityRebalance; +} +export namespace SpotMaintenanceStrategies { /** - *

                            The state of the Spot Instance request. Spot status information helps track your Spot - * Instance requests. For more information, see Spot status in the - * Amazon EC2 User Guide for Linux Instances.

                            + * @internal */ - State?: SpotInstanceState | string; + export const filterSensitiveLog = (obj: SpotMaintenanceStrategies): any => ({ + ...obj, + }); +} +/** + *

                            Describes the configuration of a Spot Fleet request.

                            + */ +export interface SpotFleetRequestConfigData { /** - *

                            The status code and status message describing the Spot Instance request.

                            + *

                            Indicates how to allocate the target Spot Instance capacity across the Spot Instance pools specified by + * the Spot Fleet request.

                            + *

                            If the allocation strategy is lowestPrice, Spot Fleet launches instances from + * the Spot Instance pools with the lowest price. This is the default allocation strategy.

                            + *

                            If the allocation strategy is diversified, Spot Fleet launches instances from + * all the Spot Instance pools that you specify.

                            + *

                            If the allocation strategy is capacityOptimized (recommended), Spot Fleet + * launches instances from Spot Instance pools with optimal capacity for the number of instances + * that are launching. To give certain instance types a higher chance of launching first, + * use capacityOptimizedPrioritized. Set a priority for each instance type by + * using the Priority parameter for LaunchTemplateOverrides. You + * can assign the same priority to different LaunchTemplateOverrides. EC2 + * implements the priorities on a best-effort basis, but optimizes for capacity first. + * capacityOptimizedPrioritized is supported only if your Spot Fleet uses a + * launch template. Note that if the OnDemandAllocationStrategy is set to + * prioritized, the same priority is applied when fulfilling On-Demand + * capacity.

                            */ - Status?: SpotInstanceStatus; + AllocationStrategy?: AllocationStrategy | string; /** - *

                            Any tags assigned to the resource.

                            + *

                            The order of the launch template overrides to use in fulfilling On-Demand capacity. If + * you specify lowestPrice, Spot Fleet uses price to determine the order, launching + * the lowest price first. If you specify prioritized, Spot Fleet uses the priority + * that you assign to each Spot Fleet launch template override, launching the highest priority + * first. If you do not specify a value, Spot Fleet defaults to lowestPrice.

                            */ - Tags?: Tag[]; + OnDemandAllocationStrategy?: OnDemandAllocationStrategy | string; /** - *

                            The Spot Instance request type.

                            + *

                            The strategies for managing your Spot Instances that are at an elevated risk of being + * interrupted.

                            */ - Type?: SpotInstanceType | string; + SpotMaintenanceStrategies?: SpotMaintenanceStrategies; /** - *

                            The start date of the request, in UTC format (for example, - * YYYY-MM-DDTHH:MM:SSZ). - * The request becomes active at this date and time.

                            + *

                            A unique, case-sensitive identifier that you provide to ensure the idempotency of your + * listings. This helps to avoid duplicate listings. For more information, see Ensuring Idempotency.

                            */ - ValidFrom?: Date; + ClientToken?: string; /** - *

                            The end date of the request, in UTC format - * (YYYY-MM-DDTHH:MM:SSZ).

                            - *
                              - *
                            • - *

                              For a persistent request, the request remains active until the validUntil date - * and time is reached. Otherwise, the request remains active until you cancel it. - *

                              - *
                              • - *
                            • - *

                              For a one-time request, the request remains active until all instances launch, - * the request is canceled, or the validUntil date and time is reached. By default, the - * request is valid for 7 days from the date the request was created.

                              - *
                              • - *
                            + *

                            Indicates whether running Spot Instances should be terminated if you decrease the + * target capacity of the Spot Fleet request below the current size of the Spot + * Fleet.

                            */ - ValidUntil?: Date; + ExcessCapacityTerminationPolicy?: ExcessCapacityTerminationPolicy | string; /** - *

                            The behavior when a Spot Instance is interrupted.

                            + *

                            The number of units fulfilled by this request compared to the set target capacity. You + * cannot set this value.

                            */ - InstanceInterruptionBehavior?: InstanceInterruptionBehavior | string; -} + FulfilledCapacity?: number; -export namespace SpotInstanceRequest { /** - * @internal - */ - export const filterSensitiveLog = (obj: SpotInstanceRequest): any => ({ - ...obj, - }); -} + *

                            The number of On-Demand units fulfilled by this request compared to the set target + * On-Demand capacity.

                            + */ + OnDemandFulfilledCapacity?: number; -/** - *

                            Contains the output of DescribeSpotInstanceRequests.

                            - */ -export interface DescribeSpotInstanceRequestsResult { /** - *

                            One or more Spot Instance requests.

                            + *

                            The Amazon Resource Name (ARN) of an Identity and Access Management (IAM) role that + * grants the Spot Fleet the permission to request, launch, terminate, and tag instances on + * your behalf. For more information, see Spot + * Fleet prerequisites in the Amazon EC2 User Guide for Linux Instances. Spot Fleet + * can terminate Spot Instances on your behalf when you cancel its Spot Fleet request using + * CancelSpotFleetRequests or when the Spot Fleet request expires, if you set + * TerminateInstancesWithExpiration.

                            */ - SpotInstanceRequests?: SpotInstanceRequest[]; + IamFleetRole: string | undefined; /** - *

                            The token to use to retrieve the next set of results. This value is null - * when there are no more results to return.

                            + *

                            The launch specifications for the Spot Fleet request. If you specify + * LaunchSpecifications, you can't specify + * LaunchTemplateConfigs. If you include On-Demand capacity in your + * request, you must use LaunchTemplateConfigs.

                            */ - NextToken?: string; -} + LaunchSpecifications?: SpotFleetLaunchSpecification[]; -export namespace DescribeSpotInstanceRequestsResult { /** - * @internal + *

                            The launch template and overrides. If you specify LaunchTemplateConfigs, + * you can't specify LaunchSpecifications. If you include On-Demand capacity + * in your request, you must use LaunchTemplateConfigs.

                            */ - export const filterSensitiveLog = (obj: DescribeSpotInstanceRequestsResult): any => ({ - ...obj, - }); -} + LaunchTemplateConfigs?: LaunchTemplateConfig[]; -/** - *

                            Contains the parameters for DescribeSpotPriceHistory.

                            - */ -export interface DescribeSpotPriceHistoryRequest { /** - *

                            One or more filters.

                            - *
                              - *
                            • - *

                              - * availability-zone - The Availability Zone for which prices should - * be returned.

                              - *
                              • - *
                            • - *

                              - * instance-type - The type of instance (for example, - * m3.medium).

                              - *
                              • - *
                            • - *

                              - * product-description - The product description for the Spot price - * (Linux/UNIX | Red Hat Enterprise Linux | - * SUSE Linux | Windows | Linux/UNIX (Amazon - * VPC) | Red Hat Enterprise Linux (Amazon VPC) | - * SUSE Linux (Amazon VPC) | Windows (Amazon - * VPC)).

                              - *
                              • - *
                            • - *

                              - * spot-price - The Spot price. The value must match exactly (or use - * wildcards; greater than or less than comparison is not supported).

                              - *
                              • - *
                            • - *

                              - * timestamp - The time stamp of the Spot price history, in UTC format - * (for example, - * YYYY-MM-DDTHH:MM:SSZ). - * You can use wildcards (* and ?). Greater than or less than comparison is not - * supported.

                              - *
                              • - *
                            + *

                            The maximum price per unit hour that you are willing to pay for a Spot Instance. The + * default is the On-Demand price.

                            */ - Filters?: Filter[]; + SpotPrice?: string; /** - *

                            Filters the results by the specified Availability Zone.

                            + *

                            The number of units to request for the Spot Fleet. You can choose to set the target + * capacity in terms of instances or a performance characteristic that is important to your + * application workload, such as vCPUs, memory, or I/O. If the request type is + * maintain, you can specify a target capacity of 0 and add capacity + * later.

                            */ - AvailabilityZone?: string; + TargetCapacity: number | undefined; /** - *

                            Checks whether you have the required permissions for the action, without actually - * making the request, and provides an error response. If you have the required - * permissions, the error response is DryRunOperation. Otherwise, it is - * UnauthorizedOperation.

                            + *

                            The number of On-Demand units to request. You can choose to set the target capacity in + * terms of instances or a performance characteristic that is important to your application + * workload, such as vCPUs, memory, or I/O. If the request type is maintain, + * you can specify a target capacity of 0 and add capacity later.

                            */ - DryRun?: boolean; + OnDemandTargetCapacity?: number; /** - *

                            The date and time, up to the current date, from which to stop retrieving the price - * history data, in UTC format (for example, - * YYYY-MM-DDTHH:MM:SSZ).

                            + *

                            The maximum amount per hour for On-Demand Instances that you're willing to pay. You + * can use the onDemandMaxTotalPrice parameter, the + * spotMaxTotalPrice parameter, or both parameters to ensure that your + * fleet cost does not exceed your budget. If you set a maximum price per hour for the + * On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the + * maximum amount you're willing to pay. When the maximum amount you're willing to pay is + * reached, the fleet stops launching instances even if it hasn’t met the target + * capacity.

                            */ - EndTime?: Date; + OnDemandMaxTotalPrice?: string; /** - *

                            Filters the results by the specified instance types.

                            + *

                            The maximum amount per hour for Spot Instances that you're willing to pay. You can use + * the spotdMaxTotalPrice parameter, the onDemandMaxTotalPrice + * parameter, or both parameters to ensure that your fleet cost does not exceed your + * budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, + * Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. + * When the maximum amount you're willing to pay is reached, the fleet stops launching + * instances even if it hasn’t met the target capacity.

                            */ - InstanceTypes?: (_InstanceType | string)[]; + SpotMaxTotalPrice?: string; /** - *

                            The maximum number of results to return in a single call. Specify a value between 1 - * and 1000. The default value is 1000. To retrieve the remaining results, make another - * call with the returned NextToken value.

                            + *

                            Indicates whether running Spot Instances are terminated when the Spot Fleet request + * expires.

                            */ - MaxResults?: number; + TerminateInstancesWithExpiration?: boolean; /** - *

                            The token for the next set of results.

                            + *

                            The type of request. Indicates whether the Spot Fleet only requests the target + * capacity or also attempts to maintain it. When this value is request, the + * Spot Fleet only places the required requests. It does not attempt to replenish Spot + * Instances if capacity is diminished, nor does it submit requests in alternative Spot + * pools if capacity is not available. When this value is maintain, the Spot + * Fleet maintains the target capacity. The Spot Fleet places the required requests to meet + * capacity and automatically replenishes any interrupted instances. Default: + * maintain. instant is listed but is not used by Spot + * Fleet.

                            */ - NextToken?: string; + Type?: FleetType | string; /** - *

                            Filters the results by the specified basic product descriptions.

                            + *

                            The start date and time of the request, in UTC format + * (YYYY-MM-DDTHH:MM:SSZ). + * By default, Amazon EC2 starts fulfilling the request immediately.

                            */ - ProductDescriptions?: string[]; + ValidFrom?: Date; /** - *

                            The date and time, up to the past 90 days, from which to start retrieving the price - * history data, in UTC format (for example, - * YYYY-MM-DDTHH:MM:SSZ).

                            + *

                            The end date and time of the request, in UTC format + * (YYYY-MM-DDTHH:MM:SSZ). + * After the end date and time, no new Spot Instance requests are placed or able to fulfill + * the request. If no value is specified, the Spot Fleet request remains until you cancel + * it.

                            */ - StartTime?: Date; -} + ValidUntil?: Date; -export namespace DescribeSpotPriceHistoryRequest { /** - * @internal + *

                            Indicates whether Spot Fleet should replace unhealthy instances.

                            */ - export const filterSensitiveLog = (obj: DescribeSpotPriceHistoryRequest): any => ({ - ...obj, - }); -} + ReplaceUnhealthyInstances?: boolean; -/** - *

                            Describes the maximum price per hour that you are willing to pay for a Spot - * Instance.

                            - */ -export interface SpotPrice { /** - *

                            The Availability Zone.

                            + *

                            The behavior when a Spot Instance is interrupted. The default is + * terminate.

                            */ - AvailabilityZone?: string; + InstanceInterruptionBehavior?: InstanceInterruptionBehavior | string; /** - *

                            The instance type.

                            + *

                            One or more Classic Load Balancers and target groups to attach to the Spot Fleet + * request. Spot Fleet registers the running Spot Instances with the specified Classic Load + * Balancers and target groups.

                            + *

                            With Network Load Balancers, Spot Fleet cannot register instances that have the + * following instance types: C1, CC1, CC2, CG1, CG2, CR1, CS1, G1, G2, HI1, HS1, M1, M2, + * M3, and T1.

                            */ - InstanceType?: _InstanceType | string; + LoadBalancersConfig?: LoadBalancersConfig; /** - *

                            A general description of the AMI.

                            + *

                            The number of Spot pools across which to allocate your target Spot capacity. Valid + * only when Spot AllocationStrategy is set to + * lowest-price. Spot Fleet selects the cheapest Spot pools and evenly + * allocates your target Spot capacity across the number of Spot pools that you + * specify.

                            + *

                            Note that Spot Fleet attempts to draw Spot Instances from the number of pools that you specify on a + * best effort basis. If a pool runs out of Spot capacity before fulfilling your target + * capacity, Spot Fleet will continue to fulfill your request by drawing from the next cheapest + * pool. To ensure that your target capacity is met, you might receive Spot Instances from more than + * the number of pools that you specified. Similarly, if most of the pools have no Spot + * capacity, you might receive your full target capacity from fewer than the number of + * pools that you specified.

                            */ - ProductDescription?: RIProductDescription | string; + InstancePoolsToUseCount?: number; /** - *

                            The maximum price per hour that you are willing to pay for a Spot Instance.

                            + *

                            Reserved.

                            */ - SpotPrice?: string; + Context?: string; /** - *

                            The date and time the request was created, in UTC format (for example, - * YYYY-MM-DDTHH:MM:SSZ).

                            + *

                            The key-value pair for tagging the Spot Fleet request on creation. The value for + * ResourceType must be spot-fleet-request, otherwise the + * Spot Fleet request fails. To tag instances at launch, specify the tags in the launch + * template (valid only if you use LaunchTemplateConfigs) or in + * the + * SpotFleetTagSpecification + * (valid only if you use + * LaunchSpecifications). For information about tagging after launch, see + * Tagging Your Resources.

                            */ - Timestamp?: Date; + TagSpecifications?: TagSpecification[]; } -export namespace SpotPrice { +export namespace SpotFleetRequestConfigData { /** * @internal */ - export const filterSensitiveLog = (obj: SpotPrice): any => ({ + export const filterSensitiveLog = (obj: SpotFleetRequestConfigData): any => ({ ...obj, }); } /** - *

                            Contains the output of DescribeSpotPriceHistory.

                            + *

                            Describes a Spot Fleet request.

                            */ -export interface DescribeSpotPriceHistoryResult { - /** - *

                            The token required to retrieve the next set of results. This value is null or an empty - * string when there are no more results to return.

                            - */ - NextToken?: string; - +export interface SpotFleetRequestConfig { /** - *

                            The historical Spot prices.

                            + *

                            The progress of the Spot Fleet request. + * If there is an error, the status is error. + * After all requests are placed, the status is pending_fulfillment. + * If the size of the fleet is equal to or greater than its target capacity, the status is fulfilled. + * If the size of the fleet is decreased, the status is pending_termination + * while Spot Instances are terminating.

                            */ - SpotPriceHistory?: SpotPrice[]; -} + ActivityStatus?: ActivityStatus | string; -export namespace DescribeSpotPriceHistoryResult { /** - * @internal + *

                            The creation date and time of the request.

                            */ - export const filterSensitiveLog = (obj: DescribeSpotPriceHistoryResult): any => ({ - ...obj, - }); -} + CreateTime?: Date; -export interface DescribeStaleSecurityGroupsRequest { /** - *

                            Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                            + *

                            The configuration of the Spot Fleet request.

                            */ - DryRun?: boolean; + SpotFleetRequestConfig?: SpotFleetRequestConfigData; /** - *

                            The maximum number of items to return for this request. The request returns a token that you can specify in a subsequent call to get the next set of results.

                            + *

                            The ID of the Spot Fleet request.

                            */ - MaxResults?: number; + SpotFleetRequestId?: string; /** - *

                            The token for the next set of items to return. (You received this token from a prior call.)

                            + *

                            The state of the Spot Fleet request.

                            */ - NextToken?: string; + SpotFleetRequestState?: BatchState | string; /** - *

                            The ID of the VPC.

                            + *

                            The tags for a Spot Fleet resource.

                            */ - VpcId: string | undefined; + Tags?: Tag[]; } -export namespace DescribeStaleSecurityGroupsRequest { +export namespace SpotFleetRequestConfig { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeStaleSecurityGroupsRequest): any => ({ + export const filterSensitiveLog = (obj: SpotFleetRequestConfig): any => ({ ...obj, }); } /** - *

                            Describes a stale rule in a security group.

                            + *

                            Contains the output of DescribeSpotFleetRequests.

                            */ -export interface StaleIpPermission { - /** - *

                            The start of the port range for the TCP and UDP protocols, or an ICMP type number. A value of - * -1 indicates all ICMP types.

                            - */ - FromPort?: number; - - /** - *

                            The IP protocol name (for tcp, udp, and icmp) or number (see Protocol Numbers).

                            - */ - IpProtocol?: string; - - /** - *

                            The IP ranges. Not applicable for stale security group rules.

                            - */ - IpRanges?: string[]; - - /** - *

                            The prefix list IDs. Not applicable for stale security group rules.

                            - */ - PrefixListIds?: string[]; - +export interface DescribeSpotFleetRequestsResponse { /** - *

                            The end of the port range for the TCP and UDP protocols, or an ICMP type number. A value of - * -1 indicates all ICMP types.

                            + *

                            The token required to retrieve the next set of results. This value is + * null when there are no more results to return.

                            */ - ToPort?: number; + NextToken?: string; /** - *

                            The security group pairs. Returns the ID of the referenced security group and VPC, and the ID and status of the VPC peering connection.

                            + *

                            Information about the configuration of your Spot Fleet.

                            */ - UserIdGroupPairs?: UserIdGroupPair[]; + SpotFleetRequestConfigs?: SpotFleetRequestConfig[]; } -export namespace StaleIpPermission { +export namespace DescribeSpotFleetRequestsResponse { /** * @internal */ - export const filterSensitiveLog = (obj: StaleIpPermission): any => ({ + export const filterSensitiveLog = (obj: DescribeSpotFleetRequestsResponse): any => ({ ...obj, }); } /** - *

                            Describes a stale security group (a security group that contains stale rules).

                            + *

                            Contains the parameters for DescribeSpotInstanceRequests.

                            */ -export interface StaleSecurityGroup { - /** - *

                            The description of the security group.

                            - */ - Description?: string; - +export interface DescribeSpotInstanceRequestsRequest { /** - *

                            The ID of the security group.

                            + *

                            One or more filters.

                            + *
                              + *
                            • + *

                              + * availability-zone-group - The Availability Zone group.

                              + *
                              • + *
                            • + *

                              + * create-time - The time stamp when the Spot Instance request was + * created.

                              + *
                              • + *
                            • + *

                              + * fault-code - The fault code related to the request.

                              + *
                              • + *
                            • + *

                              + * fault-message - The fault message related to the request.

                              + *
                              • + *
                            • + *

                              + * instance-id - The ID of the instance that fulfilled the + * request.

                              + *
                              • + *
                            • + *

                              + * launch-group - The Spot Instance launch group.

                              + *
                              • + *
                            • + *

                              + * launch.block-device-mapping.delete-on-termination - Indicates + * whether the EBS volume is deleted on instance termination.

                              + *
                              • + *
                            • + *

                              + * launch.block-device-mapping.device-name - The device name for the + * volume in the block device mapping (for example, /dev/sdh or + * xvdh).

                              + *
                              • + *
                            • + *

                              + * launch.block-device-mapping.snapshot-id - The ID of the snapshot + * for the EBS volume.

                              + *
                              • + *
                            • + *

                              + * launch.block-device-mapping.volume-size - The size of the EBS + * volume, in GiB.

                              + *
                              • + *
                            • + *

                              + * launch.block-device-mapping.volume-type - The type of EBS volume: + * gp2 for General Purpose SSD, io1 or + * io2 for Provisioned IOPS SSD, st1 for Throughput + * Optimized HDD, sc1for Cold HDD, or standard for + * Magnetic.

                              + *
                              • + *
                            • + *

                              + * launch.group-id - The ID of the security group for the + * instance.

                              + *
                              • + *
                            • + *

                              + * launch.group-name - The name of the security group for the + * instance.

                              + *
                              • + *
                            • + *

                              + * launch.image-id - The ID of the AMI.

                              + *
                              • + *
                            • + *

                              + * launch.instance-type - The type of instance (for example, + * m3.medium).

                              + *
                              • + *
                            • + *

                              + * launch.kernel-id - The kernel ID.

                              + *
                              • + *
                            • + *

                              + * launch.key-name - The name of the key pair the instance launched + * with.

                              + *
                              • + *
                            • + *

                              + * launch.monitoring-enabled - Whether detailed monitoring is + * enabled for the Spot Instance.

                              + *
                              • + *
                            • + *

                              + * launch.ramdisk-id - The RAM disk ID.

                              + *
                              • + *
                            • + *

                              + * launched-availability-zone - The Availability Zone in which the + * request is launched.

                              + *
                              • + *
                            • + *

                              + * network-interface.addresses.primary - Indicates whether the IP + * address is the primary private IP address.

                              + *
                              • + *
                            • + *

                              + * network-interface.delete-on-termination - Indicates whether the + * network interface is deleted when the instance is terminated.

                              + *
                              • + *
                            • + *

                              + * network-interface.description - A description of the network + * interface.

                              + *
                              • + *
                            • + *

                              + * network-interface.device-index - The index of the device for the + * network interface attachment on the instance.

                              + *
                              • + *
                            • + *

                              + * network-interface.group-id - The ID of the security group + * associated with the network interface.

                              + *
                              • + *
                            • + *

                              + * network-interface.network-interface-id - The ID of the network + * interface.

                              + *
                              • + *
                            • + *

                              + * network-interface.private-ip-address - The primary private IP + * address of the network interface.

                              + *
                              • + *
                            • + *

                              + * network-interface.subnet-id - The ID of the subnet for the + * instance.

                              + *
                              • + *
                            • + *

                              + * product-description - The product description associated with the + * instance (Linux/UNIX | Windows).

                              + *
                              • + *
                            • + *

                              + * spot-instance-request-id - The Spot Instance request ID.

                              + *
                              • + *
                            • + *

                              + * spot-price - The maximum hourly price for any Spot Instance + * launched to fulfill the request.

                              + *
                              • + *
                            • + *

                              + * state - The state of the Spot Instance request (open + * | active | closed | cancelled | + * failed). Spot request status information can help you track + * your Amazon EC2 Spot Instance requests. For more information, see Spot + * request status in the Amazon EC2 User Guide for Linux Instances.

                              + *
                              • + *
                            • + *

                              + * status-code - The short code describing the most recent + * evaluation of your Spot Instance request.

                              + *
                              • + *
                            • + *

                              + * status-message - The message explaining the status of the Spot + * Instance request.

                              + *
                              • + *
                            • + *

                              + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. + * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                              + *
                              • + *
                            • + *

                              + * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                              + *
                              • + *
                            • + *

                              + * type - The type of Spot Instance request (one-time | + * persistent).

                              + *
                              • + *
                            • + *

                              + * valid-from - The start date of the request.

                              + *
                              • + *
                            • + *

                              + * valid-until - The end date of the request.

                              + *
                              • + *
                            */ - GroupId?: string; + Filters?: Filter[]; /** - *

                            The name of the security group.

                            + *

                            Checks whether you have the required permissions for the action, without actually + * making the request, and provides an error response. If you have the required + * permissions, the error response is DryRunOperation. Otherwise, it is + * UnauthorizedOperation.

                            */ - GroupName?: string; + DryRun?: boolean; /** - *

                            Information about the stale inbound rules in the security group.

                            + *

                            One or more Spot Instance request IDs.

                            */ - StaleIpPermissions?: StaleIpPermission[]; + SpotInstanceRequestIds?: string[]; /** - *

                            Information about the stale outbound rules in the security group.

                            + *

                            The token to request the next set of results. This value is null when + * there are no more results to return.

                            */ - StaleIpPermissionsEgress?: StaleIpPermission[]; + NextToken?: string; /** - *

                            The ID of the VPC for the security group.

                            + *

                            The maximum number of results to return in a single call. Specify a value between 5 + * and 1000. To retrieve the remaining results, make another call with the returned + * NextToken value.

                            */ - VpcId?: string; + MaxResults?: number; } -export namespace StaleSecurityGroup { +export namespace DescribeSpotInstanceRequestsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: StaleSecurityGroup): any => ({ + export const filterSensitiveLog = (obj: DescribeSpotInstanceRequestsRequest): any => ({ ...obj, }); } -export interface DescribeStaleSecurityGroupsResult { - /** - *

                            The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.

                            - */ - NextToken?: string; - +/** + *

                            Describes the monitoring of an instance.

                            + */ +export interface RunInstancesMonitoringEnabled { /** - *

                            Information about the stale security groups.

                            + *

                            Indicates whether detailed monitoring is enabled. Otherwise, basic monitoring is + * enabled.

                            */ - StaleSecurityGroupSet?: StaleSecurityGroup[]; + Enabled: boolean | undefined; } -export namespace DescribeStaleSecurityGroupsResult { +export namespace RunInstancesMonitoringEnabled { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeStaleSecurityGroupsResult): any => ({ + export const filterSensitiveLog = (obj: RunInstancesMonitoringEnabled): any => ({ ...obj, }); } -export interface DescribeStoreImageTasksRequest { +/** + *

                            Describes the launch specification for an instance.

                            + */ +export interface LaunchSpecification { /** - *

                            The AMI IDs for which to show progress. Up to 20 AMI IDs can be included in a request.

                            + *

                            The Base64-encoded user data for the instance.

                            */ - ImageIds?: string[]; + UserData?: string; /** - *

                            Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                            + *

                            One or more security groups. When requesting instances in a VPC, you must specify the IDs of the security groups. When requesting instances in EC2-Classic, you can specify the names or the IDs of the security groups.

                            */ - DryRun?: boolean; + SecurityGroups?: GroupIdentifier[]; /** - *

                            The filters.

                            - *
                              - *
                            • - *

                              - * task-state - Returns tasks in a certain state (InProgress | - * Completed | Failed)

                              - *
                              • - *
                            • - *

                              - * bucket - Returns task information for tasks that targeted a specific - * bucket. For the filter value, specify the bucket name.

                              - *
                              • - *
                            + *

                            Deprecated.

                            */ - Filters?: Filter[]; + AddressingType?: string; /** - *

                            The token for the next page of results.

                            + *

                            One or more block device mapping entries.

                            */ - NextToken?: string; + BlockDeviceMappings?: BlockDeviceMapping[]; /** - *

                            The maximum number of results to return in a single call. To retrieve the remaining - * results, make another call with the returned NextToken value. This value can be - * between 1 and 200. You cannot specify this parameter and the ImageIDs parameter - * in the same call.

                            + *

                            Indicates whether the instance is optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.

                            + *

                            Default: false + *

                            */ - MaxResults?: number; -} + EbsOptimized?: boolean; -export namespace DescribeStoreImageTasksRequest { /** - * @internal + *

                            The IAM instance profile.

                            */ - export const filterSensitiveLog = (obj: DescribeStoreImageTasksRequest): any => ({ - ...obj, - }); -} + IamInstanceProfile?: IamInstanceProfileSpecification; -/** - *

                            The information about the AMI store task, including the progress of the task.

                            - */ -export interface StoreImageTaskResult { /** - *

                            The ID of the AMI that is being stored.

                            + *

                            The ID of the AMI.

                            */ - AmiId?: string; + ImageId?: string; /** - *

                            The time the task started.

                            + *

                            The instance type.

                            */ - TaskStartTime?: Date; + InstanceType?: _InstanceType | string; /** - *

                            The name of the Amazon S3 bucket that contains the stored AMI object.

                            + *

                            The ID of the kernel.

                            */ - Bucket?: string; + KernelId?: string; /** - *

                            The name of the stored AMI object in the bucket.

                            + *

                            The name of the key pair.

                            */ - S3objectKey?: string; + KeyName?: string; /** - *

                            The progress of the task as a percentage.

                            + *

                            One or more network interfaces. If you specify a network interface, you must specify + * subnet IDs and security group IDs using the network interface.

                            */ - ProgressPercentage?: number; + NetworkInterfaces?: InstanceNetworkInterfaceSpecification[]; /** - *

                            The state of the store task (InProgress, Completed, or - * Failed).

                            + *

                            The placement information for the instance.

                            */ - StoreTaskState?: string; + Placement?: SpotPlacement; /** - *

                            If the tasks fails, the reason for the failure is returned. If the task succeeds, - * null is returned.

                            + *

                            The ID of the RAM disk.

                            */ - StoreTaskFailureReason?: string; + RamdiskId?: string; + + /** + *

                            The ID of the subnet in which to launch the instance.

                            + */ + SubnetId?: string; + + /** + *

                            Describes the monitoring of an instance.

                            + */ + Monitoring?: RunInstancesMonitoringEnabled; } -export namespace StoreImageTaskResult { +export namespace LaunchSpecification { /** * @internal */ - export const filterSensitiveLog = (obj: StoreImageTaskResult): any => ({ + export const filterSensitiveLog = (obj: LaunchSpecification): any => ({ ...obj, }); } -export interface DescribeStoreImageTasksResult { - /** - *

                            The information about the AMI store tasks.

                            - */ - StoreImageTaskResults?: StoreImageTaskResult[]; +export type SpotInstanceState = "active" | "cancelled" | "closed" | "failed" | "open"; +/** + *

                            Describes the status of a Spot Instance request.

                            + */ +export interface SpotInstanceStatus { /** - *

                            The token to use to retrieve the next page of results. This value is null - * when there are no more results to return.

                            + *

                            The status code. For a list of status codes, see Spot status codes in the Amazon EC2 User Guide for Linux Instances.

                            */ - NextToken?: string; -} + Code?: string; -export namespace DescribeStoreImageTasksResult { /** - * @internal + *

                            The description for the status code.

                            */ - export const filterSensitiveLog = (obj: DescribeStoreImageTasksResult): any => ({ - ...obj, - }); -} + Message?: string; -export interface DescribeSubnetsRequest { /** - *

                            One or more filters.

                            - *
                              - *
                            • - *

                              - * availability-zone - The Availability Zone for the subnet. You can also use - * availabilityZone as the filter name.

                              - *
                              • - *
                            • - *

                              - * availability-zone-id - The ID of the Availability Zone for the subnet. - * You can also use availabilityZoneId as the filter name.

                              - *
                              • - *
                            • - *

                              - * available-ip-address-count - The number of IPv4 addresses in the - * subnet that are available.

                              - *
                              • - *
                            • - *

                              - * cidr-block - The IPv4 CIDR block of the subnet. The CIDR block you - * specify must exactly match the subnet's CIDR block for information to be - * returned for the subnet. You can also use cidr or - * cidrBlock as the filter names.

                              - *
                              • - *
                            • - *

                              - * default-for-az - Indicates whether this is the default subnet for the - * Availability Zone. You can also use defaultForAz as the filter name.

                              - *
                              • - *
                            • - *

                              - * ipv6-cidr-block-association.ipv6-cidr-block - An IPv6 CIDR - * block associated with the subnet.

                              - *
                              • - *
                            • - *

                              - * ipv6-cidr-block-association.association-id - An association ID - * for an IPv6 CIDR block associated with the subnet.

                              - *
                              • - *
                            • - *

                              - * ipv6-cidr-block-association.state - The state of an IPv6 CIDR - * block associated with the subnet.

                              - *
                              • - *
                            • - *

                              - * outpost-arn - The Amazon Resource Name (ARN) of the Outpost.

                              - *
                              • - *
                            • - *

                              - * owner-id - The ID of the Amazon Web Services account that owns the subnet.

                              - *
                              • - *
                            • - *

                              - * state - The state of the subnet (pending | available).

                              - *
                              • - *
                            • - *

                              - * subnet-arn - The Amazon Resource Name (ARN) of the subnet.

                              - *
                              • - *
                            • - *

                              - * subnet-id - The ID of the subnet.

                              - *
                              • - *
                            • - *

                              - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. - * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                              - *
                              • - *
                            • - *

                              - * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                              - *
                              • - *
                            • - *

                              - * vpc-id - The ID of the VPC for the subnet.

                              - *
                              • - *
                            + *

                            The date and time of the most recent status update, in UTC format (for example, + * YYYY-MM-DDTHH:MM:SSZ).

                            + */ + UpdateTime?: Date; +} + +export namespace SpotInstanceStatus { + /** + * @internal */ - Filters?: Filter[]; + export const filterSensitiveLog = (obj: SpotInstanceStatus): any => ({ + ...obj, + }); +} +/** + *

                            Describes a Spot Instance request.

                            + */ +export interface SpotInstanceRequest { /** - *

                            One or more subnet IDs.

                            - *

                            Default: Describes all your subnets.

                            + *

                            Deprecated.

                            */ - SubnetIds?: string[]; + ActualBlockHourlyPrice?: string; /** - *

                            Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                            + *

                            The Availability Zone group. If you specify the same Availability Zone group for all Spot Instance requests, all Spot Instances are launched in the same Availability Zone.

                            */ - DryRun?: boolean; + AvailabilityZoneGroup?: string; /** - *

                            The token for the next page of results.

                            + *

                            Deprecated.

                            */ - NextToken?: string; + BlockDurationMinutes?: number; /** - *

                            The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

                            + *

                            The date and time when the Spot Instance request was created, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ).

                            */ - MaxResults?: number; -} + CreateTime?: Date; -export namespace DescribeSubnetsRequest { /** - * @internal + *

                            The fault codes for the Spot Instance request, if any.

                            */ - export const filterSensitiveLog = (obj: DescribeSubnetsRequest): any => ({ - ...obj, - }); -} + Fault?: SpotInstanceStateFault; -export interface DescribeSubnetsResult { /** - *

                            Information about one or more subnets.

                            + *

                            The instance ID, if an instance has been launched to fulfill the Spot Instance request.

                            */ - Subnets?: Subnet[]; + InstanceId?: string; /** - *

                            The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                            + *

                            The instance launch group. Launch groups are Spot Instances that launch together and terminate together.

                            */ - NextToken?: string; -} + LaunchGroup?: string; -export namespace DescribeSubnetsResult { /** - * @internal + *

                            Additional information for launching instances.

                            */ - export const filterSensitiveLog = (obj: DescribeSubnetsResult): any => ({ - ...obj, - }); -} + LaunchSpecification?: LaunchSpecification; -export interface DescribeTagsRequest { /** - *

                            Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                            + *

                            The Availability Zone in which the request is launched.

                            */ - DryRun?: boolean; + LaunchedAvailabilityZone?: string; /** - *

                            The filters.

                            - *
                              - *
                            • - *

                              - * key - The tag key.

                              - *
                              • - *
                            • - *

                              - * resource-id - The ID of the resource.

                              - *
                              • - *
                            • - *

                              - * resource-type - The resource type (customer-gateway | dedicated-host | dhcp-options | elastic-ip | fleet | fpga-image | host-reservation | image | instance | internet-gateway | key-pair | launch-template | natgateway | network-acl | network-interface | placement-group | reserved-instances | route-table | security-group | snapshot | spot-instances-request | subnet | volume | vpc | vpc-endpoint | vpc-endpoint-service | vpc-peering-connection | vpn-connection | vpn-gateway).

                              - *
                              • - *
                            • - *

                              - * tag: - The key/value combination of the tag. For example, - * specify "tag:Owner" for the filter name and "TeamA" for the filter value to find - * resources with the tag "Owner=TeamA".

                              - *
                              • - *
                            • - *

                              - * value - The tag value.

                              - *
                              • - *
                            + *

                            The product description associated with the Spot Instance.

                            */ - Filters?: Filter[]; + ProductDescription?: RIProductDescription | string; /** - *

                            The maximum number of results to return in a single call. - * This value can be between 5 and 1000. - * To retrieve the remaining results, make another call with the returned NextToken value.

                            + *

                            The ID of the Spot Instance request.

                            */ - MaxResults?: number; + SpotInstanceRequestId?: string; /** - *

                            The token to retrieve the next page of results.

                            + *

                            The maximum price per hour that you are willing to pay for a Spot Instance.

                            */ - NextToken?: string; -} + SpotPrice?: string; -export namespace DescribeTagsRequest { /** - * @internal + *

                            The state of the Spot Instance request. Spot status information helps track your Spot + * Instance requests. For more information, see Spot status in the + * Amazon EC2 User Guide for Linux Instances.

                            */ - export const filterSensitiveLog = (obj: DescribeTagsRequest): any => ({ - ...obj, - }); -} + State?: SpotInstanceState | string; -/** - *

                            Describes a tag.

                            - */ -export interface TagDescription { /** - *

                            The tag key.

                            + *

                            The status code and status message describing the Spot Instance request.

                            */ - Key?: string; + Status?: SpotInstanceStatus; /** - *

                            The ID of the resource.

                            + *

                            Any tags assigned to the resource.

                            */ - ResourceId?: string; + Tags?: Tag[]; /** - *

                            The resource type.

                            + *

                            The Spot Instance request type.

                            */ - ResourceType?: ResourceType | string; + Type?: SpotInstanceType | string; /** - *

                            The tag value.

                            + *

                            The start date of the request, in UTC format (for example, + * YYYY-MM-DDTHH:MM:SSZ). + * The request becomes active at this date and time.

                            */ - Value?: string; + ValidFrom?: Date; + + /** + *

                            The end date of the request, in UTC format + * (YYYY-MM-DDTHH:MM:SSZ).

                            + *
                              + *
                            • + *

                              For a persistent request, the request remains active until the validUntil date + * and time is reached. Otherwise, the request remains active until you cancel it. + *

                              + *
                              • + *
                            • + *

                              For a one-time request, the request remains active until all instances launch, + * the request is canceled, or the validUntil date and time is reached. By default, the + * request is valid for 7 days from the date the request was created.

                              + *
                              • + *
                            + */ + ValidUntil?: Date; + + /** + *

                            The behavior when a Spot Instance is interrupted.

                            + */ + InstanceInterruptionBehavior?: InstanceInterruptionBehavior | string; } -export namespace TagDescription { +export namespace SpotInstanceRequest { /** * @internal */ - export const filterSensitiveLog = (obj: TagDescription): any => ({ + export const filterSensitiveLog = (obj: SpotInstanceRequest): any => ({ ...obj, }); } -export interface DescribeTagsResult { +/** + *

                            Contains the output of DescribeSpotInstanceRequests.

                            + */ +export interface DescribeSpotInstanceRequestsResult { /** - *

                            The token to use to retrieve the next page of results. This value is - * null when there are no more results to return.

                            + *

                            One or more Spot Instance requests.

                            */ - NextToken?: string; + SpotInstanceRequests?: SpotInstanceRequest[]; /** - *

                            The tags.

                            + *

                            The token to use to retrieve the next set of results. This value is null + * when there are no more results to return.

                            */ - Tags?: TagDescription[]; + NextToken?: string; } -export namespace DescribeTagsResult { +export namespace DescribeSpotInstanceRequestsResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeTagsResult): any => ({ + export const filterSensitiveLog = (obj: DescribeSpotInstanceRequestsResult): any => ({ ...obj, }); } -export interface DescribeTrafficMirrorFiltersRequest { +/** + *

                            Contains the parameters for DescribeSpotPriceHistory.

                            + */ +export interface DescribeSpotPriceHistoryRequest { /** - *

                            The ID of the Traffic Mirror filter.

                            + *

                            One or more filters.

                            + *
                              + *
                            • + *

                              + * availability-zone - The Availability Zone for which prices should + * be returned.

                              + *
                              • + *
                            • + *

                              + * instance-type - The type of instance (for example, + * m3.medium).

                              + *
                              • + *
                            • + *

                              + * product-description - The product description for the Spot price + * (Linux/UNIX | Red Hat Enterprise Linux | + * SUSE Linux | Windows | Linux/UNIX (Amazon + * VPC) | Red Hat Enterprise Linux (Amazon VPC) | + * SUSE Linux (Amazon VPC) | Windows (Amazon + * VPC)).

                              + *
                              • + *
                            • + *

                              + * spot-price - The Spot price. The value must match exactly (or use + * wildcards; greater than or less than comparison is not supported).

                              + *
                              • + *
                            • + *

                              + * timestamp - The time stamp of the Spot price history, in UTC format + * (for example, + * YYYY-MM-DDTHH:MM:SSZ). + * You can use wildcards (* and ?). Greater than or less than comparison is not + * supported.

                              + *
                              • + *
                            */ - TrafficMirrorFilterIds?: string[]; + Filters?: Filter[]; /** - *

                            Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                            + *

                            Filters the results by the specified Availability Zone.

                            + */ + AvailabilityZone?: string; + + /** + *

                            Checks whether you have the required permissions for the action, without actually + * making the request, and provides an error response. If you have the required + * permissions, the error response is DryRunOperation. Otherwise, it is + * UnauthorizedOperation.

                            */ DryRun?: boolean; /** - *

                            One or more filters. The possible values are:

                            - *
                              - *
                            • - *

                              - * description: The Traffic Mirror filter description.

                              - *
                              • - *
                            • - *

                              - * traffic-mirror-filter-id: The ID of the Traffic Mirror filter.

                              - *
                              • - *
                            + *

                            The date and time, up to the current date, from which to stop retrieving the price + * history data, in UTC format (for example, + * YYYY-MM-DDTHH:MM:SSZ).

                            */ - Filters?: Filter[]; + EndTime?: Date; /** - *

                            The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

                            + *

                            Filters the results by the specified instance types.

                            */ - MaxResults?: number; + InstanceTypes?: (_InstanceType | string)[]; /** - *

                            The token for the next page of results.

                            + *

                            The maximum number of results to return in a single call. Specify a value between 1 + * and 1000. The default value is 1000. To retrieve the remaining results, make another + * call with the returned NextToken value.

                            */ - NextToken?: string; -} + MaxResults?: number; -export namespace DescribeTrafficMirrorFiltersRequest { /** - * @internal + *

                            The token for the next set of results.

                            */ - export const filterSensitiveLog = (obj: DescribeTrafficMirrorFiltersRequest): any => ({ - ...obj, - }); -} + NextToken?: string; -export interface DescribeTrafficMirrorFiltersResult { /** - *

                            Information about one or more Traffic Mirror filters.

                            + *

                            Filters the results by the specified basic product descriptions.

                            */ - TrafficMirrorFilters?: TrafficMirrorFilter[]; + ProductDescriptions?: string[]; /** - *

                            The token to use to retrieve the next page of results. The value is null when there are no more results to return.

                            + *

                            The date and time, up to the past 90 days, from which to start retrieving the price + * history data, in UTC format (for example, + * YYYY-MM-DDTHH:MM:SSZ).

                            */ - NextToken?: string; + StartTime?: Date; } -export namespace DescribeTrafficMirrorFiltersResult { +export namespace DescribeSpotPriceHistoryRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeTrafficMirrorFiltersResult): any => ({ + export const filterSensitiveLog = (obj: DescribeSpotPriceHistoryRequest): any => ({ ...obj, }); } -export interface DescribeTrafficMirrorSessionsRequest { +/** + *

                            Describes the maximum price per hour that you are willing to pay for a Spot + * Instance.

                            + */ +export interface SpotPrice { /** - *

                            The ID of the Traffic Mirror session.

                            + *

                            The Availability Zone.

                            */ - TrafficMirrorSessionIds?: string[]; + AvailabilityZone?: string; /** - *

                            Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                            + *

                            The instance type.

                            */ - DryRun?: boolean; + InstanceType?: _InstanceType | string; /** - *

                            One or more filters. The possible values are:

                            - *
                              - *
                            • - *

                              - * description: The Traffic Mirror session description.

                              - *
                              • - *
                            • - *

                              - * network-interface-id: The ID of the Traffic Mirror session network interface.

                              - *
                              • - *
                            • - *

                              - * owner-id: The ID of the account that owns the Traffic Mirror session.

                              - *
                              • - *
                            • - *

                              - * packet-length: The assigned number of packets to mirror.

                              - *
                              • - *
                            • - *

                              - * session-number: The assigned session number.

                              - *
                              • - *
                            • - *

                              - * traffic-mirror-filter-id: The ID of the Traffic Mirror filter.

                              - *
                              • - *
                            • - *

                              - * traffic-mirror-session-id: The ID of the Traffic Mirror session.

                              - *
                              • - *
                            • - *

                              - * traffic-mirror-target-id: The ID of the Traffic Mirror target.

                              - *
                              • - *
                            • - *

                              - * virtual-network-id: The virtual network ID of the Traffic Mirror session.

                              - *
                              • - *
                            + *

                            A general description of the AMI.

                            */ - Filters?: Filter[]; + ProductDescription?: RIProductDescription | string; /** - *

                            The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

                            + *

                            The maximum price per hour that you are willing to pay for a Spot Instance.

                            */ - MaxResults?: number; + SpotPrice?: string; /** - *

                            The token for the next page of results.

                            + *

                            The date and time the request was created, in UTC format (for example, + * YYYY-MM-DDTHH:MM:SSZ).

                            */ - NextToken?: string; + Timestamp?: Date; } -export namespace DescribeTrafficMirrorSessionsRequest { +export namespace SpotPrice { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeTrafficMirrorSessionsRequest): any => ({ + export const filterSensitiveLog = (obj: SpotPrice): any => ({ ...obj, }); } -export interface DescribeTrafficMirrorSessionsResult { +/** + *

                            Contains the output of DescribeSpotPriceHistory.

                            + */ +export interface DescribeSpotPriceHistoryResult { /** - *

                            Describes one or more Traffic Mirror sessions. By default, all Traffic Mirror sessions are described. Alternatively, you can filter the results.

                            + *

                            The token required to retrieve the next set of results. This value is null or an empty + * string when there are no more results to return.

                            */ - TrafficMirrorSessions?: TrafficMirrorSession[]; + NextToken?: string; /** - *

                            The token to use to retrieve the next page of results. The value is null when there are no more results to return.

                            + *

                            The historical Spot prices.

                            */ - NextToken?: string; + SpotPriceHistory?: SpotPrice[]; } -export namespace DescribeTrafficMirrorSessionsResult { +export namespace DescribeSpotPriceHistoryResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeTrafficMirrorSessionsResult): any => ({ + export const filterSensitiveLog = (obj: DescribeSpotPriceHistoryResult): any => ({ ...obj, }); } -export interface DescribeTrafficMirrorTargetsRequest { - /** - *

                            The ID of the Traffic Mirror targets.

                            - */ - TrafficMirrorTargetIds?: string[]; - +export interface DescribeStaleSecurityGroupsRequest { /** *

                            Checks whether you have the required permissions for the action, without actually making the request, * and provides an error response. If you have the required permissions, the error response is DryRunOperation. @@ -11426,295 +11259,362 @@ export interface DescribeTrafficMirrorTargetsRequest { DryRun?: boolean; /** - *

                            One or more filters. The possible values are:

                            - *
                              - *
                            • - *

                              - * description: The Traffic Mirror target description.

                              - *
                              • - *
                            • - *

                              - * network-interface-id: The ID of the Traffic Mirror session network interface.

                              - *
                              • - *
                            • - *

                              - * network-load-balancer-arn: The Amazon Resource Name (ARN) of the Network Load Balancer that is associated with the session.

                              - *
                              • - *
                            • - *

                              - * owner-id: The ID of the account that owns the Traffic Mirror session.

                              - *
                              • - *
                            • - *

                              - * traffic-mirror-target-id: The ID of the Traffic Mirror target.

                              - *
                              • - *
                            + *

                            The maximum number of items to return for this request. The request returns a token that you can specify in a subsequent call to get the next set of results.

                            */ - Filters?: Filter[]; + MaxResults?: number; /** - *

                            The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

                            + *

                            The token for the next set of items to return. (You received this token from a prior call.)

                            */ - MaxResults?: number; + NextToken?: string; /** - *

                            The token for the next page of results.

                            + *

                            The ID of the VPC.

                            */ - NextToken?: string; + VpcId: string | undefined; } -export namespace DescribeTrafficMirrorTargetsRequest { +export namespace DescribeStaleSecurityGroupsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeTrafficMirrorTargetsRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeStaleSecurityGroupsRequest): any => ({ ...obj, }); } -export interface DescribeTrafficMirrorTargetsResult { +/** + *

                            Describes a stale rule in a security group.

                            + */ +export interface StaleIpPermission { /** - *

                            Information about one or more Traffic Mirror targets.

                            + *

                            The start of the port range for the TCP and UDP protocols, or an ICMP type number. A value of + * -1 indicates all ICMP types.

                            */ - TrafficMirrorTargets?: TrafficMirrorTarget[]; + FromPort?: number; /** - *

                            The token to use to retrieve the next page of results. The value is null when there are no more results to return.

                            + *

                            The IP protocol name (for tcp, udp, and icmp) or number (see Protocol Numbers).

                            */ - NextToken?: string; -} + IpProtocol?: string; -export namespace DescribeTrafficMirrorTargetsResult { /** - * @internal + *

                            The IP ranges. Not applicable for stale security group rules.

                            */ - export const filterSensitiveLog = (obj: DescribeTrafficMirrorTargetsResult): any => ({ - ...obj, - }); -} + IpRanges?: string[]; -export interface DescribeTransitGatewayAttachmentsRequest { /** - *

                            The IDs of the attachments.

                            + *

                            The prefix list IDs. Not applicable for stale security group rules.

                            */ - TransitGatewayAttachmentIds?: string[]; + PrefixListIds?: string[]; /** - *

                            One or more filters. The possible values are:

                            - *
                              - *
                            • - *

                              - * association.state - The state of the association (associating | associated | - * disassociating).

                              - *
                              • - *
                            • - *

                              - * association.transit-gateway-route-table-id - The ID of the route table for the transit gateway.

                              - *
                              • - *
                            • - *

                              - * resource-id - The ID of the resource.

                              - *
                              • - *
                            • - *

                              - * resource-owner-id - The ID of the Amazon Web Services account that owns the resource.

                              - *
                              • - *
                            • - *

                              - * resource-type - The resource type. Valid values are vpc - * | vpn | direct-connect-gateway | peering - * | connect.

                              - *
                              • - *
                            • - *

                              - * state - The state of the attachment. Valid values are available | deleted | deleting | failed | failing | initiatingRequest | modifying | pendingAcceptance | pending | rollingBack | rejected | rejecting.

                              - *
                              • - *
                            • - *

                              - * transit-gateway-attachment-id - The ID of the attachment.

                              - *
                              • - *
                            • - *

                              - * transit-gateway-id - The ID of the transit gateway.

                              - *
                              • - *
                            • - *

                              - * transit-gateway-owner-id - The ID of the Amazon Web Services account that owns the transit gateway.

                              - *
                              • - *
                            + *

                            The end of the port range for the TCP and UDP protocols, or an ICMP type number. A value of + * -1 indicates all ICMP types.

                            + */ + ToPort?: number; + + /** + *

                            The security group pairs. Returns the ID of the referenced security group and VPC, and the ID and status of the VPC peering connection.

                            + */ + UserIdGroupPairs?: UserIdGroupPair[]; +} + +export namespace StaleIpPermission { + /** + * @internal */ - Filters?: Filter[]; + export const filterSensitiveLog = (obj: StaleIpPermission): any => ({ + ...obj, + }); +} +/** + *

                            Describes a stale security group (a security group that contains stale rules).

                            + */ +export interface StaleSecurityGroup { /** - *

                            The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

                            + *

                            The description of the security group.

                            */ - MaxResults?: number; + Description?: string; /** - *

                            The token for the next page of results.

                            + *

                            The ID of the security group.

                            */ - NextToken?: string; + GroupId?: string; /** - *

                            Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                            + *

                            The name of the security group.

                            */ - DryRun?: boolean; + GroupName?: string; + + /** + *

                            Information about the stale inbound rules in the security group.

                            + */ + StaleIpPermissions?: StaleIpPermission[]; + + /** + *

                            Information about the stale outbound rules in the security group.

                            + */ + StaleIpPermissionsEgress?: StaleIpPermission[]; + + /** + *

                            The ID of the VPC for the security group.

                            + */ + VpcId?: string; } -export namespace DescribeTransitGatewayAttachmentsRequest { +export namespace StaleSecurityGroup { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeTransitGatewayAttachmentsRequest): any => ({ + export const filterSensitiveLog = (obj: StaleSecurityGroup): any => ({ ...obj, }); } -/** - *

                            Describes an association.

                            - */ -export interface TransitGatewayAttachmentAssociation { +export interface DescribeStaleSecurityGroupsResult { /** - *

                            The ID of the route table for the transit gateway.

                            + *

                            The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.

                            */ - TransitGatewayRouteTableId?: string; + NextToken?: string; /** - *

                            The state of the association.

                            + *

                            Information about the stale security groups.

                            */ - State?: TransitGatewayAssociationState | string; + StaleSecurityGroupSet?: StaleSecurityGroup[]; } -export namespace TransitGatewayAttachmentAssociation { +export namespace DescribeStaleSecurityGroupsResult { /** * @internal */ - export const filterSensitiveLog = (obj: TransitGatewayAttachmentAssociation): any => ({ + export const filterSensitiveLog = (obj: DescribeStaleSecurityGroupsResult): any => ({ ...obj, }); } -/** - *

                            Describes an attachment between a resource and a transit gateway.

                            - */ -export interface TransitGatewayAttachment { +export interface DescribeStoreImageTasksRequest { /** - *

                            The ID of the attachment.

                            + *

                            The AMI IDs for which to show progress. Up to 20 AMI IDs can be included in a request.

                            */ - TransitGatewayAttachmentId?: string; + ImageIds?: string[]; /** - *

                            The ID of the transit gateway.

                            + *

                            Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                            */ - TransitGatewayId?: string; + DryRun?: boolean; /** - *

                            The ID of the Amazon Web Services account that owns the transit gateway.

                            + *

                            The filters.

                            + *
                              + *
                            • + *

                              + * task-state - Returns tasks in a certain state (InProgress | + * Completed | Failed)

                              + *
                              • + *
                            • + *

                              + * bucket - Returns task information for tasks that targeted a specific + * bucket. For the filter value, specify the bucket name.

                              + *
                              • + *
                            */ - TransitGatewayOwnerId?: string; + Filters?: Filter[]; /** - *

                            The ID of the Amazon Web Services account that owns the resource.

                            + *

                            The token for the next page of results.

                            */ - ResourceOwnerId?: string; + NextToken?: string; /** - *

                            The resource type. Note that the tgw-peering resource type has been deprecated.

                            + *

                            The maximum number of results to return in a single call. To retrieve the remaining + * results, make another call with the returned NextToken value. This value can be + * between 1 and 200. You cannot specify this parameter and the ImageIDs parameter + * in the same call.

                            */ - ResourceType?: TransitGatewayAttachmentResourceType | string; + MaxResults?: number; +} +export namespace DescribeStoreImageTasksRequest { /** - *

                            The ID of the resource.

                            + * @internal */ - ResourceId?: string; + export const filterSensitiveLog = (obj: DescribeStoreImageTasksRequest): any => ({ + ...obj, + }); +} +/** + *

                            The information about the AMI store task, including the progress of the task.

                            + */ +export interface StoreImageTaskResult { /** - *

                            The attachment state. Note that the initiating state has been deprecated.

                            + *

                            The ID of the AMI that is being stored.

                            */ - State?: TransitGatewayAttachmentState | string; + AmiId?: string; /** - *

                            The association.

                            + *

                            The time the task started.

                            */ - Association?: TransitGatewayAttachmentAssociation; + TaskStartTime?: Date; /** - *

                            The creation time.

                            + *

                            The name of the Amazon S3 bucket that contains the stored AMI object.

                            */ - CreationTime?: Date; + Bucket?: string; /** - *

                            The tags for the attachment.

                            + *

                            The name of the stored AMI object in the bucket.

                            */ - Tags?: Tag[]; + S3objectKey?: string; + + /** + *

                            The progress of the task as a percentage.

                            + */ + ProgressPercentage?: number; + + /** + *

                            The state of the store task (InProgress, Completed, or + * Failed).

                            + */ + StoreTaskState?: string; + + /** + *

                            If the tasks fails, the reason for the failure is returned. If the task succeeds, + * null is returned.

                            + */ + StoreTaskFailureReason?: string; } -export namespace TransitGatewayAttachment { +export namespace StoreImageTaskResult { /** * @internal */ - export const filterSensitiveLog = (obj: TransitGatewayAttachment): any => ({ + export const filterSensitiveLog = (obj: StoreImageTaskResult): any => ({ ...obj, }); } -export interface DescribeTransitGatewayAttachmentsResult { +export interface DescribeStoreImageTasksResult { /** - *

                            Information about the attachments.

                            + *

                            The information about the AMI store tasks.

                            */ - TransitGatewayAttachments?: TransitGatewayAttachment[]; + StoreImageTaskResults?: StoreImageTaskResult[]; /** - *

                            The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                            + *

                            The token to use to retrieve the next page of results. This value is null + * when there are no more results to return.

                            */ NextToken?: string; } -export namespace DescribeTransitGatewayAttachmentsResult { +export namespace DescribeStoreImageTasksResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeTransitGatewayAttachmentsResult): any => ({ + export const filterSensitiveLog = (obj: DescribeStoreImageTasksResult): any => ({ ...obj, }); } -export interface DescribeTransitGatewayConnectPeersRequest { - /** - *

                            The IDs of the Connect peers.

                            - */ - TransitGatewayConnectPeerIds?: string[]; - +export interface DescribeSubnetsRequest { /** - *

                            One or more filters. The possible values are:

                            + *

                            One or more filters.

                            *
                              *
                            • - *

                              - * state - The state of the Connect peer (pending | - * available | deleting | - * deleted).

                              + *

                              + * availability-zone - The Availability Zone for the subnet. You can also use + * availabilityZone as the filter name.

                              *
                              • *
                            • - *

                              - * transit-gateway-attachment-id - The ID of the attachment.

                              + *

                              + * availability-zone-id - The ID of the Availability Zone for the subnet. + * You can also use availabilityZoneId as the filter name.

                              *
                              • *
                            • - *

                              - * transit-gateway-connect-peer-id - The ID of the Connect peer.

                              + *

                              + * available-ip-address-count - The number of IPv4 addresses in the + * subnet that are available.

                              + *
                              • + *
                            • + *

                              + * cidr-block - The IPv4 CIDR block of the subnet. The CIDR block you + * specify must exactly match the subnet's CIDR block for information to be + * returned for the subnet. You can also use cidr or + * cidrBlock as the filter names.

                              + *
                              • + *
                            • + *

                              + * default-for-az - Indicates whether this is the default subnet for the + * Availability Zone. You can also use defaultForAz as the filter name.

                              + *
                              • + *
                            • + *

                              + * ipv6-cidr-block-association.ipv6-cidr-block - An IPv6 CIDR + * block associated with the subnet.

                              + *
                              • + *
                            • + *

                              + * ipv6-cidr-block-association.association-id - An association ID + * for an IPv6 CIDR block associated with the subnet.

                              + *
                              • + *
                            • + *

                              + * ipv6-cidr-block-association.state - The state of an IPv6 CIDR + * block associated with the subnet.

                              + *
                              • + *
                            • + *

                              + * outpost-arn - The Amazon Resource Name (ARN) of the Outpost.

                              + *
                              • + *
                            • + *

                              + * owner-id - The ID of the Amazon Web Services account that owns the subnet.

                              + *
                              • + *
                            • + *

                              + * state - The state of the subnet (pending | available).

                              + *
                              • + *
                            • + *

                              + * subnet-arn - The Amazon Resource Name (ARN) of the subnet.

                              + *
                              • + *
                            • + *

                              + * subnet-id - The ID of the subnet.

                              + *
                              • + *
                            • + *

                              + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. + * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                              + *
                              • + *
                            • + *

                              + * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                              + *
                              • + *
                            • + *

                              + * vpc-id - The ID of the VPC for the subnet.

                              *
                              • *
                            */ Filters?: Filter[]; /** - *

                            The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

                            + *

                            One or more subnet IDs.

                            + *

                            Default: Describes all your subnets.

                            + */ + SubnetIds?: string[]; + + /** + *

                            Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                            */ - MaxResults?: number; + DryRun?: boolean; /** *

                            The token for the next page of results.

                            @@ -11722,27 +11622,26 @@ export interface DescribeTransitGatewayConnectPeersRequest { NextToken?: string; /** - *

                            Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                            + *

                            The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                            */ - DryRun?: boolean; + MaxResults?: number; } -export namespace DescribeTransitGatewayConnectPeersRequest { +export namespace DescribeSubnetsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeTransitGatewayConnectPeersRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeSubnetsRequest): any => ({ ...obj, }); } -export interface DescribeTransitGatewayConnectPeersResult { +export interface DescribeSubnetsResult { /** - *

                            Information about the Connect peers.

                            + *

                            Information about one or more subnets.

                            */ - TransitGatewayConnectPeers?: TransitGatewayConnectPeer[]; + Subnets?: Subnet[]; /** *

                            The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                            @@ -11750,214 +11649,153 @@ export interface DescribeTransitGatewayConnectPeersResult { NextToken?: string; } -export namespace DescribeTransitGatewayConnectPeersResult { +export namespace DescribeSubnetsResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeTransitGatewayConnectPeersResult): any => ({ + export const filterSensitiveLog = (obj: DescribeSubnetsResult): any => ({ ...obj, }); } -export interface DescribeTransitGatewayConnectsRequest { +export interface DescribeTagsRequest { /** - *

                            The IDs of the attachments.

                            + *

                            Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                            */ - TransitGatewayAttachmentIds?: string[]; + DryRun?: boolean; /** - *

                            One or more filters. The possible values are:

                            - *
                              + *

                              The filters.

                              + *
                                *
                              • *

                                - * options.protocol - The tunnel protocol (gre).

                                + * key - The tag key.

                                *
                                • *
                              • *

                                - * state - The state of the attachment (initiating | - * initiatingRequest | pendingAcceptance | - * rollingBack | pending | available | - * modifying | deleting | deleted | - * failed | rejected | rejecting | - * failing).

                                + * resource-id - The ID of the resource.

                                *
                                • *
                              • - *

                                - * transit-gateway-attachment-id - The ID of the - * Connect attachment.

                                + *

                                + * resource-type - The resource type (customer-gateway | dedicated-host | dhcp-options | elastic-ip | fleet | fpga-image | host-reservation | image | instance | internet-gateway | key-pair | launch-template | natgateway | network-acl | network-interface | placement-group | reserved-instances | route-table | security-group | snapshot | spot-instances-request | subnet | volume | vpc | vpc-endpoint | vpc-endpoint-service | vpc-peering-connection | vpn-connection | vpn-gateway).

                                *
                                • *
                              • *

                                - * transit-gateway-id - The ID of the transit gateway.

                                + * tag: - The key/value combination of the tag. For example, + * specify "tag:Owner" for the filter name and "TeamA" for the filter value to find + * resources with the tag "Owner=TeamA".

                                *
                                • *
                              • *

                                - * transport-transit-gateway-attachment-id - The ID of the transit gateway attachment from which the Connect attachment was created.

                                + * value - The tag value.

                                *
                                • *
                              */ Filters?: Filter[]; /** - *

                              The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

                              + *

                              The maximum number of results to return in a single call. + * This value can be between 5 and 1000. + * To retrieve the remaining results, make another call with the returned NextToken value.

                              */ MaxResults?: number; /** - *

                              The token for the next page of results.

                              - */ - NextToken?: string; - - /** - *

                              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                              - */ - DryRun?: boolean; -} - -export namespace DescribeTransitGatewayConnectsRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DescribeTransitGatewayConnectsRequest): any => ({ - ...obj, - }); -} - -export interface DescribeTransitGatewayConnectsResult { - /** - *

                              Information about the Connect attachments.

                              - */ - TransitGatewayConnects?: TransitGatewayConnect[]; - - /** - *

                              The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                              + *

                              The token to retrieve the next page of results.

                              */ NextToken?: string; } -export namespace DescribeTransitGatewayConnectsResult { +export namespace DescribeTagsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeTransitGatewayConnectsResult): any => ({ + export const filterSensitiveLog = (obj: DescribeTagsRequest): any => ({ ...obj, }); } -export interface DescribeTransitGatewayMulticastDomainsRequest { - /** - *

                              The ID of the transit gateway multicast domain.

                              - */ - TransitGatewayMulticastDomainIds?: string[]; - +/** + *

                              Describes a tag.

                              + */ +export interface TagDescription { /** - *

                              One or more filters. The possible values are:

                              - *
                                - *
                              • - *

                                - * state - The state of the transit gateway multicast domain. Valid values are pending | available | deleting | deleted.

                                - *
                                • - *
                              • - *

                                - * transit-gateway-id - The ID of the transit gateway.

                                - *
                                • - *
                              • - *

                                - * transit-gateway-multicast-domain-id - The ID of the transit gateway multicast domain.

                                - *
                                • - *
                              + *

                              The tag key.

                              */ - Filters?: Filter[]; + Key?: string; /** - *

                              The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

                              + *

                              The ID of the resource.

                              */ - MaxResults?: number; + ResourceId?: string; /** - *

                              The token for the next page of results.

                              + *

                              The resource type.

                              */ - NextToken?: string; + ResourceType?: ResourceType | string; /** - *

                              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                              + *

                              The tag value.

                              */ - DryRun?: boolean; + Value?: string; } -export namespace DescribeTransitGatewayMulticastDomainsRequest { +export namespace TagDescription { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeTransitGatewayMulticastDomainsRequest): any => ({ + export const filterSensitiveLog = (obj: TagDescription): any => ({ ...obj, }); } -export interface DescribeTransitGatewayMulticastDomainsResult { +export interface DescribeTagsResult { /** - *

                              Information about the transit gateway multicast domains.

                              + *

                              The token to use to retrieve the next page of results. This value is + * null when there are no more results to return.

                              */ - TransitGatewayMulticastDomains?: TransitGatewayMulticastDomain[]; + NextToken?: string; /** - *

                              The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                              + *

                              The tags.

                              */ - NextToken?: string; + Tags?: TagDescription[]; } -export namespace DescribeTransitGatewayMulticastDomainsResult { +export namespace DescribeTagsResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeTransitGatewayMulticastDomainsResult): any => ({ + export const filterSensitiveLog = (obj: DescribeTagsResult): any => ({ ...obj, }); } -export interface DescribeTransitGatewayPeeringAttachmentsRequest { +export interface DescribeTrafficMirrorFiltersRequest { /** - *

                              One or more IDs of the transit gateway peering attachments.

                              + *

                              The ID of the Traffic Mirror filter.

                              */ - TransitGatewayAttachmentIds?: string[]; + TrafficMirrorFilterIds?: string[]; + + /** + *

                              Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                              + */ + DryRun?: boolean; /** *

                              One or more filters. The possible values are:

                              - *
                                - *
                              • - *

                                - * transit-gateway-attachment-id - The ID of the transit gateway attachment.

                                - *
                                • - *
                              • - *

                                - * local-owner-id - The ID of your Amazon Web Services account.

                                - *
                                • - *
                              • - *

                                - * remote-owner-id - The ID of the Amazon Web Services account in the remote Region that owns the transit gateway.

                                - *
                                • - *
                              • - *

                                - * state - The state of the peering attachment. Valid values are available | deleted | deleting | failed | failing | initiatingRequest | modifying | pendingAcceptance | pending | rollingBack | rejected | rejecting).

                                - *
                                • + *
                                  *
                                • *

                                  - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. - * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                                  + * description: The Traffic Mirror filter description.

                                  *
                                  • *
                                • *

                                  - * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources that have a tag with a specific key, regardless of the tag value.

                                  - *
                                  • - *
                                • - *

                                  - * transit-gateway-id - The ID of the transit gateway.

                                  + * traffic-mirror-filter-id: The ID of the Traffic Mirror filter.

                                  *
                                  • *
                                */ @@ -11973,75 +11811,89 @@ export interface DescribeTransitGatewayPeeringAttachmentsRequest { *

                                The token for the next page of results.

                                */ NextToken?: string; - - /** - *

                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                - */ - DryRun?: boolean; } -export namespace DescribeTransitGatewayPeeringAttachmentsRequest { +export namespace DescribeTrafficMirrorFiltersRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeTransitGatewayPeeringAttachmentsRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeTrafficMirrorFiltersRequest): any => ({ ...obj, }); } -export interface DescribeTransitGatewayPeeringAttachmentsResult { +export interface DescribeTrafficMirrorFiltersResult { /** - *

                                The transit gateway peering attachments.

                                + *

                                Information about one or more Traffic Mirror filters.

                                */ - TransitGatewayPeeringAttachments?: TransitGatewayPeeringAttachment[]; + TrafficMirrorFilters?: TrafficMirrorFilter[]; /** - *

                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                + *

                                The token to use to retrieve the next page of results. The value is null when there are no more results to return.

                                */ NextToken?: string; } -export namespace DescribeTransitGatewayPeeringAttachmentsResult { +export namespace DescribeTrafficMirrorFiltersResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeTransitGatewayPeeringAttachmentsResult): any => ({ + export const filterSensitiveLog = (obj: DescribeTrafficMirrorFiltersResult): any => ({ ...obj, }); } -export interface DescribeTransitGatewayRouteTablesRequest { +export interface DescribeTrafficMirrorSessionsRequest { /** - *

                                The IDs of the transit gateway route tables.

                                + *

                                The ID of the Traffic Mirror session.

                                */ - TransitGatewayRouteTableIds?: string[]; + TrafficMirrorSessionIds?: string[]; + + /** + *

                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                + */ + DryRun?: boolean; /** *

                                One or more filters. The possible values are:

                                *
                                  *
                                • *

                                  - * default-association-route-table - Indicates whether this is the default - * association route table for the transit gateway (true | false).

                                  + * description: The Traffic Mirror session description.

                                  + *
                                  • + *
                                • + *

                                  + * network-interface-id: The ID of the Traffic Mirror session network interface.

                                  + *
                                  • + *
                                • + *

                                  + * owner-id: The ID of the account that owns the Traffic Mirror session.

                                  + *
                                  • + *
                                • + *

                                  + * packet-length: The assigned number of packets to mirror.

                                  + *
                                  • + *
                                • + *

                                  + * session-number: The assigned session number.

                                  *
                                  • *
                                • *

                                  - * default-propagation-route-table - Indicates whether this is the default - * propagation route table for the transit gateway (true | false).

                                  + * traffic-mirror-filter-id: The ID of the Traffic Mirror filter.

                                  *
                                  • *
                                • *

                                  - * state - The state of the route table (available | deleting | deleted | pending).

                                  + * traffic-mirror-session-id: The ID of the Traffic Mirror session.

                                  *
                                  • *
                                • *

                                  - * transit-gateway-id - The ID of the transit gateway.

                                  + * traffic-mirror-target-id: The ID of the Traffic Mirror target.

                                  *
                                  • *
                                • *

                                  - * transit-gateway-route-table-id - The ID of the transit gateway route table.

                                  + * virtual-network-id: The virtual network ID of the Traffic Mirror session.

                                  *
                                  • *
                                */ @@ -12057,99 +11909,73 @@ export interface DescribeTransitGatewayRouteTablesRequest { *

                                The token for the next page of results.

                                */ NextToken?: string; - - /** - *

                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                - */ - DryRun?: boolean; } -export namespace DescribeTransitGatewayRouteTablesRequest { +export namespace DescribeTrafficMirrorSessionsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeTransitGatewayRouteTablesRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeTrafficMirrorSessionsRequest): any => ({ ...obj, }); } -export interface DescribeTransitGatewayRouteTablesResult { +export interface DescribeTrafficMirrorSessionsResult { /** - *

                                Information about the transit gateway route tables.

                                + *

                                Describes one or more Traffic Mirror sessions. By default, all Traffic Mirror sessions are described. Alternatively, you can filter the results.

                                */ - TransitGatewayRouteTables?: TransitGatewayRouteTable[]; + TrafficMirrorSessions?: TrafficMirrorSession[]; /** - *

                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                + *

                                The token to use to retrieve the next page of results. The value is null when there are no more results to return.

                                */ NextToken?: string; } -export namespace DescribeTransitGatewayRouteTablesResult { +export namespace DescribeTrafficMirrorSessionsResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeTransitGatewayRouteTablesResult): any => ({ + export const filterSensitiveLog = (obj: DescribeTrafficMirrorSessionsResult): any => ({ ...obj, }); } -export interface DescribeTransitGatewaysRequest { +export interface DescribeTrafficMirrorTargetsRequest { /** - *

                                The IDs of the transit gateways.

                                + *

                                The ID of the Traffic Mirror targets.

                                */ - TransitGatewayIds?: string[]; + TrafficMirrorTargetIds?: string[]; + + /** + *

                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                + */ + DryRun?: boolean; /** *

                                One or more filters. The possible values are:

                                *
                                  *
                                • *

                                  - * options.propagation-default-route-table-id - The ID of the default propagation route table.

                                  - *
                                  • - *
                                • - *

                                  - * options.amazon-side-asn - The private ASN for the Amazon side of a BGP session.

                                  - *
                                  • - *
                                • - *

                                  - * options.association-default-route-table-id - The ID of the default association route table.

                                  - *
                                  • - *
                                • - *

                                  - * options.auto-accept-shared-attachments - Indicates whether there is automatic acceptance of attachment requests (enable | disable).

                                  - *
                                  • - *
                                • - *

                                  - * options.default-route-table-association - Indicates whether resource attachments are automatically - * associated with the default association route table (enable | disable).

                                  - *
                                  • - *
                                • - *

                                  - * options.default-route-table-propagation - Indicates whether resource attachments automatically propagate - * routes to the default propagation route table (enable | disable).

                                  - *
                                  • - *
                                • - *

                                  - * options.dns-support - Indicates whether DNS support is enabled (enable | disable).

                                  + * description: The Traffic Mirror target description.

                                  *
                                  • *
                                • *

                                  - * options.vpn-ecmp-support - Indicates whether Equal Cost Multipath Protocol support is enabled (enable | disable).

                                  + * network-interface-id: The ID of the Traffic Mirror session network interface.

                                  *
                                  • *
                                • *

                                  - * owner-id - The ID of the Amazon Web Services account that owns the transit gateway.

                                  + * network-load-balancer-arn: The Amazon Resource Name (ARN) of the Network Load Balancer that is associated with the session.

                                  *
                                  • *
                                • *

                                  - * state - The state of the transit gateway (available | deleted | deleting | modifying | pending).

                                  + * owner-id: The ID of the account that owns the Traffic Mirror session.

                                  *
                                  • *
                                • *

                                  - * transit-gateway-id - The ID of the transit gateway.

                                  + * traffic-mirror-target-id: The ID of the Traffic Mirror target.

                                  *
                                  • *
                                */ @@ -12165,46 +11991,39 @@ export interface DescribeTransitGatewaysRequest { *

                                The token for the next page of results.

                                */ NextToken?: string; - - /** - *

                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                - */ - DryRun?: boolean; } -export namespace DescribeTransitGatewaysRequest { +export namespace DescribeTrafficMirrorTargetsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeTransitGatewaysRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeTrafficMirrorTargetsRequest): any => ({ ...obj, }); } -export interface DescribeTransitGatewaysResult { +export interface DescribeTrafficMirrorTargetsResult { /** - *

                                Information about the transit gateways.

                                + *

                                Information about one or more Traffic Mirror targets.

                                */ - TransitGateways?: TransitGateway[]; + TrafficMirrorTargets?: TrafficMirrorTarget[]; /** - *

                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                + *

                                The token to use to retrieve the next page of results. The value is null when there are no more results to return.

                                */ NextToken?: string; } -export namespace DescribeTransitGatewaysResult { +export namespace DescribeTrafficMirrorTargetsResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeTransitGatewaysResult): any => ({ + export const filterSensitiveLog = (obj: DescribeTrafficMirrorTargetsResult): any => ({ ...obj, }); } -export interface DescribeTransitGatewayVpcAttachmentsRequest { +export interface DescribeTransitGatewayAttachmentsRequest { /** *

                                The IDs of the attachments.

                                */ @@ -12215,6 +12034,29 @@ export interface DescribeTransitGatewayVpcAttachmentsRequest { *
                                  *
                                • *

                                  + * association.state - The state of the association (associating | associated | + * disassociating).

                                  + *
                                  • + *
                                • + *

                                  + * association.transit-gateway-route-table-id - The ID of the route table for the transit gateway.

                                  + *
                                  • + *
                                • + *

                                  + * resource-id - The ID of the resource.

                                  + *
                                  • + *
                                • + *

                                  + * resource-owner-id - The ID of the Amazon Web Services account that owns the resource.

                                  + *
                                  • + *
                                • + *

                                  + * resource-type - The resource type. Valid values are vpc + * | vpn | direct-connect-gateway | peering + * | connect.

                                  + *
                                  • + *
                                • + *

                                  * state - The state of the attachment. Valid values are available | deleted | deleting | failed | failing | initiatingRequest | modifying | pendingAcceptance | pending | rollingBack | rejected | rejecting.

                                  *
                                  • *
                                • @@ -12227,7 +12069,7 @@ export interface DescribeTransitGatewayVpcAttachmentsRequest { *
                                  • *
                                • *

                                  - * vpc-id - The ID of the VPC.

                                  + * transit-gateway-owner-id - The ID of the Amazon Web Services account that owns the transit gateway.

                                  *
                                  • *
                                */ @@ -12252,90 +12094,108 @@ export interface DescribeTransitGatewayVpcAttachmentsRequest { DryRun?: boolean; } -export namespace DescribeTransitGatewayVpcAttachmentsRequest { +export namespace DescribeTransitGatewayAttachmentsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeTransitGatewayVpcAttachmentsRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeTransitGatewayAttachmentsRequest): any => ({ ...obj, }); } -export interface DescribeTransitGatewayVpcAttachmentsResult { +/** + *

                                Describes an association.

                                + */ +export interface TransitGatewayAttachmentAssociation { /** - *

                                Information about the VPC attachments.

                                + *

                                The ID of the route table for the transit gateway.

                                */ - TransitGatewayVpcAttachments?: TransitGatewayVpcAttachment[]; + TransitGatewayRouteTableId?: string; /** - *

                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                + *

                                The state of the association.

                                */ - NextToken?: string; + State?: TransitGatewayAssociationState | string; } -export namespace DescribeTransitGatewayVpcAttachmentsResult { +export namespace TransitGatewayAttachmentAssociation { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeTransitGatewayVpcAttachmentsResult): any => ({ + export const filterSensitiveLog = (obj: TransitGatewayAttachmentAssociation): any => ({ ...obj, }); } -export interface DescribeTrunkInterfaceAssociationsRequest { +/** + *

                                Describes an attachment between a resource and a transit gateway.

                                + */ +export interface TransitGatewayAttachment { /** - *

                                The IDs of the associations.

                                + *

                                The ID of the attachment.

                                */ - AssociationIds?: string[]; + TransitGatewayAttachmentId?: string; /** - *

                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                + *

                                The ID of the transit gateway.

                                */ - DryRun?: boolean; + TransitGatewayId?: string; /** - *

                                One or more filters.

                                - *
                                  - *
                                • - *

                                  - * gre-key - The ID of a trunk interface association.

                                  - *
                                  • - *
                                • - *

                                  - * interface-protocol - The interface protocol. Valid values are VLAN and GRE.

                                  - *
                                  • - *
                                + *

                                The ID of the Amazon Web Services account that owns the transit gateway.

                                */ - Filters?: Filter[]; + TransitGatewayOwnerId?: string; /** - *

                                The token for the next page of results.

                                + *

                                The ID of the Amazon Web Services account that owns the resource.

                                */ - NextToken?: string; + ResourceOwnerId?: string; /** - *

                                The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

                                + *

                                The resource type. Note that the tgw-peering resource type has been deprecated.

                                */ - MaxResults?: number; + ResourceType?: TransitGatewayAttachmentResourceType | string; + + /** + *

                                The ID of the resource.

                                + */ + ResourceId?: string; + + /** + *

                                The attachment state. Note that the initiating state has been deprecated.

                                + */ + State?: TransitGatewayAttachmentState | string; + + /** + *

                                The association.

                                + */ + Association?: TransitGatewayAttachmentAssociation; + + /** + *

                                The creation time.

                                + */ + CreationTime?: Date; + + /** + *

                                The tags for the attachment.

                                + */ + Tags?: Tag[]; } -export namespace DescribeTrunkInterfaceAssociationsRequest { +export namespace TransitGatewayAttachment { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeTrunkInterfaceAssociationsRequest): any => ({ + export const filterSensitiveLog = (obj: TransitGatewayAttachment): any => ({ ...obj, }); } -export interface DescribeTrunkInterfaceAssociationsResult { +export interface DescribeTransitGatewayAttachmentsResult { /** - *

                                Information about the trunk associations.

                                + *

                                Information about the attachments.

                                */ - InterfaceAssociations?: TrunkInterfaceAssociation[]; + TransitGatewayAttachments?: TransitGatewayAttachment[]; /** *

                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                @@ -12343,27 +12203,52 @@ export interface DescribeTrunkInterfaceAssociationsResult { NextToken?: string; } -export namespace DescribeTrunkInterfaceAssociationsResult { +export namespace DescribeTransitGatewayAttachmentsResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeTrunkInterfaceAssociationsResult): any => ({ + export const filterSensitiveLog = (obj: DescribeTransitGatewayAttachmentsResult): any => ({ ...obj, }); } -export type VolumeAttributeName = "autoEnableIO" | "productCodes"; +export interface DescribeTransitGatewayConnectPeersRequest { + /** + *

                                The IDs of the Connect peers.

                                + */ + TransitGatewayConnectPeerIds?: string[]; + + /** + *

                                One or more filters. The possible values are:

                                + *
                                  + *
                                • + *

                                  + * state - The state of the Connect peer (pending | + * available | deleting | + * deleted).

                                  + *
                                  • + *
                                • + *

                                  + * transit-gateway-attachment-id - The ID of the attachment.

                                  + *
                                  • + *
                                • + *

                                  + * transit-gateway-connect-peer-id - The ID of the Connect peer.

                                  + *
                                  • + *
                                + */ + Filters?: Filter[]; -export interface DescribeVolumeAttributeRequest { /** - *

                                The attribute of the volume. This parameter is required.

                                + *

                                The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                                */ - Attribute: VolumeAttributeName | string | undefined; + MaxResults?: number; /** - *

                                The ID of the volume.

                                + *

                                The token for the next page of results.

                                */ - VolumeId: string | undefined; + NextToken?: string; /** *

                                Checks whether you have the required permissions for the action, without actually making the request, @@ -12373,135 +12258,85 @@ export interface DescribeVolumeAttributeRequest { DryRun?: boolean; } -export namespace DescribeVolumeAttributeRequest { +export namespace DescribeTransitGatewayConnectPeersRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVolumeAttributeRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeTransitGatewayConnectPeersRequest): any => ({ ...obj, }); } -export interface DescribeVolumeAttributeResult { - /** - *

                                The state of autoEnableIO attribute.

                                - */ - AutoEnableIO?: AttributeBooleanValue; - +export interface DescribeTransitGatewayConnectPeersResult { /** - *

                                A list of product codes.

                                + *

                                Information about the Connect peers.

                                */ - ProductCodes?: ProductCode[]; + TransitGatewayConnectPeers?: TransitGatewayConnectPeer[]; /** - *

                                The ID of the volume.

                                + *

                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                */ - VolumeId?: string; + NextToken?: string; } -export namespace DescribeVolumeAttributeResult { +export namespace DescribeTransitGatewayConnectPeersResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVolumeAttributeResult): any => ({ + export const filterSensitiveLog = (obj: DescribeTransitGatewayConnectPeersResult): any => ({ ...obj, }); } -export interface DescribeVolumesRequest { +export interface DescribeTransitGatewayConnectsRequest { /** - *

                                The filters.

                                - *
                                  - *
                                • - *

                                  - * attachment.attach-time - The time stamp when the attachment - * initiated.

                                  - *
                                  • - *
                                • - *

                                  - * attachment.delete-on-termination - Whether the volume is deleted on - * instance termination.

                                  - *
                                  • - *
                                • - *

                                  - * attachment.device - The device name specified in the block device mapping - * (for example, /dev/sda1).

                                  - *
                                  • - *
                                • - *

                                  - * attachment.instance-id - The ID of the instance the volume is attached - * to.

                                  - *
                                  • - *
                                • - *

                                  - * attachment.status - The attachment state (attaching | - * attached | detaching).

                                  - *
                                  • - *
                                • - *

                                  - * availability-zone - The Availability Zone in which the volume was - * created.

                                  - *
                                  • - *
                                • - *

                                  - * create-time - The time stamp when the volume was created.

                                  - *
                                  • - *
                                • - *

                                  - * encrypted - Indicates whether the volume is encrypted (true - * | false)

                                  - *
                                  • - *
                                • - *

                                  - * multi-attach-enabled - Indicates whether the volume is enabled for Multi-Attach (true - * | false)

                                  - *
                                  • - *
                                • - *

                                  - * fast-restored - Indicates whether the volume was created from a - * snapshot that is enabled for fast snapshot restore (true | - * false).

                                  - *
                                  • - *
                                • - *

                                  - * size - The size of the volume, in GiB.

                                  - *
                                  • - *
                                • - *

                                  - * snapshot-id - The snapshot from which the volume was created.

                                  - *
                                  • + *

                                  The IDs of the attachments.

                                  + */ + TransitGatewayAttachmentIds?: string[]; + + /** + *

                                  One or more filters. The possible values are:

                                  + *
                                    *
                                  • *

                                    - * status - The state of the volume (creating | - * available | in-use | deleting | - * deleted | error).

                                    + * options.protocol - The tunnel protocol (gre).

                                    *
                                    • *
                                  • *

                                    - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. - * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                                    + * state - The state of the attachment (initiating | + * initiatingRequest | pendingAcceptance | + * rollingBack | pending | available | + * modifying | deleting | deleted | + * failed | rejected | rejecting | + * failing).

                                    *
                                    • *
                                  • - *

                                    - * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                                    + *

                                    + * transit-gateway-attachment-id - The ID of the + * Connect attachment.

                                    *
                                    • *
                                  • *

                                    - * volume-id - The volume ID.

                                    + * transit-gateway-id - The ID of the transit gateway.

                                    *
                                    • *
                                  • *

                                    - * volume-type - The Amazon EBS volume type (gp2 | gp3 | io1 | io2 | - * st1 | sc1| standard)

                                    + * transport-transit-gateway-attachment-id - The ID of the transit gateway attachment from which the Connect attachment was created.

                                    *
                                    • *
                                  */ Filters?: Filter[]; /** - *

                                  The volume IDs.

                                  + *

                                  The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                                  + */ + MaxResults?: number; + + /** + *

                                  The token for the next page of results.

                                  */ - VolumeIds?: string[]; + NextToken?: string; /** *

                                  Checks whether you have the required permissions for the action, without actually making the request, @@ -12509,363 +12344,357 @@ export interface DescribeVolumesRequest { * Otherwise, it is UnauthorizedOperation.

                                  */ DryRun?: boolean; - - /** - *

                                  The maximum number of volume results returned by DescribeVolumes in paginated - * output. When this parameter is used, DescribeVolumes only returns - * MaxResults results in a single page along with a NextToken - * response element. The remaining results of the initial request can be seen by sending another - * DescribeVolumes request with the returned NextToken value. This - * value can be between 5 and 500; if MaxResults is given a value larger than 500, - * only 500 results are returned. If this parameter is not used, then - * DescribeVolumes returns all results. You cannot specify this parameter and the - * volume IDs parameter in the same request.

                                  - */ - MaxResults?: number; - - /** - *

                                  The NextToken value returned from a previous paginated - * DescribeVolumes request where MaxResults was used and the results - * exceeded the value of that parameter. Pagination continues from the end of the previous - * results that returned the NextToken value. This value is null when - * there are no more results to return.

                                  - */ - NextToken?: string; } -export namespace DescribeVolumesRequest { +export namespace DescribeTransitGatewayConnectsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVolumesRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeTransitGatewayConnectsRequest): any => ({ ...obj, }); } -export interface DescribeVolumesResult { +export interface DescribeTransitGatewayConnectsResult { /** - *

                                  Information about the volumes.

                                  + *

                                  Information about the Connect attachments.

                                  */ - Volumes?: Volume[]; + TransitGatewayConnects?: TransitGatewayConnect[]; /** - *

                                  The NextToken value to include in a future DescribeVolumes - * request. When the results of a DescribeVolumes request exceed - * MaxResults, this value can be used to retrieve the next page of results. This - * value is null when there are no more results to return.

                                  + *

                                  The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                  */ NextToken?: string; } -export namespace DescribeVolumesResult { +export namespace DescribeTransitGatewayConnectsResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVolumesResult): any => ({ + export const filterSensitiveLog = (obj: DescribeTransitGatewayConnectsResult): any => ({ ...obj, }); } -export interface DescribeVolumesModificationsRequest { - /** - *

                                  Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                  - */ - DryRun?: boolean; - +export interface DescribeTransitGatewayMulticastDomainsRequest { /** - *

                                  The IDs of the volumes.

                                  + *

                                  The ID of the transit gateway multicast domain.

                                  */ - VolumeIds?: string[]; + TransitGatewayMulticastDomainIds?: string[]; /** - *

                                  The filters.

                                  - *
                                    - *
                                  • - *

                                    - * modification-state - The current modification state (modifying | - * optimizing | completed | failed).

                                    - *
                                    • - *
                                  • - *

                                    - * original-iops - The original IOPS rate of the volume.

                                    - *
                                    • - *
                                  • - *

                                    - * original-size - The original size of the volume, in GiB.

                                    - *
                                    • - *
                                  • - *

                                    - * original-volume-type - The original volume type of the volume (standard | - * io1 | io2 | gp2 | sc1 | st1).

                                    - *
                                    • - *
                                  • - *

                                    - * originalMultiAttachEnabled - Indicates whether Multi-Attach support was enabled (true | false).

                                    - *
                                    • - *
                                  • - *

                                    - * start-time - The modification start time.

                                    - *
                                    • - *
                                  • - *

                                    - * target-iops - The target IOPS rate of the volume.

                                    - *
                                    • - *
                                  • - *

                                    - * target-size - The target size of the volume, in GiB.

                                    - *
                                    • + *

                                    One or more filters. The possible values are:

                                    + *
                                      *
                                    • - *

                                      - * target-volume-type - The target volume type of the volume (standard | - * io1 | io2 | gp2 | sc1 | st1).

                                      + *

                                      + * state - The state of the transit gateway multicast domain. Valid values are pending | available | deleting | deleted.

                                      *
                                      • *
                                    • - *

                                      - * targetMultiAttachEnabled - Indicates whether Multi-Attach support is to be enabled (true | false).

                                      + *

                                      + * transit-gateway-id - The ID of the transit gateway.

                                      *
                                      • *
                                    • - *

                                      - * volume-id - The ID of the volume.

                                      + *

                                      + * transit-gateway-multicast-domain-id - The ID of the transit gateway multicast domain.

                                      *
                                      • *
                                    */ Filters?: Filter[]; /** - *

                                    The nextToken value returned by a previous paginated request.

                                    + *

                                    The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                                    + */ + MaxResults?: number; + + /** + *

                                    The token for the next page of results.

                                    */ NextToken?: string; /** - *

                                    The maximum number of results (up to a limit of 500) to be returned in a paginated - * request.

                                    + *

                                    Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                    */ - MaxResults?: number; + DryRun?: boolean; } -export namespace DescribeVolumesModificationsRequest { +export namespace DescribeTransitGatewayMulticastDomainsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVolumesModificationsRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeTransitGatewayMulticastDomainsRequest): any => ({ ...obj, }); } -export type VolumeModificationState = "completed" | "failed" | "modifying" | "optimizing"; +export interface DescribeTransitGatewayMulticastDomainsResult { + /** + *

                                    Information about the transit gateway multicast domains.

                                    + */ + TransitGatewayMulticastDomains?: TransitGatewayMulticastDomain[]; -/** - *

                                    Describes the modification status of an EBS volume.

                                    - *

                                    If the volume has never been modified, some element values will be null.

                                    - */ -export interface VolumeModification { /** - *

                                    The ID of the volume.

                                    + *

                                    The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                    */ - VolumeId?: string; + NextToken?: string; +} +export namespace DescribeTransitGatewayMulticastDomainsResult { /** - *

                                    The current modification state. The modification state is null for unmodified - * volumes.

                                    + * @internal */ - ModificationState?: VolumeModificationState | string; + export const filterSensitiveLog = (obj: DescribeTransitGatewayMulticastDomainsResult): any => ({ + ...obj, + }); +} +export interface DescribeTransitGatewayPeeringAttachmentsRequest { /** - *

                                    A status message about the modification progress or failure.

                                    + *

                                    One or more IDs of the transit gateway peering attachments.

                                    */ - StatusMessage?: string; + TransitGatewayAttachmentIds?: string[]; /** - *

                                    The target size of the volume, in GiB.

                                    + *

                                    One or more filters. The possible values are:

                                    + *
                                      + *
                                    • + *

                                      + * transit-gateway-attachment-id - The ID of the transit gateway attachment.

                                      + *
                                      • + *
                                    • + *

                                      + * local-owner-id - The ID of your Amazon Web Services account.

                                      + *
                                      • + *
                                    • + *

                                      + * remote-owner-id - The ID of the Amazon Web Services account in the remote Region that owns the transit gateway.

                                      + *
                                      • + *
                                    • + *

                                      + * state - The state of the peering attachment. Valid values are available | deleted | deleting | failed | failing | initiatingRequest | modifying | pendingAcceptance | pending | rollingBack | rejected | rejecting).

                                      + *
                                      • + *
                                    • + *

                                      + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. + * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                                      + *
                                      • + *
                                    • + *

                                      + * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources that have a tag with a specific key, regardless of the tag value.

                                      + *
                                      • + *
                                    • + *

                                      + * transit-gateway-id - The ID of the transit gateway.

                                      + *
                                      • + *
                                    */ - TargetSize?: number; + Filters?: Filter[]; /** - *

                                    The target IOPS rate of the volume.

                                    + *

                                    The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                                    */ - TargetIops?: number; + MaxResults?: number; /** - *

                                    The target EBS volume type of the volume.

                                    + *

                                    The token for the next page of results.

                                    */ - TargetVolumeType?: VolumeType | string; + NextToken?: string; /** - *

                                    The target throughput of the volume, in MiB/s.

                                    + *

                                    Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                    */ - TargetThroughput?: number; + DryRun?: boolean; +} +export namespace DescribeTransitGatewayPeeringAttachmentsRequest { /** - *

                                    The target setting for Amazon EBS Multi-Attach.

                                    + * @internal */ - TargetMultiAttachEnabled?: boolean; + export const filterSensitiveLog = (obj: DescribeTransitGatewayPeeringAttachmentsRequest): any => ({ + ...obj, + }); +} +export interface DescribeTransitGatewayPeeringAttachmentsResult { /** - *

                                    The original size of the volume, in GiB.

                                    + *

                                    The transit gateway peering attachments.

                                    */ - OriginalSize?: number; + TransitGatewayPeeringAttachments?: TransitGatewayPeeringAttachment[]; /** - *

                                    The original IOPS rate of the volume.

                                    + *

                                    The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                    */ - OriginalIops?: number; + NextToken?: string; +} +export namespace DescribeTransitGatewayPeeringAttachmentsResult { /** - *

                                    The original EBS volume type of the volume.

                                    + * @internal */ - OriginalVolumeType?: VolumeType | string; + export const filterSensitiveLog = (obj: DescribeTransitGatewayPeeringAttachmentsResult): any => ({ + ...obj, + }); +} +export interface DescribeTransitGatewayRouteTablesRequest { /** - *

                                    The original throughput of the volume, in MiB/s.

                                    + *

                                    The IDs of the transit gateway route tables.

                                    */ - OriginalThroughput?: number; + TransitGatewayRouteTableIds?: string[]; /** - *

                                    The original setting for Amazon EBS Multi-Attach.

                                    + *

                                    One or more filters. The possible values are:

                                    + *
                                      + *
                                    • + *

                                      + * default-association-route-table - Indicates whether this is the default + * association route table for the transit gateway (true | false).

                                      + *
                                      • + *
                                    • + *

                                      + * default-propagation-route-table - Indicates whether this is the default + * propagation route table for the transit gateway (true | false).

                                      + *
                                      • + *
                                    • + *

                                      + * state - The state of the route table (available | deleting | deleted | pending).

                                      + *
                                      • + *
                                    • + *

                                      + * transit-gateway-id - The ID of the transit gateway.

                                      + *
                                      • + *
                                    • + *

                                      + * transit-gateway-route-table-id - The ID of the transit gateway route table.

                                      + *
                                      • + *
                                    */ - OriginalMultiAttachEnabled?: boolean; + Filters?: Filter[]; /** - *

                                    The modification progress, from 0 to 100 percent complete.

                                    + *

                                    The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                                    */ - Progress?: number; + MaxResults?: number; /** - *

                                    The modification start time.

                                    + *

                                    The token for the next page of results.

                                    */ - StartTime?: Date; + NextToken?: string; /** - *

                                    The modification completion or failure time.

                                    + *

                                    Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                    */ - EndTime?: Date; + DryRun?: boolean; } -export namespace VolumeModification { +export namespace DescribeTransitGatewayRouteTablesRequest { /** * @internal */ - export const filterSensitiveLog = (obj: VolumeModification): any => ({ + export const filterSensitiveLog = (obj: DescribeTransitGatewayRouteTablesRequest): any => ({ ...obj, }); } -export interface DescribeVolumesModificationsResult { +export interface DescribeTransitGatewayRouteTablesResult { /** - *

                                    Information about the volume modifications.

                                    + *

                                    Information about the transit gateway route tables.

                                    */ - VolumesModifications?: VolumeModification[]; + TransitGatewayRouteTables?: TransitGatewayRouteTable[]; /** - *

                                    Token for pagination, null if there are no more results

                                    + *

                                    The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                    */ NextToken?: string; } -export namespace DescribeVolumesModificationsResult { +export namespace DescribeTransitGatewayRouteTablesResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVolumesModificationsResult): any => ({ + export const filterSensitiveLog = (obj: DescribeTransitGatewayRouteTablesResult): any => ({ ...obj, }); } -export interface DescribeVolumeStatusRequest { +export interface DescribeTransitGatewaysRequest { /** - *

                                    The filters.

                                    + *

                                    The IDs of the transit gateways.

                                    + */ + TransitGatewayIds?: string[]; + + /** + *

                                    One or more filters. The possible values are:

                                    *
                                      *
                                    • *

                                      - * action.code - The action code for the event (for example, - * enable-volume-io).

                                      - *
                                      • - *
                                    • - *

                                      - * action.description - A description of the action.

                                      + * options.propagation-default-route-table-id - The ID of the default propagation route table.

                                      *
                                      • *
                                    • *

                                      - * action.event-id - The event ID associated with the action.

                                      + * options.amazon-side-asn - The private ASN for the Amazon side of a BGP session.

                                      *
                                      • *
                                    • *

                                      - * availability-zone - The Availability Zone of the instance.

                                      + * options.association-default-route-table-id - The ID of the default association route table.

                                      *
                                      • *
                                    • *

                                      - * event.description - A description of the event.

                                      + * options.auto-accept-shared-attachments - Indicates whether there is automatic acceptance of attachment requests (enable | disable).

                                      *
                                      • *
                                    • *

                                      - * event.event-id - The event ID.

                                      + * options.default-route-table-association - Indicates whether resource attachments are automatically + * associated with the default association route table (enable | disable).

                                      *
                                      • *
                                    • *

                                      - * event.event-type - The event type (for io-enabled: - * passed | failed; for io-performance: - * io-performance:degraded | io-performance:severely-degraded | - * io-performance:stalled).

                                      + * options.default-route-table-propagation - Indicates whether resource attachments automatically propagate + * routes to the default propagation route table (enable | disable).

                                      *
                                      • *
                                    • *

                                      - * event.not-after - The latest end time for the event.

                                      + * options.dns-support - Indicates whether DNS support is enabled (enable | disable).

                                      *
                                      • *
                                    • *

                                      - * event.not-before - The earliest start time for the event.

                                      + * options.vpn-ecmp-support - Indicates whether Equal Cost Multipath Protocol support is enabled (enable | disable).

                                      *
                                      • *
                                    • *

                                      - * volume-status.details-name - The cause for - * volume-status.status (io-enabled | - * io-performance).

                                      + * owner-id - The ID of the Amazon Web Services account that owns the transit gateway.

                                      *
                                      • *
                                    • *

                                      - * volume-status.details-status - The status of - * volume-status.details-name (for io-enabled: - * passed | failed; for io-performance: - * normal | degraded | severely-degraded | - * stalled).

                                      + * state - The state of the transit gateway (available | deleted | deleting | modifying | pending).

                                      *
                                      • *
                                    • *

                                      - * volume-status.status - The status of the volume (ok | - * impaired | warning | insufficient-data).

                                      + * transit-gateway-id - The ID of the transit gateway.

                                      *
                                      • *
                                    */ Filters?: Filter[]; /** - *

                                    The maximum number of volume results returned by DescribeVolumeStatus in - * paginated output. When this parameter is used, the request only returns - * MaxResults results in a single page along with a NextToken - * response element. The remaining results of the initial request can be seen by sending another - * request with the returned NextToken value. This value can be between 5 and 1,000; - * if MaxResults is given a value larger than 1,000, only 1,000 results are returned. - * If this parameter is not used, then DescribeVolumeStatus returns all results. You - * cannot specify this parameter and the volume IDs parameter in the same request.

                                    + *

                                    The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                                    */ MaxResults?: number; /** - *

                                    The NextToken value to include in a future DescribeVolumeStatus - * request. When the results of the request exceed MaxResults, this value can be - * used to retrieve the next page of results. This value is null when there are no - * more results to return.

                                    + *

                                    The token for the next page of results.

                                    */ NextToken?: string; - /** - *

                                    The IDs of the volumes.

                                    - *

                                    Default: Describes all your volumes.

                                    - */ - VolumeIds?: string[]; - /** *

                                    Checks whether you have the required permissions for the action, without actually making the request, * and provides an error response. If you have the required permissions, the error response is DryRunOperation. @@ -12874,214 +12703,236 @@ export interface DescribeVolumeStatusRequest { DryRun?: boolean; } -export namespace DescribeVolumeStatusRequest { +export namespace DescribeTransitGatewaysRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVolumeStatusRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeTransitGatewaysRequest): any => ({ ...obj, }); } -/** - *

                                    Describes a volume status operation code.

                                    - */ -export interface VolumeStatusAction { - /** - *

                                    The code identifying the operation, for example, enable-volume-io.

                                    - */ - Code?: string; - - /** - *

                                    A description of the operation.

                                    - */ - Description?: string; - +export interface DescribeTransitGatewaysResult { /** - *

                                    The ID of the event associated with this operation.

                                    + *

                                    Information about the transit gateways.

                                    */ - EventId?: string; + TransitGateways?: TransitGateway[]; /** - *

                                    The event type associated with this operation.

                                    + *

                                    The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                    */ - EventType?: string; + NextToken?: string; } -export namespace VolumeStatusAction { +export namespace DescribeTransitGatewaysResult { /** * @internal */ - export const filterSensitiveLog = (obj: VolumeStatusAction): any => ({ + export const filterSensitiveLog = (obj: DescribeTransitGatewaysResult): any => ({ ...obj, }); } -/** - *

                                    Information about the instances to which the volume is attached.

                                    - */ -export interface VolumeStatusAttachmentStatus { - /** - *

                                    The maximum IOPS supported by the attached instance.

                                    - */ - IoPerformance?: string; - +export interface DescribeTransitGatewayVpcAttachmentsRequest { /** - *

                                    The ID of the attached instance.

                                    + *

                                    The IDs of the attachments.

                                    */ - InstanceId?: string; -} + TransitGatewayAttachmentIds?: string[]; -export namespace VolumeStatusAttachmentStatus { /** - * @internal + *

                                    One or more filters. The possible values are:

                                    + *
                                      + *
                                    • + *

                                      + * state - The state of the attachment. Valid values are available | deleted | deleting | failed | failing | initiatingRequest | modifying | pendingAcceptance | pending | rollingBack | rejected | rejecting.

                                      + *
                                      • + *
                                    • + *

                                      + * transit-gateway-attachment-id - The ID of the attachment.

                                      + *
                                      • + *
                                    • + *

                                      + * transit-gateway-id - The ID of the transit gateway.

                                      + *
                                      • + *
                                    • + *

                                      + * vpc-id - The ID of the VPC.

                                      + *
                                      • + *
                                    */ - export const filterSensitiveLog = (obj: VolumeStatusAttachmentStatus): any => ({ - ...obj, - }); -} + Filters?: Filter[]; -/** - *

                                    Describes a volume status event.

                                    - */ -export interface VolumeStatusEvent { /** - *

                                    A description of the event.

                                    + *

                                    The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                                    */ - Description?: string; + MaxResults?: number; /** - *

                                    The ID of this event.

                                    + *

                                    The token for the next page of results.

                                    */ - EventId?: string; + NextToken?: string; /** - *

                                    The type of this event.

                                    + *

                                    Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                    */ - EventType?: string; + DryRun?: boolean; +} +export namespace DescribeTransitGatewayVpcAttachmentsRequest { /** - *

                                    The latest end time of the event.

                                    + * @internal */ - NotAfter?: Date; + export const filterSensitiveLog = (obj: DescribeTransitGatewayVpcAttachmentsRequest): any => ({ + ...obj, + }); +} +export interface DescribeTransitGatewayVpcAttachmentsResult { /** - *

                                    The earliest start time of the event.

                                    + *

                                    Information about the VPC attachments.

                                    */ - NotBefore?: Date; + TransitGatewayVpcAttachments?: TransitGatewayVpcAttachment[]; /** - *

                                    The ID of the instance associated with the event.

                                    + *

                                    The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                    */ - InstanceId?: string; + NextToken?: string; } -export namespace VolumeStatusEvent { +export namespace DescribeTransitGatewayVpcAttachmentsResult { /** * @internal */ - export const filterSensitiveLog = (obj: VolumeStatusEvent): any => ({ + export const filterSensitiveLog = (obj: DescribeTransitGatewayVpcAttachmentsResult): any => ({ ...obj, }); } -export type VolumeStatusName = "io-enabled" | "io-performance"; +export interface DescribeTrunkInterfaceAssociationsRequest { + /** + *

                                    The IDs of the associations.

                                    + */ + AssociationIds?: string[]; + + /** + *

                                    Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                    + */ + DryRun?: boolean; + + /** + *

                                    One or more filters.

                                    + *
                                      + *
                                    • + *

                                      + * gre-key - The ID of a trunk interface association.

                                      + *
                                      • + *
                                    • + *

                                      + * interface-protocol - The interface protocol. Valid values are VLAN and GRE.

                                      + *
                                      • + *
                                    + */ + Filters?: Filter[]; -/** - *

                                    Describes a volume status.

                                    - */ -export interface VolumeStatusDetails { /** - *

                                    The name of the volume status.

                                    + *

                                    The token for the next page of results.

                                    */ - Name?: VolumeStatusName | string; + NextToken?: string; /** - *

                                    The intended status of the volume status.

                                    + *

                                    The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                                    */ - Status?: string; + MaxResults?: number; } -export namespace VolumeStatusDetails { +export namespace DescribeTrunkInterfaceAssociationsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: VolumeStatusDetails): any => ({ + export const filterSensitiveLog = (obj: DescribeTrunkInterfaceAssociationsRequest): any => ({ ...obj, }); } -export type VolumeStatusInfoStatus = "impaired" | "insufficient-data" | "ok"; - -/** - *

                                    Describes the status of a volume.

                                    - */ -export interface VolumeStatusInfo { +export interface DescribeTrunkInterfaceAssociationsResult { /** - *

                                    The details of the volume status.

                                    + *

                                    Information about the trunk associations.

                                    */ - Details?: VolumeStatusDetails[]; + InterfaceAssociations?: TrunkInterfaceAssociation[]; /** - *

                                    The status of the volume.

                                    + *

                                    The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                    */ - Status?: VolumeStatusInfoStatus | string; + NextToken?: string; } -export namespace VolumeStatusInfo { +export namespace DescribeTrunkInterfaceAssociationsResult { /** * @internal */ - export const filterSensitiveLog = (obj: VolumeStatusInfo): any => ({ + export const filterSensitiveLog = (obj: DescribeTrunkInterfaceAssociationsResult): any => ({ ...obj, }); } -/** - *

                                    Describes the volume status.

                                    - */ -export interface VolumeStatusItem { +export type VolumeAttributeName = "autoEnableIO" | "productCodes"; + +export interface DescribeVolumeAttributeRequest { /** - *

                                    The details of the operation.

                                    + *

                                    The attribute of the volume. This parameter is required.

                                    */ - Actions?: VolumeStatusAction[]; + Attribute: VolumeAttributeName | string | undefined; /** - *

                                    The Availability Zone of the volume.

                                    + *

                                    The ID of the volume.

                                    */ - AvailabilityZone?: string; + VolumeId: string | undefined; /** - *

                                    The Amazon Resource Name (ARN) of the Outpost.

                                    + *

                                    Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                    */ - OutpostArn?: string; + DryRun?: boolean; +} +export namespace DescribeVolumeAttributeRequest { /** - *

                                    A list of events associated with the volume.

                                    + * @internal */ - Events?: VolumeStatusEvent[]; + export const filterSensitiveLog = (obj: DescribeVolumeAttributeRequest): any => ({ + ...obj, + }); +} +export interface DescribeVolumeAttributeResult { /** - *

                                    The volume ID.

                                    + *

                                    The state of autoEnableIO attribute.

                                    */ - VolumeId?: string; + AutoEnableIO?: AttributeBooleanValue; /** - *

                                    The volume status.

                                    + *

                                    A list of product codes.

                                    */ - VolumeStatus?: VolumeStatusInfo; + ProductCodes?: ProductCode[]; /** - *

                                    Information about the instances to which the volume is attached.

                                    + *

                                    The ID of the volume.

                                    */ - AttachmentStatuses?: VolumeStatusAttachmentStatus[]; + VolumeId?: string; } -export namespace VolumeStatusItem { +export namespace DescribeVolumeAttributeResult { /** * @internal */ - export const filterSensitiveLog = (obj: VolumeStatusItem): any => ({ + export const filterSensitiveLog = (obj: DescribeVolumeAttributeResult): any => ({ ...obj, }); } diff --git a/clients/client-ec2/src/models/models_4.ts b/clients/client-ec2/src/models/models_4.ts index 342254dabcb7..25b43362bc42 100644 --- a/clients/client-ec2/src/models/models_4.ts +++ b/clients/client-ec2/src/models/models_4.ts @@ -6,7 +6,6 @@ import { AddressAttribute, Affinity, AllowedPrincipal, - ApplianceModeSupportValue, AssociationStatus, AttributeValue, AutoPlacement, @@ -14,8 +13,6 @@ import { ClientConnectOptions, ConnectionLogOptions, CurrencyCodeValues, - DiskImageFormat, - DnsSupportValue, EndDateType, FleetExcessCapacityTerminationPolicy, FleetLaunchTemplateConfigRequest, @@ -23,7 +20,6 @@ import { IamInstanceProfileAssociation, InstanceEventWindow, InstanceEventWindowTimeRangeRequest, - Ipv6SupportValue, Placement, PlatformValues, SelfServicePortal, @@ -37,7 +33,6 @@ import { TransitGatewayAssociationState, TransitGatewayAttachmentResourceType, TransitGatewayMulticastDomainAssociations, - TransitGatewayVpcAttachment, UnsuccessfulItem, VolumeType, Vpc, @@ -46,12 +41,10 @@ import { VpcPeeringConnection, } from "./models_0"; import { - AutoAcceptSharedAttachmentsValue, CapacityReservationPreference, CapacityReservationTarget, ConnectionNotification, - DefaultRouteTableAssociationValue, - DefaultRouteTablePropagationValue, + DiskImageFormat, DnsEntry, DnsNameState, LaunchTemplate, @@ -68,17 +61,12 @@ import { TrafficMirrorNetworkService, TrafficMirrorPortRangeRequest, TrafficMirrorRuleAction, - TrafficMirrorSession, - TransitGateway, TransitGatewayPrefixListReference, + Volume, VpcEndpoint, - VpnConnection, - VpnEcmpSupportValue, - VpnGateway, } from "./models_1"; import { ArchitectureValues, - AttributeBooleanValue, BootModeValues, ConversionTask, ExportTaskS3Location, @@ -87,17 +75,19 @@ import { FpgaImageAttribute, FpgaImageAttributeName, ImportImageLicenseConfigurationResponse, - InstanceAttributeName, LaunchPermission, PaymentOption, PermissionGroup, SnapshotDetail, - SnapshotTaskDetail, + VpnConnection, + VpnGateway, } from "./models_2"; import { + AttributeBooleanValue, CreateVolumePermission, ExcessCapacityTerminationPolicy, HttpTokensState, + InstanceAttributeName, InstanceMetadataEndpointState, InstanceMetadataOptionsResponse, InstanceMetadataProtocolState, @@ -105,614 +95,786 @@ import { LaunchTemplateConfig, ReservedInstancesConfiguration, SnapshotAttributeName, - VolumeModification, - VolumeStatusItem, + SnapshotTaskDetail, } from "./models_3"; -export interface DescribeVolumeStatusResult { - /** - *

                                    The token to use to retrieve the next page of results. This value is null - * when there are no more results to return.

                                    - */ - NextToken?: string; - +export interface DescribeVolumesRequest { /** - *

                                    Information about the status of the volumes.

                                    + *

                                    The filters.

                                    + *
                                      + *
                                    • + *

                                      + * attachment.attach-time - The time stamp when the attachment + * initiated.

                                      + *
                                      • + *
                                    • + *

                                      + * attachment.delete-on-termination - Whether the volume is deleted on + * instance termination.

                                      + *
                                      • + *
                                    • + *

                                      + * attachment.device - The device name specified in the block device mapping + * (for example, /dev/sda1).

                                      + *
                                      • + *
                                    • + *

                                      + * attachment.instance-id - The ID of the instance the volume is attached + * to.

                                      + *
                                      • + *
                                    • + *

                                      + * attachment.status - The attachment state (attaching | + * attached | detaching).

                                      + *
                                      • + *
                                    • + *

                                      + * availability-zone - The Availability Zone in which the volume was + * created.

                                      + *
                                      • + *
                                    • + *

                                      + * create-time - The time stamp when the volume was created.

                                      + *
                                      • + *
                                    • + *

                                      + * encrypted - Indicates whether the volume is encrypted (true + * | false)

                                      + *
                                      • + *
                                    • + *

                                      + * multi-attach-enabled - Indicates whether the volume is enabled for Multi-Attach (true + * | false)

                                      + *
                                      • + *
                                    • + *

                                      + * fast-restored - Indicates whether the volume was created from a + * snapshot that is enabled for fast snapshot restore (true | + * false).

                                      + *
                                      • + *
                                    • + *

                                      + * size - The size of the volume, in GiB.

                                      + *
                                      • + *
                                    • + *

                                      + * snapshot-id - The snapshot from which the volume was created.

                                      + *
                                      • + *
                                    • + *

                                      + * status - The state of the volume (creating | + * available | in-use | deleting | + * deleted | error).

                                      + *
                                      • + *
                                    • + *

                                      + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. + * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                                      + *
                                      • + *
                                    • + *

                                      + * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                                      + *
                                      • + *
                                    • + *

                                      + * volume-id - The volume ID.

                                      + *
                                      • + *
                                    • + *

                                      + * volume-type - The Amazon EBS volume type (gp2 | gp3 | io1 | io2 | + * st1 | sc1| standard)

                                      + *
                                      • + *
                                    */ - VolumeStatuses?: VolumeStatusItem[]; -} + Filters?: Filter[]; -export namespace DescribeVolumeStatusResult { /** - * @internal + *

                                    The volume IDs.

                                    */ - export const filterSensitiveLog = (obj: DescribeVolumeStatusResult): any => ({ - ...obj, - }); -} - -export type VpcAttributeName = "enableDnsHostnames" | "enableDnsSupport"; + VolumeIds?: string[]; -export interface DescribeVpcAttributeRequest { /** - *

                                    The VPC attribute.

                                    + *

                                    Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                    */ - Attribute: VpcAttributeName | string | undefined; + DryRun?: boolean; /** - *

                                    The ID of the VPC.

                                    + *

                                    The maximum number of volume results returned by DescribeVolumes in paginated + * output. When this parameter is used, DescribeVolumes only returns + * MaxResults results in a single page along with a NextToken + * response element. The remaining results of the initial request can be seen by sending another + * DescribeVolumes request with the returned NextToken value. This + * value can be between 5 and 500; if MaxResults is given a value larger than 500, + * only 500 results are returned. If this parameter is not used, then + * DescribeVolumes returns all results. You cannot specify this parameter and the + * volume IDs parameter in the same request.

                                    */ - VpcId: string | undefined; + MaxResults?: number; /** - *

                                    Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                    + *

                                    The NextToken value returned from a previous paginated + * DescribeVolumes request where MaxResults was used and the results + * exceeded the value of that parameter. Pagination continues from the end of the previous + * results that returned the NextToken value. This value is null when + * there are no more results to return.

                                    */ - DryRun?: boolean; + NextToken?: string; } -export namespace DescribeVpcAttributeRequest { +export namespace DescribeVolumesRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVpcAttributeRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeVolumesRequest): any => ({ ...obj, }); } -export interface DescribeVpcAttributeResult { - /** - *

                                    The ID of the VPC.

                                    - */ - VpcId?: string; - +export interface DescribeVolumesResult { /** - *

                                    Indicates whether the instances launched in the VPC get DNS hostnames. - * If this attribute is true, instances in the VPC get DNS hostnames; - * otherwise, they do not.

                                    + *

                                    Information about the volumes.

                                    */ - EnableDnsHostnames?: AttributeBooleanValue; + Volumes?: Volume[]; /** - *

                                    Indicates whether DNS resolution is enabled for - * the VPC. If this attribute is true, the Amazon DNS server - * resolves DNS hostnames for your instances to their corresponding - * IP addresses; otherwise, it does not.

                                    + *

                                    The NextToken value to include in a future DescribeVolumes + * request. When the results of a DescribeVolumes request exceed + * MaxResults, this value can be used to retrieve the next page of results. This + * value is null when there are no more results to return.

                                    */ - EnableDnsSupport?: AttributeBooleanValue; + NextToken?: string; } -export namespace DescribeVpcAttributeResult { +export namespace DescribeVolumesResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVpcAttributeResult): any => ({ + export const filterSensitiveLog = (obj: DescribeVolumesResult): any => ({ ...obj, }); } -export interface DescribeVpcClassicLinkRequest { +export interface DescribeVolumesModificationsRequest { /** - *

                                    One or more filters.

                                    - *
                                      + *

                                      Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                      + */ + DryRun?: boolean; + + /** + *

                                      The IDs of the volumes.

                                      + */ + VolumeIds?: string[]; + + /** + *

                                      The filters.

                                      + *
                                        *
                                      • - *

                                        - * is-classic-link-enabled - Whether the VPC is enabled for ClassicLink - * (true | false).

                                        - *
                                        • + *

                                        + * modification-state - The current modification state (modifying | + * optimizing | completed | failed).

                                        + * *
                                      • - *

                                        - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. - * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                                        - *
                                        • + *

                                        + * original-iops - The original IOPS rate of the volume.

                                        + * *
                                      • - *

                                        - * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                                        - *
                                        • + *

                                        + * original-size - The original size of the volume, in GiB.

                                        + * + *
                                      • + *

                                        + * original-volume-type - The original volume type of the volume (standard | + * io1 | io2 | gp2 | sc1 | st1).

                                        + *
                                        • + *
                                      • + *

                                        + * originalMultiAttachEnabled - Indicates whether Multi-Attach support was enabled (true | false).

                                        + *
                                        • + *
                                      • + *

                                        + * start-time - The modification start time.

                                        + *
                                        • + *
                                      • + *

                                        + * target-iops - The target IOPS rate of the volume.

                                        + *
                                        • + *
                                      • + *

                                        + * target-size - The target size of the volume, in GiB.

                                        + *
                                        • + *
                                      • + *

                                        + * target-volume-type - The target volume type of the volume (standard | + * io1 | io2 | gp2 | sc1 | st1).

                                        + *
                                        • + *
                                      • + *

                                        + * targetMultiAttachEnabled - Indicates whether Multi-Attach support is to be enabled (true | false).

                                        + *
                                        • + *
                                      • + *

                                        + * volume-id - The ID of the volume.

                                        + *
                                        • *
                                      */ Filters?: Filter[]; /** - *

                                      Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                      + *

                                      The nextToken value returned by a previous paginated request.

                                      */ - DryRun?: boolean; + NextToken?: string; /** - *

                                      One or more VPCs for which you want to describe the ClassicLink status.

                                      + *

                                      The maximum number of results (up to a limit of 500) to be returned in a paginated + * request.

                                      */ - VpcIds?: string[]; + MaxResults?: number; } -export namespace DescribeVpcClassicLinkRequest { +export namespace DescribeVolumesModificationsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVpcClassicLinkRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeVolumesModificationsRequest): any => ({ ...obj, }); } +export type VolumeModificationState = "completed" | "failed" | "modifying" | "optimizing"; + /** - *

                                      Describes whether a VPC is enabled for ClassicLink.

                                      + *

                                      Describes the modification status of an EBS volume.

                                      + *

                                      If the volume has never been modified, some element values will be null.

                                      */ -export interface VpcClassicLink { +export interface VolumeModification { /** - *

                                      Indicates whether the VPC is enabled for ClassicLink.

                                      + *

                                      The ID of the volume.

                                      */ - ClassicLinkEnabled?: boolean; + VolumeId?: string; /** - *

                                      Any tags assigned to the VPC.

                                      + *

                                      The current modification state. The modification state is null for unmodified + * volumes.

                                      */ - Tags?: Tag[]; + ModificationState?: VolumeModificationState | string; /** - *

                                      The ID of the VPC.

                                      + *

                                      A status message about the modification progress or failure.

                                      */ - VpcId?: string; -} + StatusMessage?: string; -export namespace VpcClassicLink { /** - * @internal + *

                                      The target size of the volume, in GiB.

                                      */ - export const filterSensitiveLog = (obj: VpcClassicLink): any => ({ - ...obj, - }); -} + TargetSize?: number; -export interface DescribeVpcClassicLinkResult { /** - *

                                      The ClassicLink status of one or more VPCs.

                                      + *

                                      The target IOPS rate of the volume.

                                      */ - Vpcs?: VpcClassicLink[]; -} + TargetIops?: number; -export namespace DescribeVpcClassicLinkResult { /** - * @internal + *

                                      The target EBS volume type of the volume.

                                      */ - export const filterSensitiveLog = (obj: DescribeVpcClassicLinkResult): any => ({ - ...obj, - }); -} + TargetVolumeType?: VolumeType | string; -export interface DescribeVpcClassicLinkDnsSupportRequest { /** - *

                                      The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

                                      + *

                                      The target throughput of the volume, in MiB/s.

                                      */ - MaxResults?: number; + TargetThroughput?: number; /** - *

                                      The token for the next page of results.

                                      + *

                                      The target setting for Amazon EBS Multi-Attach.

                                      */ - NextToken?: string; + TargetMultiAttachEnabled?: boolean; /** - *

                                      One or more VPC IDs.

                                      + *

                                      The original size of the volume, in GiB.

                                      */ - VpcIds?: string[]; -} + OriginalSize?: number; -export namespace DescribeVpcClassicLinkDnsSupportRequest { /** - * @internal + *

                                      The original IOPS rate of the volume.

                                      */ - export const filterSensitiveLog = (obj: DescribeVpcClassicLinkDnsSupportRequest): any => ({ - ...obj, - }); -} + OriginalIops?: number; -/** - *

                                      Describes the ClassicLink DNS support status of a VPC.

                                      - */ -export interface ClassicLinkDnsSupport { /** - *

                                      Indicates whether ClassicLink DNS support is enabled for the VPC.

                                      + *

                                      The original EBS volume type of the volume.

                                      */ - ClassicLinkDnsSupported?: boolean; + OriginalVolumeType?: VolumeType | string; /** - *

                                      The ID of the VPC.

                                      + *

                                      The original throughput of the volume, in MiB/s.

                                      */ - VpcId?: string; -} + OriginalThroughput?: number; -export namespace ClassicLinkDnsSupport { /** - * @internal + *

                                      The original setting for Amazon EBS Multi-Attach.

                                      */ - export const filterSensitiveLog = (obj: ClassicLinkDnsSupport): any => ({ - ...obj, - }); -} + OriginalMultiAttachEnabled?: boolean; -export interface DescribeVpcClassicLinkDnsSupportResult { /** - *

                                      The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                      + *

                                      The modification progress, from 0 to 100 percent complete.

                                      */ - NextToken?: string; + Progress?: number; /** - *

                                      Information about the ClassicLink DNS support status of the VPCs.

                                      + *

                                      The modification start time.

                                      */ - Vpcs?: ClassicLinkDnsSupport[]; + StartTime?: Date; + + /** + *

                                      The modification completion or failure time.

                                      + */ + EndTime?: Date; } -export namespace DescribeVpcClassicLinkDnsSupportResult { +export namespace VolumeModification { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVpcClassicLinkDnsSupportResult): any => ({ + export const filterSensitiveLog = (obj: VolumeModification): any => ({ ...obj, }); } -export interface DescribeVpcEndpointConnectionNotificationsRequest { +export interface DescribeVolumesModificationsResult { /** - *

                                      Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                      + *

                                      Information about the volume modifications.

                                      */ - DryRun?: boolean; + VolumesModifications?: VolumeModification[]; /** - *

                                      The ID of the notification.

                                      + *

                                      Token for pagination, null if there are no more results

                                      */ - ConnectionNotificationId?: string; + NextToken?: string; +} +export namespace DescribeVolumesModificationsResult { /** - *

                                      One or more filters.

                                      - *
                                        + * @internal + */ + export const filterSensitiveLog = (obj: DescribeVolumesModificationsResult): any => ({ + ...obj, + }); +} + +export interface DescribeVolumeStatusRequest { + /** + *

                                        The filters.

                                        + *
                                          *
                                        • - *

                                          - * connection-notification-arn - The ARN of the SNS topic for the - * notification.

                                          + *

                                          + * action.code - The action code for the event (for example, + * enable-volume-io).

                                          *
                                          • *
                                        • - *

                                          - * connection-notification-id - The ID of the - * notification.

                                          + *

                                          + * action.description - A description of the action.

                                          *
                                          • *
                                        • - *

                                          - * connection-notification-state - The state of the notification - * (Enabled | Disabled).

                                          + *

                                          + * action.event-id - The event ID associated with the action.

                                          *
                                          • *
                                        • - *

                                          - * connection-notification-type - The type of notification - * (Topic).

                                          + *

                                          + * availability-zone - The Availability Zone of the instance.

                                          *
                                          • *
                                        • - *

                                          - * service-id - The ID of the endpoint service.

                                          + *

                                          + * event.description - A description of the event.

                                          *
                                          • *
                                        • - *

                                          - * vpc-endpoint-id - The ID of the VPC endpoint.

                                          + *

                                          + * event.event-id - The event ID.

                                          + *
                                          • + *
                                        • + *

                                          + * event.event-type - The event type (for io-enabled: + * passed | failed; for io-performance: + * io-performance:degraded | io-performance:severely-degraded | + * io-performance:stalled).

                                          + *
                                          • + *
                                        • + *

                                          + * event.not-after - The latest end time for the event.

                                          + *
                                          • + *
                                        • + *

                                          + * event.not-before - The earliest start time for the event.

                                          + *
                                          • + *
                                        • + *

                                          + * volume-status.details-name - The cause for + * volume-status.status (io-enabled | + * io-performance).

                                          + *
                                          • + *
                                        • + *

                                          + * volume-status.details-status - The status of + * volume-status.details-name (for io-enabled: + * passed | failed; for io-performance: + * normal | degraded | severely-degraded | + * stalled).

                                          + *
                                          • + *
                                        • + *

                                          + * volume-status.status - The status of the volume (ok | + * impaired | warning | insufficient-data).

                                          *
                                          • *
                                        */ Filters?: Filter[]; /** - *

                                        The maximum number of results to return in a single call. To retrieve the remaining - * results, make another request with the returned NextToken value.

                                        + *

                                        The maximum number of volume results returned by DescribeVolumeStatus in + * paginated output. When this parameter is used, the request only returns + * MaxResults results in a single page along with a NextToken + * response element. The remaining results of the initial request can be seen by sending another + * request with the returned NextToken value. This value can be between 5 and 1,000; + * if MaxResults is given a value larger than 1,000, only 1,000 results are returned. + * If this parameter is not used, then DescribeVolumeStatus returns all results. You + * cannot specify this parameter and the volume IDs parameter in the same request.

                                        */ MaxResults?: number; /** - *

                                        The token to request the next page of results.

                                        + *

                                        The NextToken value to include in a future DescribeVolumeStatus + * request. When the results of the request exceed MaxResults, this value can be + * used to retrieve the next page of results. This value is null when there are no + * more results to return.

                                        */ NextToken?: string; + + /** + *

                                        The IDs of the volumes.

                                        + *

                                        Default: Describes all your volumes.

                                        + */ + VolumeIds?: string[]; + + /** + *

                                        Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                        + */ + DryRun?: boolean; } -export namespace DescribeVpcEndpointConnectionNotificationsRequest { +export namespace DescribeVolumeStatusRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVpcEndpointConnectionNotificationsRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeVolumeStatusRequest): any => ({ ...obj, }); } -export interface DescribeVpcEndpointConnectionNotificationsResult { +/** + *

                                        Describes a volume status operation code.

                                        + */ +export interface VolumeStatusAction { /** - *

                                        One or more notifications.

                                        + *

                                        The code identifying the operation, for example, enable-volume-io.

                                        */ - ConnectionNotificationSet?: ConnectionNotification[]; + Code?: string; /** - *

                                        The token to use to retrieve the next page of results. This value is - * null when there are no more results to return.

                                        + *

                                        A description of the operation.

                                        */ - NextToken?: string; -} + Description?: string; -export namespace DescribeVpcEndpointConnectionNotificationsResult { /** - * @internal + *

                                        The ID of the event associated with this operation.

                                        */ - export const filterSensitiveLog = (obj: DescribeVpcEndpointConnectionNotificationsResult): any => ({ - ...obj, - }); -} + EventId?: string; -export interface DescribeVpcEndpointConnectionsRequest { /** - *

                                        Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                        + *

                                        The event type associated with this operation.

                                        */ - DryRun?: boolean; + EventType?: string; +} +export namespace VolumeStatusAction { /** - *

                                        One or more filters.

                                        - *
                                          - *
                                        • - *

                                          - * service-id - The ID of the service.

                                          - *
                                          • - *
                                        • - *

                                          - * vpc-endpoint-owner - The AWS account number of the owner of the - * endpoint.

                                          - *
                                          • - *
                                        • - *

                                          - * vpc-endpoint-state - The state of the endpoint - * (pendingAcceptance | pending | - * available | deleting | deleted | - * rejected | failed).

                                          - *
                                          • - *
                                        • - *

                                          - * vpc-endpoint-id - The ID of the endpoint.

                                          - *
                                          • - *
                                        + * @internal */ - Filters?: Filter[]; + export const filterSensitiveLog = (obj: VolumeStatusAction): any => ({ + ...obj, + }); +} +/** + *

                                        Information about the instances to which the volume is attached.

                                        + */ +export interface VolumeStatusAttachmentStatus { /** - *

                                        The maximum number of results to return for the request in a single page. The remaining - * results of the initial request can be seen by sending another request with the returned - * NextToken value. This value can be between 5 and 1,000; if - * MaxResults is given a value larger than 1,000, only 1,000 results are - * returned.

                                        + *

                                        The maximum IOPS supported by the attached instance.

                                        */ - MaxResults?: number; + IoPerformance?: string; /** - *

                                        The token to retrieve the next page of results.

                                        + *

                                        The ID of the attached instance.

                                        */ - NextToken?: string; + InstanceId?: string; } -export namespace DescribeVpcEndpointConnectionsRequest { +export namespace VolumeStatusAttachmentStatus { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVpcEndpointConnectionsRequest): any => ({ + export const filterSensitiveLog = (obj: VolumeStatusAttachmentStatus): any => ({ ...obj, }); } /** - *

                                        Describes a VPC endpoint connection to a service.

                                        + *

                                        Describes a volume status event.

                                        */ -export interface VpcEndpointConnection { +export interface VolumeStatusEvent { /** - *

                                        The ID of the service to which the endpoint is connected.

                                        + *

                                        A description of the event.

                                        */ - ServiceId?: string; + Description?: string; /** - *

                                        The ID of the VPC endpoint.

                                        + *

                                        The ID of this event.

                                        */ - VpcEndpointId?: string; + EventId?: string; /** - *

                                        The AWS account ID of the owner of the VPC endpoint.

                                        + *

                                        The type of this event.

                                        */ - VpcEndpointOwner?: string; + EventType?: string; /** - *

                                        The state of the VPC endpoint.

                                        + *

                                        The latest end time of the event.

                                        */ - VpcEndpointState?: State | string; + NotAfter?: Date; /** - *

                                        The date and time that the VPC endpoint was created.

                                        + *

                                        The earliest start time of the event.

                                        */ - CreationTimestamp?: Date; + NotBefore?: Date; /** - *

                                        The DNS entries for the VPC endpoint.

                                        + *

                                        The ID of the instance associated with the event.

                                        */ - DnsEntries?: DnsEntry[]; + InstanceId?: string; +} +export namespace VolumeStatusEvent { /** - *

                                        The Amazon Resource Names (ARNs) of the network load balancers for the service.

                                        + * @internal */ - NetworkLoadBalancerArns?: string[]; + export const filterSensitiveLog = (obj: VolumeStatusEvent): any => ({ + ...obj, + }); +} +export type VolumeStatusName = "io-enabled" | "io-performance"; + +/** + *

                                        Describes a volume status.

                                        + */ +export interface VolumeStatusDetails { /** - *

                                        The Amazon Resource Names (ARNs) of the Gateway Load Balancers for the service.

                                        + *

                                        The name of the volume status.

                                        */ - GatewayLoadBalancerArns?: string[]; + Name?: VolumeStatusName | string; + + /** + *

                                        The intended status of the volume status.

                                        + */ + Status?: string; } -export namespace VpcEndpointConnection { +export namespace VolumeStatusDetails { /** * @internal */ - export const filterSensitiveLog = (obj: VpcEndpointConnection): any => ({ + export const filterSensitiveLog = (obj: VolumeStatusDetails): any => ({ ...obj, }); } -export interface DescribeVpcEndpointConnectionsResult { +export type VolumeStatusInfoStatus = "impaired" | "insufficient-data" | "ok"; + +/** + *

                                        Describes the status of a volume.

                                        + */ +export interface VolumeStatusInfo { /** - *

                                        Information about one or more VPC endpoint connections.

                                        + *

                                        The details of the volume status.

                                        */ - VpcEndpointConnections?: VpcEndpointConnection[]; + Details?: VolumeStatusDetails[]; /** - *

                                        The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                        + *

                                        The status of the volume.

                                        */ - NextToken?: string; + Status?: VolumeStatusInfoStatus | string; } -export namespace DescribeVpcEndpointConnectionsResult { +export namespace VolumeStatusInfo { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVpcEndpointConnectionsResult): any => ({ + export const filterSensitiveLog = (obj: VolumeStatusInfo): any => ({ ...obj, }); } /** - *

                                        Contains the parameters for DescribeVpcEndpoints.

                                        + *

                                        Describes the volume status.

                                        */ -export interface DescribeVpcEndpointsRequest { +export interface VolumeStatusItem { /** - *

                                        Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                        + *

                                        The details of the operation.

                                        */ - DryRun?: boolean; + Actions?: VolumeStatusAction[]; /** - *

                                        One or more endpoint IDs.

                                        + *

                                        The Availability Zone of the volume.

                                        */ - VpcEndpointIds?: string[]; + AvailabilityZone?: string; /** - *

                                        One or more filters.

                                        - *
                                          - *
                                        • - *

                                          - * service-name - The name of the service.

                                          - *
                                          • - *
                                        • - *

                                          - * vpc-id - The ID of the VPC in which the endpoint resides.

                                          - *
                                          • - *
                                        • - *

                                          - * vpc-endpoint-id - The ID of the endpoint.

                                          - *
                                          • - *
                                        • - *

                                          - * vpc-endpoint-state - The state of the endpoint - * (pendingAcceptance | pending | - * available | deleting | deleted | - * rejected | failed).

                                          - *
                                          • - *
                                        • - *

                                          - * vpc-endpoint-type - The type of VPC endpoint (Interface | Gateway | GatewayLoadBalancer).

                                          - *
                                          • - *
                                        • - *

                                          - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                                          - *
                                          • - *
                                        • - *

                                          - * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                                          - *
                                          • - *
                                        + *

                                        The Amazon Resource Name (ARN) of the Outpost.

                                        */ - Filters?: Filter[]; + OutpostArn?: string; /** - *

                                        The maximum number of items to return for this request. The request returns a token that you can specify in a subsequent call to get the next set of results.

                                        - *

                                        Constraint: If the value is greater than 1,000, we return only 1,000 items.

                                        + *

                                        A list of events associated with the volume.

                                        */ - MaxResults?: number; + Events?: VolumeStatusEvent[]; /** - *

                                        The token for the next set of items to return. (You received this token from a prior call.)

                                        + *

                                        The volume ID.

                                        */ - NextToken?: string; + VolumeId?: string; + + /** + *

                                        The volume status.

                                        + */ + VolumeStatus?: VolumeStatusInfo; + + /** + *

                                        Information about the instances to which the volume is attached.

                                        + */ + AttachmentStatuses?: VolumeStatusAttachmentStatus[]; } -export namespace DescribeVpcEndpointsRequest { +export namespace VolumeStatusItem { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVpcEndpointsRequest): any => ({ + export const filterSensitiveLog = (obj: VolumeStatusItem): any => ({ ...obj, }); } -/** - *

                                        Contains the output of DescribeVpcEndpoints.

                                        - */ -export interface DescribeVpcEndpointsResult { +export interface DescribeVolumeStatusResult { /** - *

                                        Information about the endpoints.

                                        + *

                                        The token to use to retrieve the next page of results. This value is null + * when there are no more results to return.

                                        */ - VpcEndpoints?: VpcEndpoint[]; + NextToken?: string; /** - *

                                        The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.

                                        + *

                                        Information about the status of the volumes.

                                        */ - NextToken?: string; + VolumeStatuses?: VolumeStatusItem[]; } -export namespace DescribeVpcEndpointsResult { +export namespace DescribeVolumeStatusResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVpcEndpointsResult): any => ({ + export const filterSensitiveLog = (obj: DescribeVolumeStatusResult): any => ({ ...obj, }); } -export interface DescribeVpcEndpointServiceConfigurationsRequest { +export type VpcAttributeName = "enableDnsHostnames" | "enableDnsSupport"; + +export interface DescribeVpcAttributeRequest { + /** + *

                                        The VPC attribute.

                                        + */ + Attribute: VpcAttributeName | string | undefined; + + /** + *

                                        The ID of the VPC.

                                        + */ + VpcId: string | undefined; + /** *

                                        Checks whether you have the required permissions for the action, without actually making the request, * and provides an error response. If you have the required permissions, the error response is DryRunOperation. * Otherwise, it is UnauthorizedOperation.

                                        */ DryRun?: boolean; +} +export namespace DescribeVpcAttributeRequest { /** - *

                                        The IDs of one or more services.

                                        + * @internal */ - ServiceIds?: string[]; + export const filterSensitiveLog = (obj: DescribeVpcAttributeRequest): any => ({ + ...obj, + }); +} + +export interface DescribeVpcAttributeResult { + /** + *

                                        The ID of the VPC.

                                        + */ + VpcId?: string; + + /** + *

                                        Indicates whether the instances launched in the VPC get DNS hostnames. + * If this attribute is true, instances in the VPC get DNS hostnames; + * otherwise, they do not.

                                        + */ + EnableDnsHostnames?: AttributeBooleanValue; + + /** + *

                                        Indicates whether DNS resolution is enabled for + * the VPC. If this attribute is true, the Amazon DNS server + * resolves DNS hostnames for your instances to their corresponding + * IP addresses; otherwise, it does not.

                                        + */ + EnableDnsSupport?: AttributeBooleanValue; +} + +export namespace DescribeVpcAttributeResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DescribeVpcAttributeResult): any => ({ + ...obj, + }); +} +export interface DescribeVpcClassicLinkRequest { /** *

                                        One or more filters.

                                        *
                                          *
                                        • *

                                          - * service-name - The name of the service.

                                          - *
                                          • - *
                                        • - *

                                          - * service-id - The ID of the service.

                                          - *
                                          • - *
                                        • - *

                                          - * service-state - The state of the service (Pending | - * Available | Deleting | Deleted | - * Failed).

                                          + * is-classic-link-enabled - Whether the VPC is enabled for ClassicLink + * (true | false).

                                          *
                                          • *
                                        • - *

                                          - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                                          + *

                                          + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. + * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                                          *
                                          • *
                                        • - *

                                          + *

                                          * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                                          *
                                          • *
                                        @@ -720,129 +882,145 @@ export interface DescribeVpcEndpointServiceConfigurationsRequest { Filters?: Filter[]; /** - *

                                        The maximum number of results to return for the request in a single page. The remaining - * results of the initial request can be seen by sending another request with the returned - * NextToken value. This value can be between 5 and 1,000; if - * MaxResults is given a value larger than 1,000, only 1,000 results are - * returned.

                                        + *

                                        Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                        */ - MaxResults?: number; + DryRun?: boolean; /** - *

                                        The token to retrieve the next page of results.

                                        + *

                                        One or more VPCs for which you want to describe the ClassicLink status.

                                        */ - NextToken?: string; + VpcIds?: string[]; } -export namespace DescribeVpcEndpointServiceConfigurationsRequest { +export namespace DescribeVpcClassicLinkRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVpcEndpointServiceConfigurationsRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeVpcClassicLinkRequest): any => ({ ...obj, }); } -export interface DescribeVpcEndpointServiceConfigurationsResult { +/** + *

                                        Describes whether a VPC is enabled for ClassicLink.

                                        + */ +export interface VpcClassicLink { /** - *

                                        Information about one or more services.

                                        + *

                                        Indicates whether the VPC is enabled for ClassicLink.

                                        */ - ServiceConfigurations?: ServiceConfiguration[]; + ClassicLinkEnabled?: boolean; /** - *

                                        The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                        + *

                                        Any tags assigned to the VPC.

                                        */ - NextToken?: string; + Tags?: Tag[]; + + /** + *

                                        The ID of the VPC.

                                        + */ + VpcId?: string; } -export namespace DescribeVpcEndpointServiceConfigurationsResult { +export namespace VpcClassicLink { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVpcEndpointServiceConfigurationsResult): any => ({ + export const filterSensitiveLog = (obj: VpcClassicLink): any => ({ ...obj, }); } -export interface DescribeVpcEndpointServicePermissionsRequest { +export interface DescribeVpcClassicLinkResult { /** - *

                                        Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                        + *

                                        The ClassicLink status of one or more VPCs.

                                        */ - DryRun?: boolean; + Vpcs?: VpcClassicLink[]; +} +export namespace DescribeVpcClassicLinkResult { /** - *

                                        The ID of the service.

                                        + * @internal */ - ServiceId: string | undefined; + export const filterSensitiveLog = (obj: DescribeVpcClassicLinkResult): any => ({ + ...obj, + }); +} +export interface DescribeVpcClassicLinkDnsSupportRequest { /** - *

                                        One or more filters.

                                        - *
                                          - *
                                        • - *

                                          - * principal - The ARN of the principal.

                                          - *
                                          • - *
                                        • - *

                                          - * principal-type - The principal type (All | - * Service | OrganizationUnit | Account - * | User | Role).

                                          - *
                                          • - *
                                        + *

                                        The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                                        */ - Filters?: Filter[]; + MaxResults?: number; /** - *

                                        The maximum number of results to return for the request in a single page. The remaining - * results of the initial request can be seen by sending another request with the returned - * NextToken value. This value can be between 5 and 1,000; if - * MaxResults is given a value larger than 1,000, only 1,000 results are - * returned.

                                        + *

                                        The token for the next page of results.

                                        */ - MaxResults?: number; + NextToken?: string; /** - *

                                        The token to retrieve the next page of results.

                                        + *

                                        One or more VPC IDs.

                                        */ - NextToken?: string; + VpcIds?: string[]; } -export namespace DescribeVpcEndpointServicePermissionsRequest { +export namespace DescribeVpcClassicLinkDnsSupportRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVpcEndpointServicePermissionsRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeVpcClassicLinkDnsSupportRequest): any => ({ ...obj, }); } -export interface DescribeVpcEndpointServicePermissionsResult { +/** + *

                                        Describes the ClassicLink DNS support status of a VPC.

                                        + */ +export interface ClassicLinkDnsSupport { /** - *

                                        Information about one or more allowed principals.

                                        + *

                                        Indicates whether ClassicLink DNS support is enabled for the VPC.

                                        */ - AllowedPrincipals?: AllowedPrincipal[]; + ClassicLinkDnsSupported?: boolean; + /** + *

                                        The ID of the VPC.

                                        + */ + VpcId?: string; +} + +export namespace ClassicLinkDnsSupport { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ClassicLinkDnsSupport): any => ({ + ...obj, + }); +} + +export interface DescribeVpcClassicLinkDnsSupportResult { /** *

                                        The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                        */ NextToken?: string; + + /** + *

                                        Information about the ClassicLink DNS support status of the VPCs.

                                        + */ + Vpcs?: ClassicLinkDnsSupport[]; } -export namespace DescribeVpcEndpointServicePermissionsResult { +export namespace DescribeVpcClassicLinkDnsSupportResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVpcEndpointServicePermissionsResult): any => ({ + export const filterSensitiveLog = (obj: DescribeVpcClassicLinkDnsSupportResult): any => ({ ...obj, }); } -/** - *

                                        Contains the parameters for DescribeVpcEndpointServices.

                                        - */ -export interface DescribeVpcEndpointServicesRequest { +export interface DescribeVpcEndpointConnectionNotificationsRequest { /** *

                                        Checks whether you have the required permissions for the action, without actually making the request, * and provides an error response. If you have the required permissions, the error response is DryRunOperation. @@ -851,423 +1029,392 @@ export interface DescribeVpcEndpointServicesRequest { DryRun?: boolean; /** - *

                                        One or more service names.

                                        + *

                                        The ID of the notification.

                                        */ - ServiceNames?: string[]; + ConnectionNotificationId?: string; /** *

                                        One or more filters.

                                        *
                                          *
                                        • *

                                          - * service-name - The name of the service.

                                          + * connection-notification-arn - The ARN of the SNS topic for the + * notification.

                                          *
                                          • *
                                        • *

                                          - * service-type - The type of service (Interface | - * Gateway).

                                          + * connection-notification-id - The ID of the + * notification.

                                          *
                                          • *
                                        • - *

                                          - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                                          - *
                                          • + *

                                          + * connection-notification-state - The state of the notification + * (Enabled | Disabled).

                                          + * *
                                        • - *

                                          - * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                                          - *
                                          • + *

                                          + * connection-notification-type - The type of notification + * (Topic).

                                          + * + *
                                        • + *

                                          + * service-id - The ID of the endpoint service.

                                          + *
                                          • + *
                                        • + *

                                          + * vpc-endpoint-id - The ID of the VPC endpoint.

                                          + *
                                          • *
                                        */ Filters?: Filter[]; /** - *

                                        The maximum number of items to return for this request. The request returns a token that you can specify in a subsequent call to get the next set of results.

                                        - *

                                        Constraint: If the value is greater than 1,000, we return only 1,000 items.

                                        + *

                                        The maximum number of results to return in a single call. To retrieve the remaining + * results, make another request with the returned NextToken value.

                                        */ MaxResults?: number; /** - *

                                        The token for the next set of items to return. (You received this token from a prior call.)

                                        + *

                                        The token to request the next page of results.

                                        */ NextToken?: string; } -export namespace DescribeVpcEndpointServicesRequest { +export namespace DescribeVpcEndpointConnectionNotificationsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVpcEndpointServicesRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeVpcEndpointConnectionNotificationsRequest): any => ({ ...obj, }); } -/** - *

                                        Information about the Private DNS name for interface endpoints.

                                        - */ -export interface PrivateDnsDetails { +export interface DescribeVpcEndpointConnectionNotificationsResult { /** - *

                                        The private DNS name assigned to the VPC endpoint service.

                                        + *

                                        One or more notifications.

                                        */ - PrivateDnsName?: string; + ConnectionNotificationSet?: ConnectionNotification[]; + + /** + *

                                        The token to use to retrieve the next page of results. This value is + * null when there are no more results to return.

                                        + */ + NextToken?: string; } -export namespace PrivateDnsDetails { +export namespace DescribeVpcEndpointConnectionNotificationsResult { /** * @internal */ - export const filterSensitiveLog = (obj: PrivateDnsDetails): any => ({ + export const filterSensitiveLog = (obj: DescribeVpcEndpointConnectionNotificationsResult): any => ({ ...obj, }); } -/** - *

                                        Describes a VPC endpoint service.

                                        - */ -export interface ServiceDetail { +export interface DescribeVpcEndpointConnectionsRequest { /** - *

                                        The Amazon Resource Name (ARN) of the service.

                                        + *

                                        Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                        */ - ServiceName?: string; + DryRun?: boolean; /** - *

                                        The ID of the endpoint service.

                                        + *

                                        One or more filters.

                                        + *
                                          + *
                                        • + *

                                          + * service-id - The ID of the service.

                                          + *
                                          • + *
                                        • + *

                                          + * vpc-endpoint-owner - The AWS account number of the owner of the + * endpoint.

                                          + *
                                          • + *
                                        • + *

                                          + * vpc-endpoint-state - The state of the endpoint + * (pendingAcceptance | pending | + * available | deleting | deleted | + * rejected | failed).

                                          + *
                                          • + *
                                        • + *

                                          + * vpc-endpoint-id - The ID of the endpoint.

                                          + *
                                          • + *
                                        */ - ServiceId?: string; + Filters?: Filter[]; /** - *

                                        The type of service.

                                        + *

                                        The maximum number of results to return for the request in a single page. The remaining + * results of the initial request can be seen by sending another request with the returned + * NextToken value. This value can be between 5 and 1,000; if + * MaxResults is given a value larger than 1,000, only 1,000 results are + * returned.

                                        */ - ServiceType?: ServiceTypeDetail[]; + MaxResults?: number; /** - *

                                        The Availability Zones in which the service is available.

                                        + *

                                        The token to retrieve the next page of results.

                                        */ - AvailabilityZones?: string[]; + NextToken?: string; +} +export namespace DescribeVpcEndpointConnectionsRequest { /** - *

                                        The AWS account ID of the service owner.

                                        + * @internal */ - Owner?: string; + export const filterSensitiveLog = (obj: DescribeVpcEndpointConnectionsRequest): any => ({ + ...obj, + }); +} +/** + *

                                        Describes a VPC endpoint connection to a service.

                                        + */ +export interface VpcEndpointConnection { /** - *

                                        The DNS names for the service.

                                        + *

                                        The ID of the service to which the endpoint is connected.

                                        */ - BaseEndpointDnsNames?: string[]; + ServiceId?: string; /** - *

                                        The private DNS name for the service.

                                        + *

                                        The ID of the VPC endpoint.

                                        */ - PrivateDnsName?: string; + VpcEndpointId?: string; /** - *

                                        The private DNS names assigned to the VPC endpoint service.

                                        + *

                                        The AWS account ID of the owner of the VPC endpoint.

                                        */ - PrivateDnsNames?: PrivateDnsDetails[]; + VpcEndpointOwner?: string; /** - *

                                        Indicates whether the service supports endpoint policies.

                                        + *

                                        The state of the VPC endpoint.

                                        */ - VpcEndpointPolicySupported?: boolean; + VpcEndpointState?: State | string; /** - *

                                        Indicates whether VPC endpoint connection requests to the service must be accepted by the service owner.

                                        + *

                                        The date and time that the VPC endpoint was created.

                                        */ - AcceptanceRequired?: boolean; + CreationTimestamp?: Date; /** - *

                                        Indicates whether the service manages its VPC endpoints. Management of the service VPC - * endpoints using the VPC endpoint API is restricted.

                                        + *

                                        The DNS entries for the VPC endpoint.

                                        */ - ManagesVpcEndpoints?: boolean; + DnsEntries?: DnsEntry[]; /** - *

                                        Any tags assigned to the service.

                                        + *

                                        The Amazon Resource Names (ARNs) of the network load balancers for the service.

                                        */ - Tags?: Tag[]; + NetworkLoadBalancerArns?: string[]; /** - *

                                        The verification state of the VPC endpoint service.

                                        - *

                                        Consumers of the endpoint service cannot use the private name when the state is not verified.

                                        + *

                                        The Amazon Resource Names (ARNs) of the Gateway Load Balancers for the service.

                                        */ - PrivateDnsNameVerificationState?: DnsNameState | string; + GatewayLoadBalancerArns?: string[]; } -export namespace ServiceDetail { +export namespace VpcEndpointConnection { /** * @internal */ - export const filterSensitiveLog = (obj: ServiceDetail): any => ({ + export const filterSensitiveLog = (obj: VpcEndpointConnection): any => ({ ...obj, }); } -/** - *

                                        Contains the output of DescribeVpcEndpointServices.

                                        - */ -export interface DescribeVpcEndpointServicesResult { - /** - *

                                        A list of supported services.

                                        - */ - ServiceNames?: string[]; - +export interface DescribeVpcEndpointConnectionsResult { /** - *

                                        Information about the service.

                                        + *

                                        Information about one or more VPC endpoint connections.

                                        */ - ServiceDetails?: ServiceDetail[]; + VpcEndpointConnections?: VpcEndpointConnection[]; /** - *

                                        The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.

                                        + *

                                        The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                        */ NextToken?: string; } -export namespace DescribeVpcEndpointServicesResult { +export namespace DescribeVpcEndpointConnectionsResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVpcEndpointServicesResult): any => ({ + export const filterSensitiveLog = (obj: DescribeVpcEndpointConnectionsResult): any => ({ ...obj, }); } -export interface DescribeVpcPeeringConnectionsRequest { +/** + *

                                        Contains the parameters for DescribeVpcEndpoints.

                                        + */ +export interface DescribeVpcEndpointsRequest { + /** + *

                                        Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                        + */ + DryRun?: boolean; + + /** + *

                                        One or more endpoint IDs.

                                        + */ + VpcEndpointIds?: string[]; + /** *

                                        One or more filters.

                                        - *
                                          - *
                                        • - *

                                          - * accepter-vpc-info.cidr-block - The IPv4 CIDR block of the accepter - * VPC.

                                          - *
                                          • - *
                                        • - *

                                          - * accepter-vpc-info.owner-id - The ID of the Amazon Web Services account that owns the - * accepter VPC.

                                          - *
                                          • - *
                                        • - *

                                          - * accepter-vpc-info.vpc-id - The ID of the accepter VPC.

                                          - *
                                          • - *
                                        • - *

                                          - * expiration-time - The expiration date and time for the VPC peering - * connection.

                                          - *
                                          • + *
                                            *
                                          • - *

                                            - * requester-vpc-info.cidr-block - The IPv4 CIDR block of the - * requester's VPC.

                                            + *

                                            + * service-name - The name of the service.

                                            *
                                            • *
                                          • - *

                                            - * requester-vpc-info.owner-id - The ID of the Amazon Web Services account that owns the - * requester VPC.

                                            + *

                                            + * vpc-id - The ID of the VPC in which the endpoint resides.

                                            *
                                            • *
                                          • - *

                                            - * requester-vpc-info.vpc-id - The ID of the requester VPC.

                                            + *

                                            + * vpc-endpoint-id - The ID of the endpoint.

                                            *
                                            • *
                                          • - *

                                            - * status-code - The status of the VPC peering connection - * (pending-acceptance | failed | - * expired | provisioning | active | - * deleting | deleted | - * rejected).

                                            + *

                                            + * vpc-endpoint-state - The state of the endpoint + * (pendingAcceptance | pending | + * available | deleting | deleted | + * rejected | failed).

                                            *
                                            • *
                                          • - *

                                            - * status-message - A message that provides more information about the status - * of the VPC peering connection, if applicable.

                                            + *

                                            + * vpc-endpoint-type - The type of VPC endpoint (Interface | Gateway | GatewayLoadBalancer).

                                            *
                                            • *
                                          • - *

                                            - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. - * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                                            - *
                                            • + *

                                            + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                                            + * *
                                          • - *

                                            + *

                                            * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                                            - *
                                            • - *
                                          • - *

                                            - * vpc-peering-connection-id - The ID of the VPC peering connection.

                                            - *
                                            • + * *
                                          */ Filters?: Filter[]; /** - *

                                          Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                          - */ - DryRun?: boolean; - - /** - *

                                          One or more VPC peering connection IDs.

                                          - *

                                          Default: Describes all your VPC peering connections.

                                          + *

                                          The maximum number of items to return for this request. The request returns a token that you can specify in a subsequent call to get the next set of results.

                                          + *

                                          Constraint: If the value is greater than 1,000, we return only 1,000 items.

                                          */ - VpcPeeringConnectionIds?: string[]; + MaxResults?: number; /** - *

                                          The token for the next page of results.

                                          + *

                                          The token for the next set of items to return. (You received this token from a prior call.)

                                          */ NextToken?: string; - - /** - *

                                          The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

                                          - */ - MaxResults?: number; } -export namespace DescribeVpcPeeringConnectionsRequest { +export namespace DescribeVpcEndpointsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVpcPeeringConnectionsRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeVpcEndpointsRequest): any => ({ ...obj, }); } -export interface DescribeVpcPeeringConnectionsResult { +/** + *

                                          Contains the output of DescribeVpcEndpoints.

                                          + */ +export interface DescribeVpcEndpointsResult { /** - *

                                          Information about the VPC peering connections.

                                          + *

                                          Information about the endpoints.

                                          */ - VpcPeeringConnections?: VpcPeeringConnection[]; + VpcEndpoints?: VpcEndpoint[]; /** - *

                                          The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                          + *

                                          The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.

                                          */ NextToken?: string; } -export namespace DescribeVpcPeeringConnectionsResult { +export namespace DescribeVpcEndpointsResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVpcPeeringConnectionsResult): any => ({ + export const filterSensitiveLog = (obj: DescribeVpcEndpointsResult): any => ({ ...obj, }); } -export interface DescribeVpcsRequest { +export interface DescribeVpcEndpointServiceConfigurationsRequest { + /** + *

                                          Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                          + */ + DryRun?: boolean; + + /** + *

                                          The IDs of one or more services.

                                          + */ + ServiceIds?: string[]; + /** *

                                          One or more filters.

                                          - *
                                            - *
                                          • - *

                                            - * cidr - The primary IPv4 CIDR block of the VPC. The CIDR block you - * specify must exactly match the VPC's CIDR block for information to be returned - * for the VPC. Must contain the slash followed by one or two digits (for example, - * /28).

                                            - *
                                            • - *
                                          • - *

                                            - * cidr-block-association.cidr-block - An IPv4 CIDR block associated with the - * VPC.

                                            - *
                                            • - *
                                          • - *

                                            - * cidr-block-association.association-id - The association ID for - * an IPv4 CIDR block associated with the VPC.

                                            - *
                                            • - *
                                          • - *

                                            - * cidr-block-association.state - The state of an IPv4 CIDR block - * associated with the VPC.

                                            - *
                                            • - *
                                          • - *

                                            - * dhcp-options-id - The ID of a set of DHCP options.

                                            - *
                                            • - *
                                          • - *

                                            - * ipv6-cidr-block-association.ipv6-cidr-block - An IPv6 CIDR - * block associated with the VPC.

                                            - *
                                            • - *
                                          • - *

                                            - * ipv6-cidr-block-association.ipv6-pool - The ID of the IPv6 address pool from which the IPv6 CIDR block is allocated.

                                            - *
                                            • - *
                                          • - *

                                            - * ipv6-cidr-block-association.association-id - The association - * ID for an IPv6 CIDR block associated with the VPC.

                                            - *
                                            • - *
                                          • - *

                                            - * ipv6-cidr-block-association.state - The state of an IPv6 CIDR - * block associated with the VPC.

                                            - *
                                            • + *
                                              *
                                            • - *

                                              - * is-default - Indicates whether the VPC is the default VPC.

                                              - *
                                              • + *

                                              + * service-name - The name of the service.

                                              + * *
                                            • - *

                                              - * owner-id - The ID of the Amazon Web Services account that owns the VPC.

                                              - *
                                              • + *

                                              + * service-id - The ID of the service.

                                              + * *
                                            • - *

                                              - * state - The state of the VPC (pending | available).

                                              - *
                                              • + *

                                              + * service-state - The state of the service (Pending | + * Available | Deleting | Deleted | + * Failed).

                                              + * *
                                            • - *

                                              - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. - * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                                              - *
                                              • + *

                                              + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                                              + * *
                                            • - *

                                              + *

                                              * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                                              - *
                                              • - *
                                            • - *

                                              - * vpc-id - The ID of the VPC.

                                              - *
                                              • + * *
                                            */ Filters?: Filter[]; /** - *

                                            One or more VPC IDs.

                                            - *

                                            Default: Describes all your VPCs.

                                            - */ - VpcIds?: string[]; - - /** - *

                                            Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                            + *

                                            The maximum number of results to return for the request in a single page. The remaining + * results of the initial request can be seen by sending another request with the returned + * NextToken value. This value can be between 5 and 1,000; if + * MaxResults is given a value larger than 1,000, only 1,000 results are + * returned.

                                            */ - DryRun?: boolean; + MaxResults?: number; /** - *

                                            The token for the next page of results.

                                            + *

                                            The token to retrieve the next page of results.

                                            */ NextToken?: string; - - /** - *

                                            The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

                                            - */ - MaxResults?: number; } -export namespace DescribeVpcsRequest { +export namespace DescribeVpcEndpointServiceConfigurationsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVpcsRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeVpcEndpointServiceConfigurationsRequest): any => ({ ...obj, }); } -export interface DescribeVpcsResult { +export interface DescribeVpcEndpointServiceConfigurationsResult { /** - *

                                            Information about one or more VPCs.

                                            + *

                                            Information about one or more services.

                                            */ - Vpcs?: Vpc[]; + ServiceConfigurations?: ServiceConfiguration[]; /** *

                                            The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                            @@ -1275,829 +1422,709 @@ export interface DescribeVpcsResult { NextToken?: string; } -export namespace DescribeVpcsResult { +export namespace DescribeVpcEndpointServiceConfigurationsResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVpcsResult): any => ({ + export const filterSensitiveLog = (obj: DescribeVpcEndpointServiceConfigurationsResult): any => ({ ...obj, }); } -/** - *

                                            Contains the parameters for DescribeVpnConnections.

                                            - */ -export interface DescribeVpnConnectionsRequest { +export interface DescribeVpcEndpointServicePermissionsRequest { + /** + *

                                            Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                            + */ + DryRun?: boolean; + + /** + *

                                            The ID of the service.

                                            + */ + ServiceId: string | undefined; + /** *

                                            One or more filters.

                                            - *
                                              - *
                                            • - *

                                              - * customer-gateway-configuration - The configuration information - * for the customer gateway.

                                              - *
                                              • - *
                                            • - *

                                              - * customer-gateway-id - The ID of a customer gateway associated - * with the VPN connection.

                                              - *
                                              • - *
                                            • - *

                                              - * state - The state of the VPN connection (pending | - * available | deleting | - * deleted).

                                              - *
                                              • - *
                                            • - *

                                              - * option.static-routes-only - Indicates whether the connection has - * static routes only. Used for devices that do not support Border Gateway Protocol - * (BGP).

                                              - *
                                              • - *
                                            • - *

                                              - * route.destination-cidr-block - The destination CIDR block. This - * corresponds to the subnet used in a customer data center.

                                              - *
                                              • - *
                                            • - *

                                              - * bgp-asn - The BGP Autonomous System Number (ASN) associated with - * a BGP device.

                                              - *
                                              • - *
                                            • - *

                                              - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. - * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                                              - *
                                              • - *
                                            • - *

                                              - * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                                              - *
                                              • - *
                                            • - *

                                              - * type - The type of VPN connection. Currently the only supported - * type is ipsec.1.

                                              - *
                                              • - *
                                            • - *

                                              - * vpn-connection-id - The ID of the VPN connection.

                                              - *
                                              • + *
                                                *
                                              • - *

                                                - * vpn-gateway-id - The ID of a virtual private gateway associated - * with the VPN connection.

                                                - *
                                                • + *

                                                + * principal - The ARN of the principal.

                                                + * *
                                              • - *

                                                - * transit-gateway-id - The ID of a transit gateway associated with - * the VPN connection.

                                                - *
                                                • + *

                                                + * principal-type - The principal type (All | + * Service | OrganizationUnit | Account + * | User | Role).

                                                + * *
                                              */ Filters?: Filter[]; /** - *

                                              One or more VPN connection IDs.

                                              - *

                                              Default: Describes your VPN connections.

                                              + *

                                              The maximum number of results to return for the request in a single page. The remaining + * results of the initial request can be seen by sending another request with the returned + * NextToken value. This value can be between 5 and 1,000; if + * MaxResults is given a value larger than 1,000, only 1,000 results are + * returned.

                                              */ - VpnConnectionIds?: string[]; + MaxResults?: number; /** - *

                                              Checks whether you have the required permissions for the action, without actually - * making the request, and provides an error response. If you have the required - * permissions, the error response is DryRunOperation. Otherwise, it is - * UnauthorizedOperation.

                                              + *

                                              The token to retrieve the next page of results.

                                              */ - DryRun?: boolean; + NextToken?: string; } -export namespace DescribeVpnConnectionsRequest { +export namespace DescribeVpcEndpointServicePermissionsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVpnConnectionsRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeVpcEndpointServicePermissionsRequest): any => ({ ...obj, }); } -/** - *

                                              Contains the output of DescribeVpnConnections.

                                              - */ -export interface DescribeVpnConnectionsResult { +export interface DescribeVpcEndpointServicePermissionsResult { /** - *

                                              Information about one or more VPN connections.

                                              + *

                                              Information about one or more allowed principals.

                                              */ - VpnConnections?: VpnConnection[]; + AllowedPrincipals?: AllowedPrincipal[]; + + /** + *

                                              The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                              + */ + NextToken?: string; } -export namespace DescribeVpnConnectionsResult { +export namespace DescribeVpcEndpointServicePermissionsResult { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVpnConnectionsResult): any => ({ + export const filterSensitiveLog = (obj: DescribeVpcEndpointServicePermissionsResult): any => ({ ...obj, }); } /** - *

                                              Contains the parameters for DescribeVpnGateways.

                                              + *

                                              Contains the parameters for DescribeVpcEndpointServices.

                                              */ -export interface DescribeVpnGatewaysRequest { +export interface DescribeVpcEndpointServicesRequest { + /** + *

                                              Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                              + */ + DryRun?: boolean; + + /** + *

                                              One or more service names.

                                              + */ + ServiceNames?: string[]; + /** *

                                              One or more filters.

                                              *
                                                *
                                              • *

                                                - * amazon-side-asn - The Autonomous System Number (ASN) for the - * Amazon side of the gateway.

                                                - *
                                                • - *
                                              • - *

                                                - * attachment.state - The current state of the attachment between - * the gateway and the VPC (attaching | attached | - * detaching | detached).

                                                - *
                                                • - *
                                              • - *

                                                - * attachment.vpc-id - The ID of an attached VPC.

                                                - *
                                                • - *
                                              • - *

                                                - * availability-zone - The Availability Zone for the virtual private - * gateway (if applicable).

                                                + * service-name - The name of the service.

                                                *
                                                • *
                                              • *

                                                - * state - The state of the virtual private gateway - * (pending | available | deleting | - * deleted).

                                                + * service-type - The type of service (Interface | + * Gateway).

                                                *
                                                • *
                                              • - *

                                                - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. - * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                                                - *
                                                • + *

                                                + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                                                + * *
                                              • - *

                                                + *

                                                * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                                                - *
                                                • - *
                                              • - *

                                                - * type - The type of virtual private gateway. Currently the only - * supported type is ipsec.1.

                                                - *
                                                • - *
                                              • - *

                                                - * vpn-gateway-id - The ID of the virtual private gateway.

                                                - *
                                                • + * *
                                              */ Filters?: Filter[]; /** - *

                                              One or more virtual private gateway IDs.

                                              - *

                                              Default: Describes all your virtual private gateways.

                                              + *

                                              The maximum number of items to return for this request. The request returns a token that you can specify in a subsequent call to get the next set of results.

                                              + *

                                              Constraint: If the value is greater than 1,000, we return only 1,000 items.

                                              */ - VpnGatewayIds?: string[]; + MaxResults?: number; /** - *

                                              Checks whether you have the required permissions for the action, without actually - * making the request, and provides an error response. If you have the required - * permissions, the error response is DryRunOperation. Otherwise, it is - * UnauthorizedOperation.

                                              + *

                                              The token for the next set of items to return. (You received this token from a prior call.)

                                              */ - DryRun?: boolean; + NextToken?: string; } -export namespace DescribeVpnGatewaysRequest { +export namespace DescribeVpcEndpointServicesRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVpnGatewaysRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeVpcEndpointServicesRequest): any => ({ ...obj, }); } /** - *

                                              Contains the output of DescribeVpnGateways.

                                              + *

                                              Information about the Private DNS name for interface endpoints.

                                              */ -export interface DescribeVpnGatewaysResult { +export interface PrivateDnsDetails { /** - *

                                              Information about one or more virtual private gateways.

                                              + *

                                              The private DNS name assigned to the VPC endpoint service.

                                              */ - VpnGateways?: VpnGateway[]; + PrivateDnsName?: string; } -export namespace DescribeVpnGatewaysResult { +export namespace PrivateDnsDetails { /** * @internal */ - export const filterSensitiveLog = (obj: DescribeVpnGatewaysResult): any => ({ + export const filterSensitiveLog = (obj: PrivateDnsDetails): any => ({ ...obj, }); } -export interface DetachClassicLinkVpcRequest { +/** + *

                                              Describes a VPC endpoint service.

                                              + */ +export interface ServiceDetail { /** - *

                                              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                              + *

                                              The Amazon Resource Name (ARN) of the service.

                                              */ - DryRun?: boolean; + ServiceName?: string; /** - *

                                              The ID of the instance to unlink from the VPC.

                                              + *

                                              The ID of the endpoint service.

                                              */ - InstanceId: string | undefined; + ServiceId?: string; /** - *

                                              The ID of the VPC to which the instance is linked.

                                              + *

                                              The type of service.

                                              */ - VpcId: string | undefined; -} + ServiceType?: ServiceTypeDetail[]; -export namespace DetachClassicLinkVpcRequest { /** - * @internal + *

                                              The Availability Zones in which the service is available.

                                              */ - export const filterSensitiveLog = (obj: DetachClassicLinkVpcRequest): any => ({ - ...obj, - }); -} + AvailabilityZones?: string[]; -export interface DetachClassicLinkVpcResult { /** - *

                                              Returns true if the request succeeds; otherwise, it returns an error.

                                              + *

                                              The AWS account ID of the service owner.

                                              */ - Return?: boolean; -} + Owner?: string; -export namespace DetachClassicLinkVpcResult { /** - * @internal + *

                                              The DNS names for the service.

                                              */ - export const filterSensitiveLog = (obj: DetachClassicLinkVpcResult): any => ({ - ...obj, - }); -} + BaseEndpointDnsNames?: string[]; -export interface DetachInternetGatewayRequest { /** - *

                                              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                              + *

                                              The private DNS name for the service.

                                              */ - DryRun?: boolean; + PrivateDnsName?: string; /** - *

                                              The ID of the internet gateway.

                                              + *

                                              The private DNS names assigned to the VPC endpoint service.

                                              */ - InternetGatewayId: string | undefined; + PrivateDnsNames?: PrivateDnsDetails[]; /** - *

                                              The ID of the VPC.

                                              + *

                                              Indicates whether the service supports endpoint policies.

                                              */ - VpcId: string | undefined; -} + VpcEndpointPolicySupported?: boolean; -export namespace DetachInternetGatewayRequest { /** - * @internal + *

                                              Indicates whether VPC endpoint connection requests to the service must be accepted by the service owner.

                                              */ - export const filterSensitiveLog = (obj: DetachInternetGatewayRequest): any => ({ - ...obj, - }); -} + AcceptanceRequired?: boolean; -/** - *

                                              Contains the parameters for DetachNetworkInterface.

                                              - */ -export interface DetachNetworkInterfaceRequest { /** - *

                                              The ID of the attachment.

                                              + *

                                              Indicates whether the service manages its VPC endpoints. Management of the service VPC + * endpoints using the VPC endpoint API is restricted.

                                              */ - AttachmentId: string | undefined; + ManagesVpcEndpoints?: boolean; /** - *

                                              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                              + *

                                              Any tags assigned to the service.

                                              */ - DryRun?: boolean; + Tags?: Tag[]; /** - *

                                              Specifies whether to force a detachment.

                                              - * - *
                                                - *
                                              • - *

                                                Use the Force parameter only as a last resort to detach a network interface from a failed instance.

                                                - *
                                                • - *
                                              • - *

                                                If you use the Force parameter to detach a network interface, you might not be able to attach a different network interface to the same index on the instance without first stopping and starting the instance.

                                                - *
                                                • - *
                                              • - *

                                                If you force the detachment of a network interface, the instance metadata - * might not get updated. This means that the attributes associated - * with the detached network interface might still be visible. The - * instance metadata will get updated when you stop and start the - * instance.

                                                - *
                                                • - *
                                              - *                                               + *

                                              The verification state of the VPC endpoint service.

                                              + *

                                              Consumers of the endpoint service cannot use the private name when the state is not verified.

                                              */ - Force?: boolean; + PrivateDnsNameVerificationState?: DnsNameState | string; } -export namespace DetachNetworkInterfaceRequest { +export namespace ServiceDetail { /** * @internal */ - export const filterSensitiveLog = (obj: DetachNetworkInterfaceRequest): any => ({ + export const filterSensitiveLog = (obj: ServiceDetail): any => ({ ...obj, }); } -export interface DetachVolumeRequest { - /** - *

                                              The device name.

                                              - */ - Device?: string; - - /** - *

                                              Forces detachment if the previous detachment attempt did not occur cleanly (for example, - * logging into an instance, unmounting the volume, and detaching normally). This option can lead - * to data loss or a corrupted file system. Use this option only as a last resort to detach a - * volume from a failed instance. The instance won't have an opportunity to flush file system - * caches or file system metadata. If you use this option, you must perform file system check and - * repair procedures.

                                              - */ - Force?: boolean; - +/** + *

                                              Contains the output of DescribeVpcEndpointServices.

                                              + */ +export interface DescribeVpcEndpointServicesResult { /** - *

                                              The ID of the instance. If you are detaching a Multi-Attach enabled volume, you must specify an instance ID.

                                              + *

                                              A list of supported services.

                                              */ - InstanceId?: string; + ServiceNames?: string[]; /** - *

                                              The ID of the volume.

                                              + *

                                              Information about the service.

                                              */ - VolumeId: string | undefined; + ServiceDetails?: ServiceDetail[]; /** - *

                                              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                              + *

                                              The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.

                                              */ - DryRun?: boolean; + NextToken?: string; } -export namespace DetachVolumeRequest { +export namespace DescribeVpcEndpointServicesResult { /** * @internal */ - export const filterSensitiveLog = (obj: DetachVolumeRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeVpcEndpointServicesResult): any => ({ ...obj, }); } -/** - *

                                              Contains the parameters for DetachVpnGateway.

                                              - */ -export interface DetachVpnGatewayRequest { - /** - *

                                              The ID of the VPC.

                                              - */ - VpcId: string | undefined; - - /** - *

                                              The ID of the virtual private gateway.

                                              - */ - VpnGatewayId: string | undefined; - +export interface DescribeVpcPeeringConnectionsRequest { /** - *

                                              Checks whether you have the required permissions for the action, without actually - * making the request, and provides an error response. If you have the required - * permissions, the error response is DryRunOperation. Otherwise, it is - * UnauthorizedOperation.

                                              - */ - DryRun?: boolean; -} - -export namespace DetachVpnGatewayRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DetachVpnGatewayRequest): any => ({ - ...obj, - }); -} - -export interface DisableEbsEncryptionByDefaultRequest { - /** - *

                                              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                              - */ - DryRun?: boolean; -} - -export namespace DisableEbsEncryptionByDefaultRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DisableEbsEncryptionByDefaultRequest): any => ({ - ...obj, - }); -} - -export interface DisableEbsEncryptionByDefaultResult { - /** - *

                                              The updated status of encryption by default.

                                              - */ - EbsEncryptionByDefault?: boolean; -} - -export namespace DisableEbsEncryptionByDefaultResult { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DisableEbsEncryptionByDefaultResult): any => ({ - ...obj, - }); -} - -export interface DisableFastSnapshotRestoresRequest { - /** - *

                                              One or more Availability Zones. For example, us-east-2a.

                                              - */ - AvailabilityZones: string[] | undefined; - - /** - *

                                              The IDs of one or more snapshots. For example, snap-1234567890abcdef0.

                                              - */ - SourceSnapshotIds: string[] | undefined; - - /** - *

                                              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                              - */ - DryRun?: boolean; -} - -export namespace DisableFastSnapshotRestoresRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DisableFastSnapshotRestoresRequest): any => ({ - ...obj, - }); -} - -/** - *

                                              Describes fast snapshot restores that were successfully disabled.

                                              - */ -export interface DisableFastSnapshotRestoreSuccessItem { - /** - *

                                              The ID of the snapshot.

                                              - */ - SnapshotId?: string; - - /** - *

                                              The Availability Zone.

                                              - */ - AvailabilityZone?: string; - - /** - *

                                              The state of fast snapshot restores for the snapshot.

                                              - */ - State?: FastSnapshotRestoreStateCode | string; - - /** - *

                                              The reason for the state transition. The possible values are as follows:

                                              + *

                                              One or more filters.

                                              *
                                                *
                                              • *

                                                - * Client.UserInitiated - The state successfully transitioned to enabling or - * disabling.

                                                + * accepter-vpc-info.cidr-block - The IPv4 CIDR block of the accepter + * VPC.

                                                *
                                                • *
                                              • *

                                                - * Client.UserInitiated - Lifecycle state transition - The state successfully transitioned - * to optimizing, enabled, or disabled.

                                                + * accepter-vpc-info.owner-id - The ID of the Amazon Web Services account that owns the + * accepter VPC.

                                                + *
                                                • + *
                                              • + *

                                                + * accepter-vpc-info.vpc-id - The ID of the accepter VPC.

                                                + *
                                                • + *
                                              • + *

                                                + * expiration-time - The expiration date and time for the VPC peering + * connection.

                                                + *
                                                • + *
                                              • + *

                                                + * requester-vpc-info.cidr-block - The IPv4 CIDR block of the + * requester's VPC.

                                                + *
                                                • + *
                                              • + *

                                                + * requester-vpc-info.owner-id - The ID of the Amazon Web Services account that owns the + * requester VPC.

                                                + *
                                                • + *
                                              • + *

                                                + * requester-vpc-info.vpc-id - The ID of the requester VPC.

                                                + *
                                                • + *
                                              • + *

                                                + * status-code - The status of the VPC peering connection + * (pending-acceptance | failed | + * expired | provisioning | active | + * deleting | deleted | + * rejected).

                                                + *
                                                • + *
                                              • + *

                                                + * status-message - A message that provides more information about the status + * of the VPC peering connection, if applicable.

                                                + *
                                                • + *
                                              • + *

                                                + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. + * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                                                + *
                                                • + *
                                              • + *

                                                + * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                                                + *
                                                • + *
                                              • + *

                                                + * vpc-peering-connection-id - The ID of the VPC peering connection.

                                                *
                                                • *
                                              */ - StateTransitionReason?: string; - - /** - *

                                              The ID of the Amazon Web Services account that enabled fast snapshot restores on the snapshot.

                                              - */ - OwnerId?: string; - - /** - *

                                              The Amazon Web Services owner alias that enabled fast snapshot restores on the snapshot. This is intended for future use.

                                              - */ - OwnerAlias?: string; - - /** - *

                                              The time at which fast snapshot restores entered the enabling state.

                                              - */ - EnablingTime?: Date; - - /** - *

                                              The time at which fast snapshot restores entered the optimizing state.

                                              - */ - OptimizingTime?: Date; - - /** - *

                                              The time at which fast snapshot restores entered the enabled state.

                                              - */ - EnabledTime?: Date; - - /** - *

                                              The time at which fast snapshot restores entered the disabling state.

                                              - */ - DisablingTime?: Date; - - /** - *

                                              The time at which fast snapshot restores entered the disabled state.

                                              - */ - DisabledTime?: Date; -} - -export namespace DisableFastSnapshotRestoreSuccessItem { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DisableFastSnapshotRestoreSuccessItem): any => ({ - ...obj, - }); -} - -/** - *

                                              Describes an error that occurred when disabling fast snapshot restores.

                                              - */ -export interface DisableFastSnapshotRestoreStateError { - /** - *

                                              The error code.

                                              - */ - Code?: string; + Filters?: Filter[]; /** - *

                                              The error message.

                                              + *

                                              Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                              */ - Message?: string; -} + DryRun?: boolean; -export namespace DisableFastSnapshotRestoreStateError { /** - * @internal + *

                                              One or more VPC peering connection IDs.

                                              + *

                                              Default: Describes all your VPC peering connections.

                                              */ - export const filterSensitiveLog = (obj: DisableFastSnapshotRestoreStateError): any => ({ - ...obj, - }); -} + VpcPeeringConnectionIds?: string[]; -/** - *

                                              Contains information about an error that occurred when disabling fast snapshot restores.

                                              - */ -export interface DisableFastSnapshotRestoreStateErrorItem { /** - *

                                              The Availability Zone.

                                              + *

                                              The token for the next page of results.

                                              */ - AvailabilityZone?: string; + NextToken?: string; /** - *

                                              The error.

                                              + *

                                              The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                                              */ - Error?: DisableFastSnapshotRestoreStateError; + MaxResults?: number; } -export namespace DisableFastSnapshotRestoreStateErrorItem { +export namespace DescribeVpcPeeringConnectionsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DisableFastSnapshotRestoreStateErrorItem): any => ({ + export const filterSensitiveLog = (obj: DescribeVpcPeeringConnectionsRequest): any => ({ ...obj, }); } -/** - *

                                              Contains information about the errors that occurred when disabling fast snapshot restores.

                                              - */ -export interface DisableFastSnapshotRestoreErrorItem { +export interface DescribeVpcPeeringConnectionsResult { /** - *

                                              The ID of the snapshot.

                                              + *

                                              Information about the VPC peering connections.

                                              */ - SnapshotId?: string; + VpcPeeringConnections?: VpcPeeringConnection[]; /** - *

                                              The errors.

                                              + *

                                              The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                              */ - FastSnapshotRestoreStateErrors?: DisableFastSnapshotRestoreStateErrorItem[]; + NextToken?: string; } -export namespace DisableFastSnapshotRestoreErrorItem { +export namespace DescribeVpcPeeringConnectionsResult { /** * @internal */ - export const filterSensitiveLog = (obj: DisableFastSnapshotRestoreErrorItem): any => ({ + export const filterSensitiveLog = (obj: DescribeVpcPeeringConnectionsResult): any => ({ ...obj, }); } -export interface DisableFastSnapshotRestoresResult { - /** - *

                                              Information about the snapshots for which fast snapshot restores were successfully disabled.

                                              - */ - Successful?: DisableFastSnapshotRestoreSuccessItem[]; - - /** - *

                                              Information about the snapshots for which fast snapshot restores could not be disabled.

                                              - */ - Unsuccessful?: DisableFastSnapshotRestoreErrorItem[]; -} - -export namespace DisableFastSnapshotRestoresResult { +export interface DescribeVpcsRequest { /** - * @internal + *

                                              One or more filters.

                                              + *
                                                + *
                                              • + *

                                                + * cidr - The primary IPv4 CIDR block of the VPC. The CIDR block you + * specify must exactly match the VPC's CIDR block for information to be returned + * for the VPC. Must contain the slash followed by one or two digits (for example, + * /28).

                                                + *
                                                • + *
                                              • + *

                                                + * cidr-block-association.cidr-block - An IPv4 CIDR block associated with the + * VPC.

                                                + *
                                                • + *
                                              • + *

                                                + * cidr-block-association.association-id - The association ID for + * an IPv4 CIDR block associated with the VPC.

                                                + *
                                                • + *
                                              • + *

                                                + * cidr-block-association.state - The state of an IPv4 CIDR block + * associated with the VPC.

                                                + *
                                                • + *
                                              • + *

                                                + * dhcp-options-id - The ID of a set of DHCP options.

                                                + *
                                                • + *
                                              • + *

                                                + * ipv6-cidr-block-association.ipv6-cidr-block - An IPv6 CIDR + * block associated with the VPC.

                                                + *
                                                • + *
                                              • + *

                                                + * ipv6-cidr-block-association.ipv6-pool - The ID of the IPv6 address pool from which the IPv6 CIDR block is allocated.

                                                + *
                                                • + *
                                              • + *

                                                + * ipv6-cidr-block-association.association-id - The association + * ID for an IPv6 CIDR block associated with the VPC.

                                                + *
                                                • + *
                                              • + *

                                                + * ipv6-cidr-block-association.state - The state of an IPv6 CIDR + * block associated with the VPC.

                                                + *
                                                • + *
                                              • + *

                                                + * is-default - Indicates whether the VPC is the default VPC.

                                                + *
                                                • + *
                                              • + *

                                                + * owner-id - The ID of the Amazon Web Services account that owns the VPC.

                                                + *
                                                • + *
                                              • + *

                                                + * state - The state of the VPC (pending | available).

                                                + *
                                                • + *
                                              • + *

                                                + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. + * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                                                + *
                                                • + *
                                              • + *

                                                + * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                                                + *
                                                • + *
                                              • + *

                                                + * vpc-id - The ID of the VPC.

                                                + *
                                                • + *
                                              */ - export const filterSensitiveLog = (obj: DisableFastSnapshotRestoresResult): any => ({ - ...obj, - }); -} + Filters?: Filter[]; -export interface DisableImageDeprecationRequest { /** - *

                                              The ID of the AMI.

                                              + *

                                              One or more VPC IDs.

                                              + *

                                              Default: Describes all your VPCs.

                                              */ - ImageId: string | undefined; + VpcIds?: string[]; /** *

                                              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                              + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                              */ DryRun?: boolean; -} -export namespace DisableImageDeprecationRequest { /** - * @internal + *

                                              The token for the next page of results.

                                              */ - export const filterSensitiveLog = (obj: DisableImageDeprecationRequest): any => ({ - ...obj, - }); -} + NextToken?: string; -export interface DisableImageDeprecationResult { /** - *

                                              Returns true if the request succeeds; otherwise, it returns an error.

                                              + *

                                              The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                                              */ - Return?: boolean; + MaxResults?: number; } -export namespace DisableImageDeprecationResult { +export namespace DescribeVpcsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DisableImageDeprecationResult): any => ({ + export const filterSensitiveLog = (obj: DescribeVpcsRequest): any => ({ ...obj, }); } -export interface DisableSerialConsoleAccessRequest { - /** - *

                                              Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                              - */ - DryRun?: boolean; -} - -export namespace DisableSerialConsoleAccessRequest { +export interface DescribeVpcsResult { /** - * @internal + *

                                              Information about one or more VPCs.

                                              */ - export const filterSensitiveLog = (obj: DisableSerialConsoleAccessRequest): any => ({ - ...obj, - }); -} + Vpcs?: Vpc[]; -export interface DisableSerialConsoleAccessResult { /** - *

                                              If true, access to the EC2 serial console of all instances is enabled for - * your account. If false, access to the EC2 serial console of all instances - * is disabled for your account.

                                              + *

                                              The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                              */ - SerialConsoleAccessEnabled?: boolean; + NextToken?: string; } -export namespace DisableSerialConsoleAccessResult { +export namespace DescribeVpcsResult { /** * @internal */ - export const filterSensitiveLog = (obj: DisableSerialConsoleAccessResult): any => ({ + export const filterSensitiveLog = (obj: DescribeVpcsResult): any => ({ ...obj, }); } -export interface DisableTransitGatewayRouteTablePropagationRequest { +/** + *

                                              Contains the parameters for DescribeVpnConnections.

                                              + */ +export interface DescribeVpnConnectionsRequest { /** - *

                                              The ID of the propagation route table.

                                              + *

                                              One or more filters.

                                              + *
                                                + *
                                              • + *

                                                + * customer-gateway-configuration - The configuration information + * for the customer gateway.

                                                + *
                                                • + *
                                              • + *

                                                + * customer-gateway-id - The ID of a customer gateway associated + * with the VPN connection.

                                                + *
                                                • + *
                                              • + *

                                                + * state - The state of the VPN connection (pending | + * available | deleting | + * deleted).

                                                + *
                                                • + *
                                              • + *

                                                + * option.static-routes-only - Indicates whether the connection has + * static routes only. Used for devices that do not support Border Gateway Protocol + * (BGP).

                                                + *
                                                • + *
                                              • + *

                                                + * route.destination-cidr-block - The destination CIDR block. This + * corresponds to the subnet used in a customer data center.

                                                + *
                                                • + *
                                              • + *

                                                + * bgp-asn - The BGP Autonomous System Number (ASN) associated with + * a BGP device.

                                                + *
                                                • + *
                                              • + *

                                                + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. + * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                                                + *
                                                • + *
                                              • + *

                                                + * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                                                + *
                                                • + *
                                              • + *

                                                + * type - The type of VPN connection. Currently the only supported + * type is ipsec.1.

                                                + *
                                                • + *
                                              • + *

                                                + * vpn-connection-id - The ID of the VPN connection.

                                                + *
                                                • + *
                                              • + *

                                                + * vpn-gateway-id - The ID of a virtual private gateway associated + * with the VPN connection.

                                                + *
                                                • + *
                                              • + *

                                                + * transit-gateway-id - The ID of a transit gateway associated with + * the VPN connection.

                                                + *
                                                • + *
                                              */ - TransitGatewayRouteTableId: string | undefined; + Filters?: Filter[]; /** - *

                                              The ID of the attachment.

                                              + *

                                              One or more VPN connection IDs.

                                              + *

                                              Default: Describes your VPN connections.

                                              */ - TransitGatewayAttachmentId: string | undefined; + VpnConnectionIds?: string[]; /** - *

                                              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                              + *

                                              Checks whether you have the required permissions for the action, without actually + * making the request, and provides an error response. If you have the required + * permissions, the error response is DryRunOperation. Otherwise, it is + * UnauthorizedOperation.

                                              */ DryRun?: boolean; } -export namespace DisableTransitGatewayRouteTablePropagationRequest { +export namespace DescribeVpnConnectionsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DisableTransitGatewayRouteTablePropagationRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeVpnConnectionsRequest): any => ({ ...obj, }); } -export type TransitGatewayPropagationState = "disabled" | "disabling" | "enabled" | "enabling"; - /** - *

                                              Describes route propagation.

                                              + *

                                              Contains the output of DescribeVpnConnections.

                                              */ -export interface TransitGatewayPropagation { - /** - *

                                              The ID of the attachment.

                                              - */ - TransitGatewayAttachmentId?: string; - - /** - *

                                              The ID of the resource.

                                              - */ - ResourceId?: string; - - /** - *

                                              The resource type. Note that the tgw-peering resource type has been deprecated.

                                              - */ - ResourceType?: TransitGatewayAttachmentResourceType | string; - - /** - *

                                              The ID of the transit gateway route table.

                                              - */ - TransitGatewayRouteTableId?: string; - - /** - *

                                              The state.

                                              - */ - State?: TransitGatewayPropagationState | string; -} - -export namespace TransitGatewayPropagation { - /** - * @internal - */ - export const filterSensitiveLog = (obj: TransitGatewayPropagation): any => ({ - ...obj, - }); -} - -export interface DisableTransitGatewayRouteTablePropagationResult { +export interface DescribeVpnConnectionsResult { /** - *

                                              Information about route propagation.

                                              + *

                                              Information about one or more VPN connections.

                                              */ - Propagation?: TransitGatewayPropagation; + VpnConnections?: VpnConnection[]; } -export namespace DisableTransitGatewayRouteTablePropagationResult { +export namespace DescribeVpnConnectionsResult { /** * @internal */ - export const filterSensitiveLog = (obj: DisableTransitGatewayRouteTablePropagationResult): any => ({ + export const filterSensitiveLog = (obj: DescribeVpnConnectionsResult): any => ({ ...obj, }); } /** - *

                                              Contains the parameters for DisableVgwRoutePropagation.

                                              + *

                                              Contains the parameters for DescribeVpnGateways.

                                              */ -export interface DisableVgwRoutePropagationRequest { +export interface DescribeVpnGatewaysRequest { /** - *

                                              The ID of the virtual private gateway.

                                              + *

                                              One or more filters.

                                              + *
                                                + *
                                              • + *

                                                + * amazon-side-asn - The Autonomous System Number (ASN) for the + * Amazon side of the gateway.

                                                + *
                                                • + *
                                              • + *

                                                + * attachment.state - The current state of the attachment between + * the gateway and the VPC (attaching | attached | + * detaching | detached).

                                                + *
                                                • + *
                                              • + *

                                                + * attachment.vpc-id - The ID of an attached VPC.

                                                + *
                                                • + *
                                              • + *

                                                + * availability-zone - The Availability Zone for the virtual private + * gateway (if applicable).

                                                + *
                                                • + *
                                              • + *

                                                + * state - The state of the virtual private gateway + * (pending | available | deleting | + * deleted).

                                                + *
                                                • + *
                                              • + *

                                                + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. + * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                                                + *
                                                • + *
                                              • + *

                                                + * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                                                + *
                                                • + *
                                              • + *

                                                + * type - The type of virtual private gateway. Currently the only + * supported type is ipsec.1.

                                                + *
                                                • + *
                                              • + *

                                                + * vpn-gateway-id - The ID of the virtual private gateway.

                                                + *
                                                • + *
                                              */ - GatewayId: string | undefined; + Filters?: Filter[]; /** - *

                                              The ID of the route table.

                                              + *

                                              One or more virtual private gateway IDs.

                                              + *

                                              Default: Describes all your virtual private gateways.

                                              */ - RouteTableId: string | undefined; + VpnGatewayIds?: string[]; /** *

                                              Checks whether you have the required permissions for the action, without actually @@ -2108,314 +2135,273 @@ export interface DisableVgwRoutePropagationRequest { DryRun?: boolean; } -export namespace DisableVgwRoutePropagationRequest { +export namespace DescribeVpnGatewaysRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DisableVgwRoutePropagationRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeVpnGatewaysRequest): any => ({ ...obj, }); } -export interface DisableVpcClassicLinkRequest { - /** - *

                                              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                              - */ - DryRun?: boolean; - +/** + *

                                              Contains the output of DescribeVpnGateways.

                                              + */ +export interface DescribeVpnGatewaysResult { /** - *

                                              The ID of the VPC.

                                              + *

                                              Information about one or more virtual private gateways.

                                              */ - VpcId: string | undefined; + VpnGateways?: VpnGateway[]; } -export namespace DisableVpcClassicLinkRequest { +export namespace DescribeVpnGatewaysResult { /** * @internal */ - export const filterSensitiveLog = (obj: DisableVpcClassicLinkRequest): any => ({ + export const filterSensitiveLog = (obj: DescribeVpnGatewaysResult): any => ({ ...obj, }); } -export interface DisableVpcClassicLinkResult { +export interface DetachClassicLinkVpcRequest { /** - *

                                              Returns true if the request succeeds; otherwise, it returns an error.

                                              + *

                                              Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                              */ - Return?: boolean; -} + DryRun?: boolean; -export namespace DisableVpcClassicLinkResult { /** - * @internal + *

                                              The ID of the instance to unlink from the VPC.

                                              */ - export const filterSensitiveLog = (obj: DisableVpcClassicLinkResult): any => ({ - ...obj, - }); -} + InstanceId: string | undefined; -export interface DisableVpcClassicLinkDnsSupportRequest { /** - *

                                              The ID of the VPC.

                                              + *

                                              The ID of the VPC to which the instance is linked.

                                              */ - VpcId?: string; + VpcId: string | undefined; } -export namespace DisableVpcClassicLinkDnsSupportRequest { +export namespace DetachClassicLinkVpcRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DisableVpcClassicLinkDnsSupportRequest): any => ({ + export const filterSensitiveLog = (obj: DetachClassicLinkVpcRequest): any => ({ ...obj, }); } -export interface DisableVpcClassicLinkDnsSupportResult { +export interface DetachClassicLinkVpcResult { /** *

                                              Returns true if the request succeeds; otherwise, it returns an error.

                                              */ Return?: boolean; } -export namespace DisableVpcClassicLinkDnsSupportResult { +export namespace DetachClassicLinkVpcResult { /** * @internal */ - export const filterSensitiveLog = (obj: DisableVpcClassicLinkDnsSupportResult): any => ({ + export const filterSensitiveLog = (obj: DetachClassicLinkVpcResult): any => ({ ...obj, }); } -export interface DisassociateAddressRequest { - /** - *

                                              [EC2-VPC] The association ID. Required for EC2-VPC.

                                              - */ - AssociationId?: string; - - /** - *

                                              [EC2-Classic] The Elastic IP address. Required for EC2-Classic.

                                              - */ - PublicIp?: string; - +export interface DetachInternetGatewayRequest { /** *

                                              Checks whether you have the required permissions for the action, without actually making the request, * and provides an error response. If you have the required permissions, the error response is DryRunOperation. * Otherwise, it is UnauthorizedOperation.

                                              */ DryRun?: boolean; -} - -export namespace DisassociateAddressRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DisassociateAddressRequest): any => ({ - ...obj, - }); -} - -export interface DisassociateClientVpnTargetNetworkRequest { - /** - *

                                              The ID of the Client VPN endpoint from which to disassociate the target network.

                                              - */ - ClientVpnEndpointId: string | undefined; - - /** - *

                                              The ID of the target network association.

                                              - */ - AssociationId: string | undefined; - - /** - *

                                              Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                              - */ - DryRun?: boolean; -} - -export namespace DisassociateClientVpnTargetNetworkRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DisassociateClientVpnTargetNetworkRequest): any => ({ - ...obj, - }); -} -export interface DisassociateClientVpnTargetNetworkResult { /** - *

                                              The ID of the target network association.

                                              + *

                                              The ID of the internet gateway.

                                              */ - AssociationId?: string; + InternetGatewayId: string | undefined; /** - *

                                              The current state of the target network association.

                                              + *

                                              The ID of the VPC.

                                              */ - Status?: AssociationStatus; + VpcId: string | undefined; } -export namespace DisassociateClientVpnTargetNetworkResult { +export namespace DetachInternetGatewayRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DisassociateClientVpnTargetNetworkResult): any => ({ + export const filterSensitiveLog = (obj: DetachInternetGatewayRequest): any => ({ ...obj, }); } -export interface DisassociateEnclaveCertificateIamRoleRequest { +/** + *

                                              Contains the parameters for DetachNetworkInterface.

                                              + */ +export interface DetachNetworkInterfaceRequest { /** - *

                                              The ARN of the ACM certificate from which to disassociate the IAM role.

                                              + *

                                              The ID of the attachment.

                                              */ - CertificateArn?: string; + AttachmentId: string | undefined; /** - *

                                              The ARN of the IAM role to disassociate.

                                              + *

                                              Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                              */ - RoleArn?: string; + DryRun?: boolean; /** - *

                                              Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                              + *

                                              Specifies whether to force a detachment.

                                              + * + *
                                                + *
                                              • + *

                                                Use the Force parameter only as a last resort to detach a network interface from a failed instance.

                                                + *
                                                • + *
                                              • + *

                                                If you use the Force parameter to detach a network interface, you might not be able to attach a different network interface to the same index on the instance without first stopping and starting the instance.

                                                + *
                                                • + *
                                              • + *

                                                If you force the detachment of a network interface, the instance metadata + * might not get updated. This means that the attributes associated + * with the detached network interface might still be visible. The + * instance metadata will get updated when you stop and start the + * instance.

                                                + *
                                                • + *
                                              + *                                               */ - DryRun?: boolean; + Force?: boolean; } -export namespace DisassociateEnclaveCertificateIamRoleRequest { +export namespace DetachNetworkInterfaceRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DisassociateEnclaveCertificateIamRoleRequest): any => ({ + export const filterSensitiveLog = (obj: DetachNetworkInterfaceRequest): any => ({ ...obj, }); } -export interface DisassociateEnclaveCertificateIamRoleResult { +export interface DetachVolumeRequest { /** - *

                                              Returns true if the request succeeds; otherwise, it returns an error.

                                              + *

                                              The device name.

                                              */ - Return?: boolean; -} + Device?: string; -export namespace DisassociateEnclaveCertificateIamRoleResult { /** - * @internal + *

                                              Forces detachment if the previous detachment attempt did not occur cleanly (for example, + * logging into an instance, unmounting the volume, and detaching normally). This option can lead + * to data loss or a corrupted file system. Use this option only as a last resort to detach a + * volume from a failed instance. The instance won't have an opportunity to flush file system + * caches or file system metadata. If you use this option, you must perform file system check and + * repair procedures.

                                              */ - export const filterSensitiveLog = (obj: DisassociateEnclaveCertificateIamRoleResult): any => ({ - ...obj, - }); -} + Force?: boolean; -export interface DisassociateIamInstanceProfileRequest { /** - *

                                              The ID of the IAM instance profile association.

                                              + *

                                              The ID of the instance. If you are detaching a Multi-Attach enabled volume, you must specify an instance ID.

                                              */ - AssociationId: string | undefined; -} + InstanceId?: string; -export namespace DisassociateIamInstanceProfileRequest { /** - * @internal + *

                                              The ID of the volume.

                                              */ - export const filterSensitiveLog = (obj: DisassociateIamInstanceProfileRequest): any => ({ - ...obj, - }); -} + VolumeId: string | undefined; -export interface DisassociateIamInstanceProfileResult { /** - *

                                              Information about the IAM instance profile association.

                                              + *

                                              Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                              */ - IamInstanceProfileAssociation?: IamInstanceProfileAssociation; + DryRun?: boolean; } -export namespace DisassociateIamInstanceProfileResult { +export namespace DetachVolumeRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DisassociateIamInstanceProfileResult): any => ({ + export const filterSensitiveLog = (obj: DetachVolumeRequest): any => ({ ...obj, }); } /** - *

                                              The targets to disassociate from the specified event window.

                                              + *

                                              Contains the parameters for DetachVpnGateway.

                                              */ -export interface InstanceEventWindowDisassociationRequest { +export interface DetachVpnGatewayRequest { /** - *

                                              The IDs of the instances to disassociate from the event window.

                                              + *

                                              The ID of the VPC.

                                              */ - InstanceIds?: string[]; + VpcId: string | undefined; /** - *

                                              The instance tags to disassociate from the event window. Any instances associated with - * the tags will be disassociated from the event window.

                                              + *

                                              The ID of the virtual private gateway.

                                              */ - InstanceTags?: Tag[]; + VpnGatewayId: string | undefined; /** - *

                                              The IDs of the Dedicated Hosts to disassociate from the event window.

                                              + *

                                              Checks whether you have the required permissions for the action, without actually + * making the request, and provides an error response. If you have the required + * permissions, the error response is DryRunOperation. Otherwise, it is + * UnauthorizedOperation.

                                              */ - DedicatedHostIds?: string[]; + DryRun?: boolean; } -export namespace InstanceEventWindowDisassociationRequest { +export namespace DetachVpnGatewayRequest { /** * @internal */ - export const filterSensitiveLog = (obj: InstanceEventWindowDisassociationRequest): any => ({ + export const filterSensitiveLog = (obj: DetachVpnGatewayRequest): any => ({ ...obj, }); } -export interface DisassociateInstanceEventWindowRequest { +export interface DisableEbsEncryptionByDefaultRequest { /** *

                                              Checks whether you have the required permissions for the action, without actually making the request, * and provides an error response. If you have the required permissions, the error response is DryRunOperation. * Otherwise, it is UnauthorizedOperation.

                                              */ DryRun?: boolean; - - /** - *

                                              The ID of the event window.

                                              - */ - InstanceEventWindowId: string | undefined; - - /** - *

                                              One or more targets to disassociate from the specified event window.

                                              - */ - AssociationTarget: InstanceEventWindowDisassociationRequest | undefined; } -export namespace DisassociateInstanceEventWindowRequest { +export namespace DisableEbsEncryptionByDefaultRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DisassociateInstanceEventWindowRequest): any => ({ + export const filterSensitiveLog = (obj: DisableEbsEncryptionByDefaultRequest): any => ({ ...obj, }); } -export interface DisassociateInstanceEventWindowResult { +export interface DisableEbsEncryptionByDefaultResult { /** - *

                                              Information about the event window.

                                              + *

                                              The updated status of encryption by default.

                                              */ - InstanceEventWindow?: InstanceEventWindow; + EbsEncryptionByDefault?: boolean; } -export namespace DisassociateInstanceEventWindowResult { +export namespace DisableEbsEncryptionByDefaultResult { /** * @internal */ - export const filterSensitiveLog = (obj: DisassociateInstanceEventWindowResult): any => ({ + export const filterSensitiveLog = (obj: DisableEbsEncryptionByDefaultResult): any => ({ ...obj, }); } -export interface DisassociateRouteTableRequest { +export interface DisableFastSnapshotRestoresRequest { /** - *

                                              The association ID representing the current association between the route table and subnet or gateway.

                                              + *

                                              One or more Availability Zones. For example, us-east-2a.

                                              */ - AssociationId: string | undefined; + AvailabilityZones: string[] | undefined; + + /** + *

                                              The IDs of one or more snapshots. For example, snap-1234567890abcdef0.

                                              + */ + SourceSnapshotIds: string[] | undefined; /** *

                                              Checks whether you have the required permissions for the action, without actually making the request, @@ -2425,285 +2411,272 @@ export interface DisassociateRouteTableRequest { DryRun?: boolean; } -export namespace DisassociateRouteTableRequest { +export namespace DisableFastSnapshotRestoresRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DisassociateRouteTableRequest): any => ({ + export const filterSensitiveLog = (obj: DisableFastSnapshotRestoresRequest): any => ({ ...obj, }); } -export interface DisassociateSubnetCidrBlockRequest { +/** + *

                                              Describes fast snapshot restores that were successfully disabled.

                                              + */ +export interface DisableFastSnapshotRestoreSuccessItem { /** - *

                                              The association ID for the CIDR block.

                                              + *

                                              The ID of the snapshot.

                                              */ - AssociationId: string | undefined; -} + SnapshotId?: string; -export namespace DisassociateSubnetCidrBlockRequest { /** - * @internal + *

                                              The Availability Zone.

                                              */ - export const filterSensitiveLog = (obj: DisassociateSubnetCidrBlockRequest): any => ({ - ...obj, - }); -} + AvailabilityZone?: string; -export interface DisassociateSubnetCidrBlockResult { /** - *

                                              Information about the IPv6 CIDR block association.

                                              + *

                                              The state of fast snapshot restores for the snapshot.

                                              */ - Ipv6CidrBlockAssociation?: SubnetIpv6CidrBlockAssociation; + State?: FastSnapshotRestoreStateCode | string; /** - *

                                              The ID of the subnet.

                                              + *

                                              The reason for the state transition. The possible values are as follows:

                                              + *
                                                + *
                                              • + *

                                                + * Client.UserInitiated - The state successfully transitioned to enabling or + * disabling.

                                                + *
                                                • + *
                                              • + *

                                                + * Client.UserInitiated - Lifecycle state transition - The state successfully transitioned + * to optimizing, enabled, or disabled.

                                                + *
                                                • + *
                                              */ - SubnetId?: string; -} + StateTransitionReason?: string; -export namespace DisassociateSubnetCidrBlockResult { /** - * @internal + *

                                              The ID of the Amazon Web Services account that enabled fast snapshot restores on the snapshot.

                                              */ - export const filterSensitiveLog = (obj: DisassociateSubnetCidrBlockResult): any => ({ - ...obj, - }); -} + OwnerId?: string; -export interface DisassociateTransitGatewayMulticastDomainRequest { /** - *

                                              The ID of the transit gateway multicast domain.

                                              + *

                                              The Amazon Web Services owner alias that enabled fast snapshot restores on the snapshot. This is intended for future use.

                                              */ - TransitGatewayMulticastDomainId?: string; + OwnerAlias?: string; /** - *

                                              The ID of the attachment.

                                              + *

                                              The time at which fast snapshot restores entered the enabling state.

                                              */ - TransitGatewayAttachmentId?: string; + EnablingTime?: Date; /** - *

                                              The IDs of the subnets;

                                              + *

                                              The time at which fast snapshot restores entered the optimizing state.

                                              */ - SubnetIds?: string[]; + OptimizingTime?: Date; /** - *

                                              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                              + *

                                              The time at which fast snapshot restores entered the enabled state.

                                              */ - DryRun?: boolean; -} + EnabledTime?: Date; -export namespace DisassociateTransitGatewayMulticastDomainRequest { /** - * @internal + *

                                              The time at which fast snapshot restores entered the disabling state.

                                              */ - export const filterSensitiveLog = (obj: DisassociateTransitGatewayMulticastDomainRequest): any => ({ - ...obj, - }); -} + DisablingTime?: Date; -export interface DisassociateTransitGatewayMulticastDomainResult { /** - *

                                              Information about the association.

                                              + *

                                              The time at which fast snapshot restores entered the disabled state.

                                              */ - Associations?: TransitGatewayMulticastDomainAssociations; + DisabledTime?: Date; } -export namespace DisassociateTransitGatewayMulticastDomainResult { +export namespace DisableFastSnapshotRestoreSuccessItem { /** * @internal */ - export const filterSensitiveLog = (obj: DisassociateTransitGatewayMulticastDomainResult): any => ({ + export const filterSensitiveLog = (obj: DisableFastSnapshotRestoreSuccessItem): any => ({ ...obj, }); } -export interface DisassociateTransitGatewayRouteTableRequest { - /** - *

                                              The ID of the transit gateway route table.

                                              - */ - TransitGatewayRouteTableId: string | undefined; - +/** + *

                                              Describes an error that occurred when disabling fast snapshot restores.

                                              + */ +export interface DisableFastSnapshotRestoreStateError { /** - *

                                              The ID of the attachment.

                                              + *

                                              The error code.

                                              */ - TransitGatewayAttachmentId: string | undefined; + Code?: string; /** - *

                                              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                              + *

                                              The error message.

                                              */ - DryRun?: boolean; + Message?: string; } -export namespace DisassociateTransitGatewayRouteTableRequest { +export namespace DisableFastSnapshotRestoreStateError { /** * @internal */ - export const filterSensitiveLog = (obj: DisassociateTransitGatewayRouteTableRequest): any => ({ + export const filterSensitiveLog = (obj: DisableFastSnapshotRestoreStateError): any => ({ ...obj, }); } -export interface DisassociateTransitGatewayRouteTableResult { +/** + *

                                              Contains information about an error that occurred when disabling fast snapshot restores.

                                              + */ +export interface DisableFastSnapshotRestoreStateErrorItem { /** - *

                                              Information about the association.

                                              + *

                                              The Availability Zone.

                                              + */ + AvailabilityZone?: string; + + /** + *

                                              The error.

                                              */ - Association?: TransitGatewayAssociation; + Error?: DisableFastSnapshotRestoreStateError; } -export namespace DisassociateTransitGatewayRouteTableResult { +export namespace DisableFastSnapshotRestoreStateErrorItem { /** * @internal */ - export const filterSensitiveLog = (obj: DisassociateTransitGatewayRouteTableResult): any => ({ + export const filterSensitiveLog = (obj: DisableFastSnapshotRestoreStateErrorItem): any => ({ ...obj, }); } -export interface DisassociateTrunkInterfaceRequest { - /** - *

                                              The ID of the association

                                              - */ - AssociationId: string | undefined; - +/** + *

                                              Contains information about the errors that occurred when disabling fast snapshot restores.

                                              + */ +export interface DisableFastSnapshotRestoreErrorItem { /** - *

                                              Unique, case-sensitive identifier that you provide to ensure the idempotency of the - * request. For more information, see How to Ensure - * Idempotency.

                                              + *

                                              The ID of the snapshot.

                                              */ - ClientToken?: string; + SnapshotId?: string; /** - *

                                              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                              + *

                                              The errors.

                                              */ - DryRun?: boolean; + FastSnapshotRestoreStateErrors?: DisableFastSnapshotRestoreStateErrorItem[]; } -export namespace DisassociateTrunkInterfaceRequest { +export namespace DisableFastSnapshotRestoreErrorItem { /** * @internal */ - export const filterSensitiveLog = (obj: DisassociateTrunkInterfaceRequest): any => ({ + export const filterSensitiveLog = (obj: DisableFastSnapshotRestoreErrorItem): any => ({ ...obj, }); } -export interface DisassociateTrunkInterfaceResult { +export interface DisableFastSnapshotRestoresResult { /** - *

                                              Returns true if the request succeeds; otherwise, it returns an error.

                                              + *

                                              Information about the snapshots for which fast snapshot restores were successfully disabled.

                                              */ - Return?: boolean; + Successful?: DisableFastSnapshotRestoreSuccessItem[]; /** - *

                                              Unique, case-sensitive identifier that you provide to ensure the idempotency of the - * request. For more information, see How to Ensure - * Idempotency.

                                              + *

                                              Information about the snapshots for which fast snapshot restores could not be disabled.

                                              */ - ClientToken?: string; + Unsuccessful?: DisableFastSnapshotRestoreErrorItem[]; } -export namespace DisassociateTrunkInterfaceResult { +export namespace DisableFastSnapshotRestoresResult { /** * @internal */ - export const filterSensitiveLog = (obj: DisassociateTrunkInterfaceResult): any => ({ + export const filterSensitiveLog = (obj: DisableFastSnapshotRestoresResult): any => ({ ...obj, }); } -export interface DisassociateVpcCidrBlockRequest { +export interface DisableImageDeprecationRequest { /** - *

                                              The association ID for the CIDR block.

                                              + *

                                              The ID of the AMI.

                                              */ - AssociationId: string | undefined; + ImageId: string | undefined; + + /** + *

                                              Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                              + */ + DryRun?: boolean; } -export namespace DisassociateVpcCidrBlockRequest { +export namespace DisableImageDeprecationRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DisassociateVpcCidrBlockRequest): any => ({ + export const filterSensitiveLog = (obj: DisableImageDeprecationRequest): any => ({ ...obj, }); } -export interface DisassociateVpcCidrBlockResult { - /** - *

                                              Information about the IPv6 CIDR block association.

                                              - */ - Ipv6CidrBlockAssociation?: VpcIpv6CidrBlockAssociation; - - /** - *

                                              Information about the IPv4 CIDR block association.

                                              - */ - CidrBlockAssociation?: VpcCidrBlockAssociation; - +export interface DisableImageDeprecationResult { /** - *

                                              The ID of the VPC.

                                              + *

                                              Returns true if the request succeeds; otherwise, it returns an error.

                                              */ - VpcId?: string; + Return?: boolean; } -export namespace DisassociateVpcCidrBlockResult { +export namespace DisableImageDeprecationResult { /** * @internal */ - export const filterSensitiveLog = (obj: DisassociateVpcCidrBlockResult): any => ({ + export const filterSensitiveLog = (obj: DisableImageDeprecationResult): any => ({ ...obj, }); } -export interface EnableEbsEncryptionByDefaultRequest { +export interface DisableSerialConsoleAccessRequest { /** - *

                                              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                              + *

                                              Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                              */ DryRun?: boolean; } -export namespace EnableEbsEncryptionByDefaultRequest { +export namespace DisableSerialConsoleAccessRequest { /** * @internal */ - export const filterSensitiveLog = (obj: EnableEbsEncryptionByDefaultRequest): any => ({ + export const filterSensitiveLog = (obj: DisableSerialConsoleAccessRequest): any => ({ ...obj, }); } -export interface EnableEbsEncryptionByDefaultResult { +export interface DisableSerialConsoleAccessResult { /** - *

                                              The updated status of encryption by default.

                                              + *

                                              If true, access to the EC2 serial console of all instances is enabled for + * your account. If false, access to the EC2 serial console of all instances + * is disabled for your account.

                                              */ - EbsEncryptionByDefault?: boolean; + SerialConsoleAccessEnabled?: boolean; } -export namespace EnableEbsEncryptionByDefaultResult { +export namespace DisableSerialConsoleAccessResult { /** * @internal */ - export const filterSensitiveLog = (obj: EnableEbsEncryptionByDefaultResult): any => ({ + export const filterSensitiveLog = (obj: DisableSerialConsoleAccessResult): any => ({ ...obj, }); } -export interface EnableFastSnapshotRestoresRequest { +export interface DisableTransitGatewayRouteTablePropagationRequest { /** - *

                                              One or more Availability Zones. For example, us-east-2a.

                                              + *

                                              The ID of the propagation route table.

                                              */ - AvailabilityZones: string[] | undefined; + TransitGatewayRouteTableId: string | undefined; /** - *

                                              The IDs of one or more snapshots. For example, snap-1234567890abcdef0. You can specify - * a snapshot that was shared with you from another Amazon Web Services account.

                                              + *

                                              The ID of the attachment.

                                              */ - SourceSnapshotIds: string[] | undefined; + TransitGatewayAttachmentId: string | undefined; /** *

                                              Checks whether you have the required permissions for the action, without actually making the request, @@ -2713,589 +2686,563 @@ export interface EnableFastSnapshotRestoresRequest { DryRun?: boolean; } -export namespace EnableFastSnapshotRestoresRequest { +export namespace DisableTransitGatewayRouteTablePropagationRequest { /** * @internal */ - export const filterSensitiveLog = (obj: EnableFastSnapshotRestoresRequest): any => ({ + export const filterSensitiveLog = (obj: DisableTransitGatewayRouteTablePropagationRequest): any => ({ ...obj, }); } +export type TransitGatewayPropagationState = "disabled" | "disabling" | "enabled" | "enabling"; + /** - *

                                              Describes fast snapshot restores that were successfully enabled.

                                              + *

                                              Describes route propagation.

                                              */ -export interface EnableFastSnapshotRestoreSuccessItem { +export interface TransitGatewayPropagation { /** - *

                                              The ID of the snapshot.

                                              + *

                                              The ID of the attachment.

                                              */ - SnapshotId?: string; + TransitGatewayAttachmentId?: string; /** - *

                                              The Availability Zone.

                                              + *

                                              The ID of the resource.

                                              */ - AvailabilityZone?: string; + ResourceId?: string; /** - *

                                              The state of fast snapshot restores.

                                              + *

                                              The resource type. Note that the tgw-peering resource type has been deprecated.

                                              */ - State?: FastSnapshotRestoreStateCode | string; + ResourceType?: TransitGatewayAttachmentResourceType | string; /** - *

                                              The reason for the state transition. The possible values are as follows:

                                              - *
                                                - *
                                              • - *

                                                - * Client.UserInitiated - The state successfully transitioned to enabling or - * disabling.

                                                - *
                                                • - *
                                              • - *

                                                - * Client.UserInitiated - Lifecycle state transition - The state successfully transitioned - * to optimizing, enabled, or disabled.

                                                - *
                                                • - *
                                              + *

                                              The ID of the transit gateway route table.

                                              */ - StateTransitionReason?: string; + TransitGatewayRouteTableId?: string; /** - *

                                              The ID of the Amazon Web Services account that enabled fast snapshot restores on the snapshot.

                                              + *

                                              The state.

                                              */ - OwnerId?: string; + State?: TransitGatewayPropagationState | string; +} +export namespace TransitGatewayPropagation { /** - *

                                              The Amazon Web Services owner alias that enabled fast snapshot restores on the snapshot. This is intended for future use.

                                              + * @internal */ - OwnerAlias?: string; + export const filterSensitiveLog = (obj: TransitGatewayPropagation): any => ({ + ...obj, + }); +} +export interface DisableTransitGatewayRouteTablePropagationResult { /** - *

                                              The time at which fast snapshot restores entered the enabling state.

                                              + *

                                              Information about route propagation.

                                              */ - EnablingTime?: Date; + Propagation?: TransitGatewayPropagation; +} +export namespace DisableTransitGatewayRouteTablePropagationResult { /** - *

                                              The time at which fast snapshot restores entered the optimizing state.

                                              + * @internal */ - OptimizingTime?: Date; + export const filterSensitiveLog = (obj: DisableTransitGatewayRouteTablePropagationResult): any => ({ + ...obj, + }); +} +/** + *

                                              Contains the parameters for DisableVgwRoutePropagation.

                                              + */ +export interface DisableVgwRoutePropagationRequest { /** - *

                                              The time at which fast snapshot restores entered the enabled state.

                                              + *

                                              The ID of the virtual private gateway.

                                              */ - EnabledTime?: Date; + GatewayId: string | undefined; /** - *

                                              The time at which fast snapshot restores entered the disabling state.

                                              + *

                                              The ID of the route table.

                                              */ - DisablingTime?: Date; + RouteTableId: string | undefined; /** - *

                                              The time at which fast snapshot restores entered the disabled state.

                                              + *

                                              Checks whether you have the required permissions for the action, without actually + * making the request, and provides an error response. If you have the required + * permissions, the error response is DryRunOperation. Otherwise, it is + * UnauthorizedOperation.

                                              */ - DisabledTime?: Date; + DryRun?: boolean; } -export namespace EnableFastSnapshotRestoreSuccessItem { +export namespace DisableVgwRoutePropagationRequest { /** * @internal */ - export const filterSensitiveLog = (obj: EnableFastSnapshotRestoreSuccessItem): any => ({ + export const filterSensitiveLog = (obj: DisableVgwRoutePropagationRequest): any => ({ ...obj, }); } -/** - *

                                              Describes an error that occurred when enabling fast snapshot restores.

                                              - */ -export interface EnableFastSnapshotRestoreStateError { +export interface DisableVpcClassicLinkRequest { /** - *

                                              The error code.

                                              + *

                                              Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                              */ - Code?: string; + DryRun?: boolean; /** - *

                                              The error message.

                                              + *

                                              The ID of the VPC.

                                              */ - Message?: string; + VpcId: string | undefined; } -export namespace EnableFastSnapshotRestoreStateError { +export namespace DisableVpcClassicLinkRequest { /** * @internal */ - export const filterSensitiveLog = (obj: EnableFastSnapshotRestoreStateError): any => ({ + export const filterSensitiveLog = (obj: DisableVpcClassicLinkRequest): any => ({ ...obj, }); } -/** - *

                                              Contains information about an error that occurred when enabling fast snapshot restores.

                                              - */ -export interface EnableFastSnapshotRestoreStateErrorItem { - /** - *

                                              The Availability Zone.

                                              - */ - AvailabilityZone?: string; - +export interface DisableVpcClassicLinkResult { /** - *

                                              The error.

                                              + *

                                              Returns true if the request succeeds; otherwise, it returns an error.

                                              */ - Error?: EnableFastSnapshotRestoreStateError; + Return?: boolean; } -export namespace EnableFastSnapshotRestoreStateErrorItem { +export namespace DisableVpcClassicLinkResult { /** * @internal */ - export const filterSensitiveLog = (obj: EnableFastSnapshotRestoreStateErrorItem): any => ({ - ...obj, - }); -} - -/** - *

                                              Contains information about the errors that occurred when enabling fast snapshot restores.

                                              - */ -export interface EnableFastSnapshotRestoreErrorItem { - /** - *

                                              The ID of the snapshot.

                                              - */ - SnapshotId?: string; + export const filterSensitiveLog = (obj: DisableVpcClassicLinkResult): any => ({ + ...obj, + }); +} +export interface DisableVpcClassicLinkDnsSupportRequest { /** - *

                                              The errors.

                                              + *

                                              The ID of the VPC.

                                              */ - FastSnapshotRestoreStateErrors?: EnableFastSnapshotRestoreStateErrorItem[]; + VpcId?: string; } -export namespace EnableFastSnapshotRestoreErrorItem { +export namespace DisableVpcClassicLinkDnsSupportRequest { /** * @internal */ - export const filterSensitiveLog = (obj: EnableFastSnapshotRestoreErrorItem): any => ({ + export const filterSensitiveLog = (obj: DisableVpcClassicLinkDnsSupportRequest): any => ({ ...obj, }); } -export interface EnableFastSnapshotRestoresResult { - /** - *

                                              Information about the snapshots for which fast snapshot restores were successfully enabled.

                                              - */ - Successful?: EnableFastSnapshotRestoreSuccessItem[]; - +export interface DisableVpcClassicLinkDnsSupportResult { /** - *

                                              Information about the snapshots for which fast snapshot restores could not be enabled.

                                              + *

                                              Returns true if the request succeeds; otherwise, it returns an error.

                                              */ - Unsuccessful?: EnableFastSnapshotRestoreErrorItem[]; + Return?: boolean; } -export namespace EnableFastSnapshotRestoresResult { +export namespace DisableVpcClassicLinkDnsSupportResult { /** * @internal */ - export const filterSensitiveLog = (obj: EnableFastSnapshotRestoresResult): any => ({ + export const filterSensitiveLog = (obj: DisableVpcClassicLinkDnsSupportResult): any => ({ ...obj, }); } -export interface EnableImageDeprecationRequest { +export interface DisassociateAddressRequest { /** - *

                                              The ID of the AMI.

                                              + *

                                              [EC2-VPC] The association ID. Required for EC2-VPC.

                                              */ - ImageId: string | undefined; + AssociationId?: string; /** - *

                                              The date and time to deprecate the AMI, in UTC, in the following format: - * YYYY-MM-DDTHH:MM:SSZ. - * If you specify a value for seconds, Amazon EC2 rounds the seconds to the - * nearest minute.

                                              - *

                                              You can’t specify a date in the past. The upper limit for DeprecateAt is 10 - * years from now.

                                              + *

                                              [EC2-Classic] The Elastic IP address. Required for EC2-Classic.

                                              */ - DeprecateAt: Date | undefined; + PublicIp?: string; /** *

                                              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                              + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                              */ DryRun?: boolean; } -export namespace EnableImageDeprecationRequest { +export namespace DisassociateAddressRequest { /** * @internal */ - export const filterSensitiveLog = (obj: EnableImageDeprecationRequest): any => ({ + export const filterSensitiveLog = (obj: DisassociateAddressRequest): any => ({ ...obj, }); } -export interface EnableImageDeprecationResult { +export interface DisassociateClientVpnTargetNetworkRequest { /** - *

                                              Returns true if the request succeeds; otherwise, it returns an error.

                                              + *

                                              The ID of the Client VPN endpoint from which to disassociate the target network.

                                              */ - Return?: boolean; -} + ClientVpnEndpointId: string | undefined; -export namespace EnableImageDeprecationResult { /** - * @internal + *

                                              The ID of the target network association.

                                              */ - export const filterSensitiveLog = (obj: EnableImageDeprecationResult): any => ({ - ...obj, - }); -} + AssociationId: string | undefined; -export interface EnableSerialConsoleAccessRequest { /** *

                                              Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                              */ DryRun?: boolean; } -export namespace EnableSerialConsoleAccessRequest { +export namespace DisassociateClientVpnTargetNetworkRequest { /** * @internal */ - export const filterSensitiveLog = (obj: EnableSerialConsoleAccessRequest): any => ({ + export const filterSensitiveLog = (obj: DisassociateClientVpnTargetNetworkRequest): any => ({ ...obj, }); } -export interface EnableSerialConsoleAccessResult { +export interface DisassociateClientVpnTargetNetworkResult { /** - *

                                              If true, access to the EC2 serial console of all instances is enabled for - * your account. If false, access to the EC2 serial console of all instances - * is disabled for your account.

                                              + *

                                              The ID of the target network association.

                                              */ - SerialConsoleAccessEnabled?: boolean; + AssociationId?: string; + + /** + *

                                              The current state of the target network association.

                                              + */ + Status?: AssociationStatus; } -export namespace EnableSerialConsoleAccessResult { +export namespace DisassociateClientVpnTargetNetworkResult { /** * @internal */ - export const filterSensitiveLog = (obj: EnableSerialConsoleAccessResult): any => ({ + export const filterSensitiveLog = (obj: DisassociateClientVpnTargetNetworkResult): any => ({ ...obj, }); } -export interface EnableTransitGatewayRouteTablePropagationRequest { +export interface DisassociateEnclaveCertificateIamRoleRequest { /** - *

                                              The ID of the propagation route table.

                                              + *

                                              The ARN of the ACM certificate from which to disassociate the IAM role.

                                              */ - TransitGatewayRouteTableId: string | undefined; + CertificateArn?: string; /** - *

                                              The ID of the attachment.

                                              + *

                                              The ARN of the IAM role to disassociate.

                                              */ - TransitGatewayAttachmentId: string | undefined; + RoleArn?: string; /** - *

                                              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                              + *

                                              Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                              */ DryRun?: boolean; } -export namespace EnableTransitGatewayRouteTablePropagationRequest { +export namespace DisassociateEnclaveCertificateIamRoleRequest { /** * @internal */ - export const filterSensitiveLog = (obj: EnableTransitGatewayRouteTablePropagationRequest): any => ({ + export const filterSensitiveLog = (obj: DisassociateEnclaveCertificateIamRoleRequest): any => ({ ...obj, }); } -export interface EnableTransitGatewayRouteTablePropagationResult { +export interface DisassociateEnclaveCertificateIamRoleResult { /** - *

                                              Information about route propagation.

                                              + *

                                              Returns true if the request succeeds; otherwise, it returns an error.

                                              */ - Propagation?: TransitGatewayPropagation; + Return?: boolean; } -export namespace EnableTransitGatewayRouteTablePropagationResult { +export namespace DisassociateEnclaveCertificateIamRoleResult { /** * @internal */ - export const filterSensitiveLog = (obj: EnableTransitGatewayRouteTablePropagationResult): any => ({ + export const filterSensitiveLog = (obj: DisassociateEnclaveCertificateIamRoleResult): any => ({ ...obj, }); } -/** - *

                                              Contains the parameters for EnableVgwRoutePropagation.

                                              - */ -export interface EnableVgwRoutePropagationRequest { - /** - *

                                              The ID of the virtual private gateway that is attached to a VPC. The virtual private - * gateway must be attached to the same VPC that the routing tables are associated with. - *

                                              - */ - GatewayId: string | undefined; - - /** - *

                                              The ID of the route table. The routing table must be associated with the same VPC that - * the virtual private gateway is attached to.

                                              - */ - RouteTableId: string | undefined; - +export interface DisassociateIamInstanceProfileRequest { /** - *

                                              Checks whether you have the required permissions for the action, without actually - * making the request, and provides an error response. If you have the required - * permissions, the error response is DryRunOperation. Otherwise, it is - * UnauthorizedOperation.

                                              + *

                                              The ID of the IAM instance profile association.

                                              */ - DryRun?: boolean; + AssociationId: string | undefined; } -export namespace EnableVgwRoutePropagationRequest { +export namespace DisassociateIamInstanceProfileRequest { /** * @internal */ - export const filterSensitiveLog = (obj: EnableVgwRoutePropagationRequest): any => ({ + export const filterSensitiveLog = (obj: DisassociateIamInstanceProfileRequest): any => ({ ...obj, }); } -export interface EnableVolumeIORequest { - /** - *

                                              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                              - */ - DryRun?: boolean; - +export interface DisassociateIamInstanceProfileResult { /** - *

                                              The ID of the volume.

                                              + *

                                              Information about the IAM instance profile association.

                                              */ - VolumeId: string | undefined; + IamInstanceProfileAssociation?: IamInstanceProfileAssociation; } -export namespace EnableVolumeIORequest { +export namespace DisassociateIamInstanceProfileResult { /** * @internal */ - export const filterSensitiveLog = (obj: EnableVolumeIORequest): any => ({ + export const filterSensitiveLog = (obj: DisassociateIamInstanceProfileResult): any => ({ ...obj, }); } -export interface EnableVpcClassicLinkRequest { +/** + *

                                              The targets to disassociate from the specified event window.

                                              + */ +export interface InstanceEventWindowDisassociationRequest { /** - *

                                              Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                              + *

                                              The IDs of the instances to disassociate from the event window.

                                              */ - DryRun?: boolean; + InstanceIds?: string[]; /** - *

                                              The ID of the VPC.

                                              + *

                                              The instance tags to disassociate from the event window. Any instances associated with + * the tags will be disassociated from the event window.

                                              */ - VpcId: string | undefined; + InstanceTags?: Tag[]; + + /** + *

                                              The IDs of the Dedicated Hosts to disassociate from the event window.

                                              + */ + DedicatedHostIds?: string[]; } -export namespace EnableVpcClassicLinkRequest { +export namespace InstanceEventWindowDisassociationRequest { /** * @internal */ - export const filterSensitiveLog = (obj: EnableVpcClassicLinkRequest): any => ({ + export const filterSensitiveLog = (obj: InstanceEventWindowDisassociationRequest): any => ({ ...obj, }); } -export interface EnableVpcClassicLinkResult { +export interface DisassociateInstanceEventWindowRequest { /** - *

                                              Returns true if the request succeeds; otherwise, it returns an error.

                                              + *

                                              Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                              */ - Return?: boolean; -} + DryRun?: boolean; -export namespace EnableVpcClassicLinkResult { /** - * @internal + *

                                              The ID of the event window.

                                              */ - export const filterSensitiveLog = (obj: EnableVpcClassicLinkResult): any => ({ - ...obj, - }); -} + InstanceEventWindowId: string | undefined; -export interface EnableVpcClassicLinkDnsSupportRequest { /** - *

                                              The ID of the VPC.

                                              + *

                                              One or more targets to disassociate from the specified event window.

                                              */ - VpcId?: string; + AssociationTarget: InstanceEventWindowDisassociationRequest | undefined; } -export namespace EnableVpcClassicLinkDnsSupportRequest { +export namespace DisassociateInstanceEventWindowRequest { /** * @internal */ - export const filterSensitiveLog = (obj: EnableVpcClassicLinkDnsSupportRequest): any => ({ + export const filterSensitiveLog = (obj: DisassociateInstanceEventWindowRequest): any => ({ ...obj, }); } -export interface EnableVpcClassicLinkDnsSupportResult { +export interface DisassociateInstanceEventWindowResult { /** - *

                                              Returns true if the request succeeds; otherwise, it returns an error.

                                              + *

                                              Information about the event window.

                                              */ - Return?: boolean; + InstanceEventWindow?: InstanceEventWindow; } -export namespace EnableVpcClassicLinkDnsSupportResult { +export namespace DisassociateInstanceEventWindowResult { /** * @internal */ - export const filterSensitiveLog = (obj: EnableVpcClassicLinkDnsSupportResult): any => ({ + export const filterSensitiveLog = (obj: DisassociateInstanceEventWindowResult): any => ({ ...obj, }); } -export interface ExportClientVpnClientCertificateRevocationListRequest { +export interface DisassociateRouteTableRequest { /** - *

                                              The ID of the Client VPN endpoint.

                                              + *

                                              The association ID representing the current association between the route table and subnet or gateway.

                                              */ - ClientVpnEndpointId: string | undefined; + AssociationId: string | undefined; /** - *

                                              Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                              + *

                                              Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                              */ DryRun?: boolean; } -export namespace ExportClientVpnClientCertificateRevocationListRequest { +export namespace DisassociateRouteTableRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ExportClientVpnClientCertificateRevocationListRequest): any => ({ + export const filterSensitiveLog = (obj: DisassociateRouteTableRequest): any => ({ ...obj, }); } -export type ClientCertificateRevocationListStatusCode = "active" | "pending"; - -/** - *

                                              Describes the state of a client certificate revocation list.

                                              - */ -export interface ClientCertificateRevocationListStatus { - /** - *

                                              The state of the client certificate revocation list.

                                              - */ - Code?: ClientCertificateRevocationListStatusCode | string; - +export interface DisassociateSubnetCidrBlockRequest { /** - *

                                              A message about the status of the client certificate revocation list, if applicable.

                                              + *

                                              The association ID for the CIDR block.

                                              */ - Message?: string; + AssociationId: string | undefined; } -export namespace ClientCertificateRevocationListStatus { +export namespace DisassociateSubnetCidrBlockRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ClientCertificateRevocationListStatus): any => ({ + export const filterSensitiveLog = (obj: DisassociateSubnetCidrBlockRequest): any => ({ ...obj, }); } -export interface ExportClientVpnClientCertificateRevocationListResult { +export interface DisassociateSubnetCidrBlockResult { /** - *

                                              Information about the client certificate revocation list.

                                              + *

                                              Information about the IPv6 CIDR block association.

                                              */ - CertificateRevocationList?: string; + Ipv6CidrBlockAssociation?: SubnetIpv6CidrBlockAssociation; /** - *

                                              The current state of the client certificate revocation list.

                                              + *

                                              The ID of the subnet.

                                              */ - Status?: ClientCertificateRevocationListStatus; + SubnetId?: string; } -export namespace ExportClientVpnClientCertificateRevocationListResult { +export namespace DisassociateSubnetCidrBlockResult { /** * @internal */ - export const filterSensitiveLog = (obj: ExportClientVpnClientCertificateRevocationListResult): any => ({ + export const filterSensitiveLog = (obj: DisassociateSubnetCidrBlockResult): any => ({ ...obj, }); } -export interface ExportClientVpnClientConfigurationRequest { +export interface DisassociateTransitGatewayMulticastDomainRequest { /** - *

                                              The ID of the Client VPN endpoint.

                                              + *

                                              The ID of the transit gateway multicast domain.

                                              */ - ClientVpnEndpointId: string | undefined; + TransitGatewayMulticastDomainId?: string; /** - *

                                              Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                              + *

                                              The ID of the attachment.

                                              + */ + TransitGatewayAttachmentId?: string; + + /** + *

                                              The IDs of the subnets;

                                              + */ + SubnetIds?: string[]; + + /** + *

                                              Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                              */ DryRun?: boolean; } -export namespace ExportClientVpnClientConfigurationRequest { +export namespace DisassociateTransitGatewayMulticastDomainRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ExportClientVpnClientConfigurationRequest): any => ({ + export const filterSensitiveLog = (obj: DisassociateTransitGatewayMulticastDomainRequest): any => ({ ...obj, }); } -export interface ExportClientVpnClientConfigurationResult { +export interface DisassociateTransitGatewayMulticastDomainResult { /** - *

                                              The contents of the Client VPN endpoint configuration file.

                                              + *

                                              Information about the association.

                                              */ - ClientConfiguration?: string; + Associations?: TransitGatewayMulticastDomainAssociations; } -export namespace ExportClientVpnClientConfigurationResult { +export namespace DisassociateTransitGatewayMulticastDomainResult { /** * @internal */ - export const filterSensitiveLog = (obj: ExportClientVpnClientConfigurationResult): any => ({ + export const filterSensitiveLog = (obj: DisassociateTransitGatewayMulticastDomainResult): any => ({ ...obj, }); } -/** - *

                                              Describes the destination for an export image task.

                                              - */ -export interface ExportTaskS3LocationRequest { +export interface DisassociateTransitGatewayRouteTableRequest { /** - *

                                              The destination Amazon S3 bucket.

                                              + *

                                              The ID of the transit gateway route table.

                                              */ - S3Bucket: string | undefined; + TransitGatewayRouteTableId: string | undefined; /** - *

                                              The prefix (logical hierarchy) in the bucket.

                                              + *

                                              The ID of the attachment.

                                              */ - S3Prefix?: string; + TransitGatewayAttachmentId: string | undefined; + + /** + *

                                              Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                              + */ + DryRun?: boolean; } -export namespace ExportTaskS3LocationRequest { +export namespace DisassociateTransitGatewayRouteTableRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ExportTaskS3LocationRequest): any => ({ + export const filterSensitiveLog = (obj: DisassociateTransitGatewayRouteTableRequest): any => ({ ...obj, }); } -export interface ExportImageRequest { +export interface DisassociateTransitGatewayRouteTableResult { /** - *

                                              Token to enable idempotency for export image requests.

                                              + *

                                              Information about the association.

                                              */ - ClientToken?: string; + Association?: TransitGatewayAssociation; +} +export namespace DisassociateTransitGatewayRouteTableResult { /** - *

                                              A description of the image being exported. The maximum length is 255 characters.

                                              + * @internal */ - Description?: string; + export const filterSensitiveLog = (obj: DisassociateTransitGatewayRouteTableResult): any => ({ + ...obj, + }); +} +export interface DisassociateTrunkInterfaceRequest { /** - *

                                              The disk image format.

                                              + *

                                              The ID of the association

                                              */ - DiskImageFormat: DiskImageFormat | string | undefined; + AssociationId: string | undefined; + + /** + *

                                              Unique, case-sensitive identifier that you provide to ensure the idempotency of the + * request. For more information, see How to Ensure + * Idempotency.

                                              + */ + ClientToken?: string; /** *

                                              Checks whether you have the required permissions for the action, without actually making the request, @@ -3303,657 +3250,720 @@ export interface ExportImageRequest { * Otherwise, it is UnauthorizedOperation.

                                              */ DryRun?: boolean; +} +export namespace DisassociateTrunkInterfaceRequest { /** - *

                                              The ID of the image.

                                              + * @internal */ - ImageId: string | undefined; + export const filterSensitiveLog = (obj: DisassociateTrunkInterfaceRequest): any => ({ + ...obj, + }); +} +export interface DisassociateTrunkInterfaceResult { /** - *

                                              Information about the destination Amazon S3 bucket. The bucket must exist and grant WRITE - * and READ_ACP permissions to the Amazon Web Services account vm-import-export@amazon.com.

                                              + *

                                              Returns true if the request succeeds; otherwise, it returns an error.

                                              */ - S3ExportLocation: ExportTaskS3LocationRequest | undefined; + Return?: boolean; /** - *

                                              The name of the role that grants VM Import/Export permission to export images to your Amazon - * S3 bucket. If this parameter is not specified, the default role is named 'vmimport'.

                                              + *

                                              Unique, case-sensitive identifier that you provide to ensure the idempotency of the + * request. For more information, see How to Ensure + * Idempotency.

                                              */ - RoleName?: string; + ClientToken?: string; +} +export namespace DisassociateTrunkInterfaceResult { /** - *

                                              The tags to apply to the export image task during creation.

                                              + * @internal */ - TagSpecifications?: TagSpecification[]; + export const filterSensitiveLog = (obj: DisassociateTrunkInterfaceResult): any => ({ + ...obj, + }); } -export namespace ExportImageRequest { +export interface DisassociateVpcCidrBlockRequest { + /** + *

                                              The association ID for the CIDR block.

                                              + */ + AssociationId: string | undefined; +} + +export namespace DisassociateVpcCidrBlockRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ExportImageRequest): any => ({ + export const filterSensitiveLog = (obj: DisassociateVpcCidrBlockRequest): any => ({ ...obj, }); } -export interface ExportImageResult { +export interface DisassociateVpcCidrBlockResult { /** - *

                                              A description of the image being exported.

                                              + *

                                              Information about the IPv6 CIDR block association.

                                              */ - Description?: string; + Ipv6CidrBlockAssociation?: VpcIpv6CidrBlockAssociation; /** - *

                                              The disk image format for the exported image.

                                              + *

                                              Information about the IPv4 CIDR block association.

                                              */ - DiskImageFormat?: DiskImageFormat | string; + CidrBlockAssociation?: VpcCidrBlockAssociation; /** - *

                                              The ID of the export image task.

                                              + *

                                              The ID of the VPC.

                                              */ - ExportImageTaskId?: string; + VpcId?: string; +} +export namespace DisassociateVpcCidrBlockResult { /** - *

                                              The ID of the image.

                                              + * @internal */ - ImageId?: string; + export const filterSensitiveLog = (obj: DisassociateVpcCidrBlockResult): any => ({ + ...obj, + }); +} +export interface EnableEbsEncryptionByDefaultRequest { /** - *

                                              The name of the role that grants VM Import/Export permission to export images to your Amazon - * S3 bucket.

                                              + *

                                              Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                              */ - RoleName?: string; + DryRun?: boolean; +} +export namespace EnableEbsEncryptionByDefaultRequest { /** - *

                                              The percent complete of the export image task.

                                              + * @internal */ - Progress?: string; + export const filterSensitiveLog = (obj: EnableEbsEncryptionByDefaultRequest): any => ({ + ...obj, + }); +} +export interface EnableEbsEncryptionByDefaultResult { /** - *

                                              Information about the destination Amazon S3 bucket.

                                              + *

                                              The updated status of encryption by default.

                                              */ - S3ExportLocation?: ExportTaskS3Location; + EbsEncryptionByDefault?: boolean; +} +export namespace EnableEbsEncryptionByDefaultResult { /** - *

                                              The status of the export image task. The possible values are active, completed, - * deleting, and deleted.

                                              + * @internal */ - Status?: string; + export const filterSensitiveLog = (obj: EnableEbsEncryptionByDefaultResult): any => ({ + ...obj, + }); +} +export interface EnableFastSnapshotRestoresRequest { /** - *

                                              The status message for the export image task.

                                              + *

                                              One or more Availability Zones. For example, us-east-2a.

                                              */ - StatusMessage?: string; + AvailabilityZones: string[] | undefined; /** - *

                                              Any tags assigned to the export image task.

                                              + *

                                              The IDs of one or more snapshots. For example, snap-1234567890abcdef0. You can specify + * a snapshot that was shared with you from another Amazon Web Services account.

                                              */ - Tags?: Tag[]; + SourceSnapshotIds: string[] | undefined; + + /** + *

                                              Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                              + */ + DryRun?: boolean; } -export namespace ExportImageResult { +export namespace EnableFastSnapshotRestoresRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ExportImageResult): any => ({ + export const filterSensitiveLog = (obj: EnableFastSnapshotRestoresRequest): any => ({ ...obj, }); } -export interface ExportTransitGatewayRoutesRequest { +/** + *

                                              Describes fast snapshot restores that were successfully enabled.

                                              + */ +export interface EnableFastSnapshotRestoreSuccessItem { /** - *

                                              The ID of the route table.

                                              + *

                                              The ID of the snapshot.

                                              */ - TransitGatewayRouteTableId: string | undefined; + SnapshotId?: string; /** - *

                                              One or more filters. The possible values are:

                                              - *
                                                - *
                                              • - *

                                                - * attachment.transit-gateway-attachment-id - The id of the transit gateway attachment.

                                                - *
                                                • - *
                                              • - *

                                                - * attachment.resource-id - The resource id of the transit gateway attachment.

                                                - *
                                                • - *
                                              • - *

                                                - * route-search.exact-match - The exact match of the specified filter.

                                                - *
                                                • - *
                                              • - *

                                                - * route-search.longest-prefix-match - The longest prefix that matches the route.

                                                - *
                                                • - *
                                              • - *

                                                - * route-search.subnet-of-match - The routes with a subnet that match the specified CIDR filter.

                                                - *
                                                • - *
                                              • - *

                                                - * route-search.supernet-of-match - The routes with a CIDR that encompass the CIDR filter. For example, if you have 10.0.1.0/29 and 10.0.1.0/31 routes in your route table and you specify supernet-of-match as 10.0.1.0/30, then the result returns 10.0.1.0/29.

                                                - *
                                                • - *
                                              • - *

                                                - * state - The state of the route (active | blackhole).

                                                - *
                                                • + *

                                                The Availability Zone.

                                                + */ + AvailabilityZone?: string; + + /** + *

                                                The state of fast snapshot restores.

                                                + */ + State?: FastSnapshotRestoreStateCode | string; + + /** + *

                                                The reason for the state transition. The possible values are as follows:

                                                + *
                                                  *
                                                • *

                                                  - * transit-gateway-route-destination-cidr-block - The CIDR range.

                                                  + * Client.UserInitiated - The state successfully transitioned to enabling or + * disabling.

                                                  *
                                                  • *
                                                • *

                                                  - * type - The type of route (propagated | - * static).

                                                  + * Client.UserInitiated - Lifecycle state transition - The state successfully transitioned + * to optimizing, enabled, or disabled.

                                                  *
                                                  • *
                                                */ - Filters?: Filter[]; + StateTransitionReason?: string; /** - *

                                                The name of the S3 bucket.

                                                + *

                                                The ID of the Amazon Web Services account that enabled fast snapshot restores on the snapshot.

                                                */ - S3Bucket: string | undefined; + OwnerId?: string; /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + *

                                                The Amazon Web Services owner alias that enabled fast snapshot restores on the snapshot. This is intended for future use.

                                                */ - DryRun?: boolean; -} + OwnerAlias?: string; -export namespace ExportTransitGatewayRoutesRequest { /** - * @internal + *

                                                The time at which fast snapshot restores entered the enabling state.

                                                */ - export const filterSensitiveLog = (obj: ExportTransitGatewayRoutesRequest): any => ({ - ...obj, - }); -} + EnablingTime?: Date; -export interface ExportTransitGatewayRoutesResult { /** - *

                                                The URL of the exported file in Amazon S3. For example, - * s3://bucket_name/VPCTransitGateway/TransitGatewayRouteTables/file_name.

                                                + *

                                                The time at which fast snapshot restores entered the optimizing state.

                                                */ - S3Location?: string; + OptimizingTime?: Date; + + /** + *

                                                The time at which fast snapshot restores entered the enabled state.

                                                + */ + EnabledTime?: Date; + + /** + *

                                                The time at which fast snapshot restores entered the disabling state.

                                                + */ + DisablingTime?: Date; + + /** + *

                                                The time at which fast snapshot restores entered the disabled state.

                                                + */ + DisabledTime?: Date; } -export namespace ExportTransitGatewayRoutesResult { +export namespace EnableFastSnapshotRestoreSuccessItem { /** * @internal */ - export const filterSensitiveLog = (obj: ExportTransitGatewayRoutesResult): any => ({ + export const filterSensitiveLog = (obj: EnableFastSnapshotRestoreSuccessItem): any => ({ ...obj, }); } -export interface GetAssociatedEnclaveCertificateIamRolesRequest { +/** + *

                                                Describes an error that occurred when enabling fast snapshot restores.

                                                + */ +export interface EnableFastSnapshotRestoreStateError { /** - *

                                                The ARN of the ACM certificate for which to view the associated IAM roles, encryption keys, and Amazon - * S3 object information.

                                                + *

                                                The error code.

                                                */ - CertificateArn?: string; + Code?: string; /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                + *

                                                The error message.

                                                */ - DryRun?: boolean; + Message?: string; } -export namespace GetAssociatedEnclaveCertificateIamRolesRequest { +export namespace EnableFastSnapshotRestoreStateError { /** * @internal */ - export const filterSensitiveLog = (obj: GetAssociatedEnclaveCertificateIamRolesRequest): any => ({ + export const filterSensitiveLog = (obj: EnableFastSnapshotRestoreStateError): any => ({ ...obj, }); } /** - *

                                                Information about the associated IAM roles.

                                                + *

                                                Contains information about an error that occurred when enabling fast snapshot restores.

                                                */ -export interface AssociatedRole { +export interface EnableFastSnapshotRestoreStateErrorItem { /** - *

                                                The ARN of the associated IAM role.

                                                + *

                                                The Availability Zone.

                                                */ - AssociatedRoleArn?: string; + AvailabilityZone?: string; /** - *

                                                The name of the Amazon S3 bucket in which the Amazon S3 object is stored.

                                                + *

                                                The error.

                                                */ - CertificateS3BucketName?: string; + Error?: EnableFastSnapshotRestoreStateError; +} + +export namespace EnableFastSnapshotRestoreStateErrorItem { + /** + * @internal + */ + export const filterSensitiveLog = (obj: EnableFastSnapshotRestoreStateErrorItem): any => ({ + ...obj, + }); +} +/** + *

                                                Contains information about the errors that occurred when enabling fast snapshot restores.

                                                + */ +export interface EnableFastSnapshotRestoreErrorItem { /** - *

                                                The key of the Amazon S3 object ey where the certificate, certificate chain, and encrypted private key bundle - * is stored. The object key is formated as follows: role_arn/certificate_arn. - *

                                                + *

                                                The ID of the snapshot.

                                                */ - CertificateS3ObjectKey?: string; + SnapshotId?: string; /** - *

                                                The ID of the KMS customer master key (CMK) used to encrypt the private key.

                                                + *

                                                The errors.

                                                */ - EncryptionKmsKeyId?: string; + FastSnapshotRestoreStateErrors?: EnableFastSnapshotRestoreStateErrorItem[]; } -export namespace AssociatedRole { +export namespace EnableFastSnapshotRestoreErrorItem { /** * @internal */ - export const filterSensitiveLog = (obj: AssociatedRole): any => ({ + export const filterSensitiveLog = (obj: EnableFastSnapshotRestoreErrorItem): any => ({ ...obj, }); } -export interface GetAssociatedEnclaveCertificateIamRolesResult { +export interface EnableFastSnapshotRestoresResult { /** - *

                                                Information about the associated IAM roles.

                                                + *

                                                Information about the snapshots for which fast snapshot restores were successfully enabled.

                                                */ - AssociatedRoles?: AssociatedRole[]; + Successful?: EnableFastSnapshotRestoreSuccessItem[]; + + /** + *

                                                Information about the snapshots for which fast snapshot restores could not be enabled.

                                                + */ + Unsuccessful?: EnableFastSnapshotRestoreErrorItem[]; } -export namespace GetAssociatedEnclaveCertificateIamRolesResult { +export namespace EnableFastSnapshotRestoresResult { /** * @internal */ - export const filterSensitiveLog = (obj: GetAssociatedEnclaveCertificateIamRolesResult): any => ({ + export const filterSensitiveLog = (obj: EnableFastSnapshotRestoresResult): any => ({ ...obj, }); } -export interface GetAssociatedIpv6PoolCidrsRequest { +export interface EnableImageDeprecationRequest { /** - *

                                                The ID of the IPv6 address pool.

                                                + *

                                                The ID of the AMI.

                                                */ - PoolId: string | undefined; + ImageId: string | undefined; /** - *

                                                The token for the next page of results.

                                                + *

                                                The date and time to deprecate the AMI, in UTC, in the following format: + * YYYY-MM-DDTHH:MM:SSZ. + * If you specify a value for seconds, Amazon EC2 rounds the seconds to the + * nearest minute.

                                                + *

                                                You can’t specify a date in the past. The upper limit for DeprecateAt is 10 + * years from now.

                                                */ - NextToken?: string; + DeprecateAt: Date | undefined; /** - *

                                                The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ - MaxResults?: number; + DryRun?: boolean; +} +export namespace EnableImageDeprecationRequest { /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + * @internal */ - DryRun?: boolean; + export const filterSensitiveLog = (obj: EnableImageDeprecationRequest): any => ({ + ...obj, + }); } -export namespace GetAssociatedIpv6PoolCidrsRequest { +export interface EnableImageDeprecationResult { + /** + *

                                                Returns true if the request succeeds; otherwise, it returns an error.

                                                + */ + Return?: boolean; +} + +export namespace EnableImageDeprecationResult { /** * @internal */ - export const filterSensitiveLog = (obj: GetAssociatedIpv6PoolCidrsRequest): any => ({ + export const filterSensitiveLog = (obj: EnableImageDeprecationResult): any => ({ ...obj, }); } -/** - *

                                                Describes an IPv6 CIDR block association.

                                                - */ -export interface Ipv6CidrAssociation { +export interface EnableSerialConsoleAccessRequest { /** - *

                                                The IPv6 CIDR block.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                */ - Ipv6Cidr?: string; + DryRun?: boolean; +} +export namespace EnableSerialConsoleAccessRequest { /** - *

                                                The resource that's associated with the IPv6 CIDR block.

                                                + * @internal */ - AssociatedResource?: string; + export const filterSensitiveLog = (obj: EnableSerialConsoleAccessRequest): any => ({ + ...obj, + }); } -export namespace Ipv6CidrAssociation { +export interface EnableSerialConsoleAccessResult { + /** + *

                                                If true, access to the EC2 serial console of all instances is enabled for + * your account. If false, access to the EC2 serial console of all instances + * is disabled for your account.

                                                + */ + SerialConsoleAccessEnabled?: boolean; +} + +export namespace EnableSerialConsoleAccessResult { /** * @internal */ - export const filterSensitiveLog = (obj: Ipv6CidrAssociation): any => ({ + export const filterSensitiveLog = (obj: EnableSerialConsoleAccessResult): any => ({ ...obj, }); } -export interface GetAssociatedIpv6PoolCidrsResult { +export interface EnableTransitGatewayRouteTablePropagationRequest { /** - *

                                                Information about the IPv6 CIDR block associations.

                                                + *

                                                The ID of the propagation route table.

                                                */ - Ipv6CidrAssociations?: Ipv6CidrAssociation[]; + TransitGatewayRouteTableId: string | undefined; /** - *

                                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                                + *

                                                The ID of the attachment.

                                                */ - NextToken?: string; + TransitGatewayAttachmentId: string | undefined; + + /** + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                + */ + DryRun?: boolean; } -export namespace GetAssociatedIpv6PoolCidrsResult { +export namespace EnableTransitGatewayRouteTablePropagationRequest { /** * @internal */ - export const filterSensitiveLog = (obj: GetAssociatedIpv6PoolCidrsResult): any => ({ + export const filterSensitiveLog = (obj: EnableTransitGatewayRouteTablePropagationRequest): any => ({ ...obj, }); } -export interface GetCapacityReservationUsageRequest { +export interface EnableTransitGatewayRouteTablePropagationResult { /** - *

                                                The ID of the Capacity Reservation.

                                                + *

                                                Information about route propagation.

                                                */ - CapacityReservationId: string | undefined; + Propagation?: TransitGatewayPropagation; +} +export namespace EnableTransitGatewayRouteTablePropagationResult { /** - *

                                                The token to use to retrieve the next page of results.

                                                + * @internal */ - NextToken?: string; + export const filterSensitiveLog = (obj: EnableTransitGatewayRouteTablePropagationResult): any => ({ + ...obj, + }); +} + +/** + *

                                                Contains the parameters for EnableVgwRoutePropagation.

                                                + */ +export interface EnableVgwRoutePropagationRequest { + /** + *

                                                The ID of the virtual private gateway that is attached to a VPC. The virtual private + * gateway must be attached to the same VPC that the routing tables are associated with. + *

                                                + */ + GatewayId: string | undefined; /** - *

                                                The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned nextToken value. This value can be between 5 and 500. If maxResults is given a larger value than 500, you receive an error.

                                                - *

                                                Valid range: Minimum value of 1. Maximum value of 1000.

                                                + *

                                                The ID of the route table. The routing table must be associated with the same VPC that + * the virtual private gateway is attached to.

                                                */ - MaxResults?: number; + RouteTableId: string | undefined; /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually + * making the request, and provides an error response. If you have the required + * permissions, the error response is DryRunOperation. Otherwise, it is + * UnauthorizedOperation.

                                                */ DryRun?: boolean; } -export namespace GetCapacityReservationUsageRequest { +export namespace EnableVgwRoutePropagationRequest { /** * @internal */ - export const filterSensitiveLog = (obj: GetCapacityReservationUsageRequest): any => ({ + export const filterSensitiveLog = (obj: EnableVgwRoutePropagationRequest): any => ({ ...obj, }); } -/** - *

                                                Information about the Capacity Reservation usage.

                                                - */ -export interface InstanceUsage { +export interface EnableVolumeIORequest { /** - *

                                                The ID of the Amazon Web Services account that is making use of the Capacity Reservation.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ - AccountId?: string; + DryRun?: boolean; /** - *

                                                The number of instances the Amazon Web Services account currently has in the Capacity Reservation.

                                                + *

                                                The ID of the volume.

                                                */ - UsedInstanceCount?: number; + VolumeId: string | undefined; } -export namespace InstanceUsage { +export namespace EnableVolumeIORequest { /** * @internal */ - export const filterSensitiveLog = (obj: InstanceUsage): any => ({ + export const filterSensitiveLog = (obj: EnableVolumeIORequest): any => ({ ...obj, }); } -export interface GetCapacityReservationUsageResult { - /** - *

                                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                                - */ - NextToken?: string; - +export interface EnableVpcClassicLinkRequest { /** - *

                                                The ID of the Capacity Reservation.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ - CapacityReservationId?: string; + DryRun?: boolean; /** - *

                                                The type of instance for which the Capacity Reservation reserves capacity.

                                                + *

                                                The ID of the VPC.

                                                */ - InstanceType?: string; + VpcId: string | undefined; +} +export namespace EnableVpcClassicLinkRequest { /** - *

                                                The number of instances for which the Capacity Reservation reserves capacity.

                                                + * @internal */ - TotalInstanceCount?: number; + export const filterSensitiveLog = (obj: EnableVpcClassicLinkRequest): any => ({ + ...obj, + }); +} +export interface EnableVpcClassicLinkResult { /** - *

                                                The remaining capacity. Indicates the number of instances that can be launched in the Capacity Reservation.

                                                + *

                                                Returns true if the request succeeds; otherwise, it returns an error.

                                                */ - AvailableInstanceCount?: number; + Return?: boolean; +} +export namespace EnableVpcClassicLinkResult { /** - *

                                                The current state of the Capacity Reservation. A Capacity Reservation can be in one of the following states:

                                                - *
                                                  - *
                                                • - *

                                                  - * active - The Capacity Reservation is active and the capacity is available for your use.

                                                  - *
                                                  • - *
                                                • - *

                                                  - * expired - The Capacity Reservation expired automatically at the date and time specified - * in your request. The reserved capacity is no longer available for your use.

                                                  - *
                                                  • - *
                                                • - *

                                                  - * cancelled - The Capacity Reservation was cancelled. The reserved capacity is no - * longer available for your use.

                                                  - *
                                                  • - *
                                                • - *

                                                  - * pending - The Capacity Reservation request was successful but the capacity - * provisioning is still pending.

                                                  - *
                                                  • - *
                                                • - *

                                                  - * failed - The Capacity Reservation request has failed. A request might fail - * due to invalid request parameters, capacity constraints, or instance limit constraints. - * Failed requests are retained for 60 minutes.

                                                  - *
                                                  • - *
                                                + * @internal */ - State?: CapacityReservationState | string; + export const filterSensitiveLog = (obj: EnableVpcClassicLinkResult): any => ({ + ...obj, + }); +} +export interface EnableVpcClassicLinkDnsSupportRequest { /** - *

                                                Information about the Capacity Reservation usage.

                                                + *

                                                The ID of the VPC.

                                                */ - InstanceUsages?: InstanceUsage[]; + VpcId?: string; } -export namespace GetCapacityReservationUsageResult { +export namespace EnableVpcClassicLinkDnsSupportRequest { /** * @internal */ - export const filterSensitiveLog = (obj: GetCapacityReservationUsageResult): any => ({ + export const filterSensitiveLog = (obj: EnableVpcClassicLinkDnsSupportRequest): any => ({ ...obj, }); } -export interface GetCoipPoolUsageRequest { - /** - *

                                                The ID of the address pool.

                                                - */ - PoolId: string | undefined; - +export interface EnableVpcClassicLinkDnsSupportResult { /** - *

                                                The filters. The following are the possible values:

                                                - *
                                                  - *
                                                • - *

                                                  - * coip-address-usage.allocation-id - *

                                                  - *
                                                  • - *
                                                - *
                                                  - *
                                                • - *

                                                  - * coip-address-usage.aws-account-id - *

                                                  - *
                                                  • - *
                                                - *
                                                  - *
                                                • - *

                                                  - * coip-address-usage.aws-service - *

                                                  - *
                                                  • - *
                                                - *
                                                  - *
                                                • - *

                                                  - * coip-address-usage.co-ip - *

                                                  - *
                                                  • - *
                                                + *

                                                Returns true if the request succeeds; otherwise, it returns an error.

                                                */ - Filters?: Filter[]; + Return?: boolean; +} +export namespace EnableVpcClassicLinkDnsSupportResult { /** - *

                                                The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

                                                + * @internal */ - MaxResults?: number; + export const filterSensitiveLog = (obj: EnableVpcClassicLinkDnsSupportResult): any => ({ + ...obj, + }); +} +export interface ExportClientVpnClientCertificateRevocationListRequest { /** - *

                                                The token for the next page of results.

                                                + *

                                                The ID of the Client VPN endpoint.

                                                */ - NextToken?: string; + ClientVpnEndpointId: string | undefined; /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                */ DryRun?: boolean; } -export namespace GetCoipPoolUsageRequest { +export namespace ExportClientVpnClientCertificateRevocationListRequest { /** * @internal */ - export const filterSensitiveLog = (obj: GetCoipPoolUsageRequest): any => ({ + export const filterSensitiveLog = (obj: ExportClientVpnClientCertificateRevocationListRequest): any => ({ ...obj, }); } +export type ClientCertificateRevocationListStatusCode = "active" | "pending"; + /** - *

                                                Describes address usage for a customer-owned address pool.

                                                + *

                                                Describes the state of a client certificate revocation list.

                                                */ -export interface CoipAddressUsage { +export interface ClientCertificateRevocationListStatus { /** - *

                                                The allocation ID of the address.

                                                + *

                                                The state of the client certificate revocation list.

                                                */ - AllocationId?: string; + Code?: ClientCertificateRevocationListStatusCode | string; /** - *

                                                The AWS account ID.

                                                + *

                                                A message about the status of the client certificate revocation list, if applicable.

                                                */ - AwsAccountId?: string; + Message?: string; +} +export namespace ClientCertificateRevocationListStatus { /** - *

                                                The AWS service.

                                                + * @internal */ - AwsService?: string; + export const filterSensitiveLog = (obj: ClientCertificateRevocationListStatus): any => ({ + ...obj, + }); +} +export interface ExportClientVpnClientCertificateRevocationListResult { /** - *

                                                The customer-owned IP address.

                                                + *

                                                Information about the client certificate revocation list.

                                                */ - CoIp?: string; + CertificateRevocationList?: string; + + /** + *

                                                The current state of the client certificate revocation list.

                                                + */ + Status?: ClientCertificateRevocationListStatus; } -export namespace CoipAddressUsage { +export namespace ExportClientVpnClientCertificateRevocationListResult { /** * @internal */ - export const filterSensitiveLog = (obj: CoipAddressUsage): any => ({ + export const filterSensitiveLog = (obj: ExportClientVpnClientCertificateRevocationListResult): any => ({ ...obj, }); } -export interface GetCoipPoolUsageResult { - /** - *

                                                The ID of the customer-owned address pool.

                                                - */ - CoipPoolId?: string; - +export interface ExportClientVpnClientConfigurationRequest { /** - *

                                                Information about the address usage.

                                                + *

                                                The ID of the Client VPN endpoint.

                                                */ - CoipAddressUsages?: CoipAddressUsage[]; + ClientVpnEndpointId: string | undefined; /** - *

                                                The ID of the local gateway route table.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                */ - LocalGatewayRouteTableId?: string; + DryRun?: boolean; } -export namespace GetCoipPoolUsageResult { +export namespace ExportClientVpnClientConfigurationRequest { /** * @internal */ - export const filterSensitiveLog = (obj: GetCoipPoolUsageResult): any => ({ + export const filterSensitiveLog = (obj: ExportClientVpnClientConfigurationRequest): any => ({ ...obj, }); } -export interface GetConsoleOutputRequest { +export interface ExportClientVpnClientConfigurationResult { /** - *

                                                The ID of the instance.

                                                + *

                                                The contents of the Client VPN endpoint configuration file.

                                                */ - InstanceId: string | undefined; + ClientConfiguration?: string; +} +export namespace ExportClientVpnClientConfigurationResult { /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + * @internal */ - DryRun?: boolean; + export const filterSensitiveLog = (obj: ExportClientVpnClientConfigurationResult): any => ({ + ...obj, + }); +} +/** + *

                                                Describes the destination for an export image task.

                                                + */ +export interface ExportTaskS3LocationRequest { /** - *

                                                When enabled, retrieves the latest console output for the instance.

                                                - *

                                                Default: disabled (false)

                                                + *

                                                The destination Amazon S3 bucket.

                                                + */ + S3Bucket: string | undefined; + + /** + *

                                                The prefix (logical hierarchy) in the bucket.

                                                */ - Latest?: boolean; + S3Prefix?: string; } -export namespace GetConsoleOutputRequest { +export namespace ExportTaskS3LocationRequest { /** * @internal */ - export const filterSensitiveLog = (obj: GetConsoleOutputRequest): any => ({ + export const filterSensitiveLog = (obj: ExportTaskS3LocationRequest): any => ({ ...obj, }); } -export interface GetConsoleOutputResult { - /** - *

                                                The ID of the instance.

                                                - */ - InstanceId?: string; - +export interface ExportImageRequest { /** - *

                                                The console output, base64-encoded. If you are using a command line tool, the tool - * decodes the output for you.

                                                + *

                                                Token to enable idempotency for export image requests.

                                                */ - Output?: string; + ClientToken?: string; /** - *

                                                The time at which the output was last updated.

                                                + *

                                                A description of the image being exported. The maximum length is 255 characters.

                                                */ - Timestamp?: Date; -} + Description?: string; -export namespace GetConsoleOutputResult { /** - * @internal + *

                                                The disk image format.

                                                */ - export const filterSensitiveLog = (obj: GetConsoleOutputResult): any => ({ - ...obj, - }); -} + DiskImageFormat: DiskImageFormat | string | undefined; -export interface GetConsoleScreenshotRequest { /** *

                                                Checks whether you have the required permissions for the action, without actually making the request, * and provides an error response. If you have the required permissions, the error response is DryRunOperation. @@ -3962,113 +3972,155 @@ export interface GetConsoleScreenshotRequest { DryRun?: boolean; /** - *

                                                The ID of the instance.

                                                + *

                                                The ID of the image.

                                                */ - InstanceId: string | undefined; + ImageId: string | undefined; /** - *

                                                When set to true, acts as keystroke input and wakes up an instance that's - * in standby or "sleep" mode.

                                                + *

                                                Information about the destination Amazon S3 bucket. The bucket must exist and grant WRITE + * and READ_ACP permissions to the Amazon Web Services account vm-import-export@amazon.com.

                                                */ - WakeUp?: boolean; + S3ExportLocation: ExportTaskS3LocationRequest | undefined; + + /** + *

                                                The name of the role that grants VM Import/Export permission to export images to your Amazon + * S3 bucket. If this parameter is not specified, the default role is named 'vmimport'.

                                                + */ + RoleName?: string; + + /** + *

                                                The tags to apply to the export image task during creation.

                                                + */ + TagSpecifications?: TagSpecification[]; } -export namespace GetConsoleScreenshotRequest { +export namespace ExportImageRequest { /** * @internal */ - export const filterSensitiveLog = (obj: GetConsoleScreenshotRequest): any => ({ + export const filterSensitiveLog = (obj: ExportImageRequest): any => ({ ...obj, }); } -export interface GetConsoleScreenshotResult { +export interface ExportImageResult { /** - *

                                                The data that comprises the image.

                                                + *

                                                A description of the image being exported.

                                                */ - ImageData?: string; + Description?: string; /** - *

                                                The ID of the instance.

                                                + *

                                                The disk image format for the exported image.

                                                */ - InstanceId?: string; -} + DiskImageFormat?: DiskImageFormat | string; -export namespace GetConsoleScreenshotResult { /** - * @internal + *

                                                The ID of the export image task.

                                                */ - export const filterSensitiveLog = (obj: GetConsoleScreenshotResult): any => ({ - ...obj, - }); -} + ExportImageTaskId?: string; -export type UnlimitedSupportedInstanceFamily = "t2" | "t3" | "t3a" | "t4g"; + /** + *

                                                The ID of the image.

                                                + */ + ImageId?: string; -export interface GetDefaultCreditSpecificationRequest { /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + *

                                                The name of the role that grants VM Import/Export permission to export images to your Amazon + * S3 bucket.

                                                */ - DryRun?: boolean; + RoleName?: string; /** - *

                                                The instance family.

                                                + *

                                                The percent complete of the export image task.

                                                */ - InstanceFamily: UnlimitedSupportedInstanceFamily | string | undefined; -} + Progress?: string; -export namespace GetDefaultCreditSpecificationRequest { /** - * @internal + *

                                                Information about the destination Amazon S3 bucket.

                                                */ - export const filterSensitiveLog = (obj: GetDefaultCreditSpecificationRequest): any => ({ - ...obj, - }); -} + S3ExportLocation?: ExportTaskS3Location; -/** - *

                                                Describes the default credit option for CPU usage of a burstable performance instance family.

                                                - */ -export interface InstanceFamilyCreditSpecification { /** - *

                                                The instance family.

                                                + *

                                                The status of the export image task. The possible values are active, completed, + * deleting, and deleted.

                                                */ - InstanceFamily?: UnlimitedSupportedInstanceFamily | string; + Status?: string; /** - *

                                                The default credit option for CPU usage of the instance family. Valid values are standard and unlimited.

                                                + *

                                                The status message for the export image task.

                                                */ - CpuCredits?: string; + StatusMessage?: string; + + /** + *

                                                Any tags assigned to the export image task.

                                                + */ + Tags?: Tag[]; } -export namespace InstanceFamilyCreditSpecification { +export namespace ExportImageResult { /** * @internal */ - export const filterSensitiveLog = (obj: InstanceFamilyCreditSpecification): any => ({ + export const filterSensitiveLog = (obj: ExportImageResult): any => ({ ...obj, }); } -export interface GetDefaultCreditSpecificationResult { +export interface ExportTransitGatewayRoutesRequest { /** - *

                                                The default credit option for CPU usage of the instance family.

                                                + *

                                                The ID of the route table.

                                                */ - InstanceFamilyCreditSpecification?: InstanceFamilyCreditSpecification; -} + TransitGatewayRouteTableId: string | undefined; -export namespace GetDefaultCreditSpecificationResult { /** - * @internal + *

                                                One or more filters. The possible values are:

                                                + *
                                                  + *
                                                • + *

                                                  + * attachment.transit-gateway-attachment-id - The id of the transit gateway attachment.

                                                  + *
                                                  • + *
                                                • + *

                                                  + * attachment.resource-id - The resource id of the transit gateway attachment.

                                                  + *
                                                  • + *
                                                • + *

                                                  + * route-search.exact-match - The exact match of the specified filter.

                                                  + *
                                                  • + *
                                                • + *

                                                  + * route-search.longest-prefix-match - The longest prefix that matches the route.

                                                  + *
                                                  • + *
                                                • + *

                                                  + * route-search.subnet-of-match - The routes with a subnet that match the specified CIDR filter.

                                                  + *
                                                  • + *
                                                • + *

                                                  + * route-search.supernet-of-match - The routes with a CIDR that encompass the CIDR filter. For example, if you have 10.0.1.0/29 and 10.0.1.0/31 routes in your route table and you specify supernet-of-match as 10.0.1.0/30, then the result returns 10.0.1.0/29.

                                                  + *
                                                  • + *
                                                • + *

                                                  + * state - The state of the route (active | blackhole).

                                                  + *
                                                  • + *
                                                • + *

                                                  + * transit-gateway-route-destination-cidr-block - The CIDR range.

                                                  + *
                                                  • + *
                                                • + *

                                                  + * type - The type of route (propagated | + * static).

                                                  + *
                                                  • + *
                                                */ - export const filterSensitiveLog = (obj: GetDefaultCreditSpecificationResult): any => ({ - ...obj, - }); -} + Filters?: Filter[]; + + /** + *

                                                The name of the S3 bucket.

                                                + */ + S3Bucket: string | undefined; -export interface GetEbsDefaultKmsKeyIdRequest { /** *

                                                Checks whether you have the required permissions for the action, without actually making the request, * and provides an error response. If you have the required permissions, the error response is DryRunOperation. @@ -4077,175 +4129,186 @@ export interface GetEbsDefaultKmsKeyIdRequest { DryRun?: boolean; } -export namespace GetEbsDefaultKmsKeyIdRequest { +export namespace ExportTransitGatewayRoutesRequest { /** * @internal */ - export const filterSensitiveLog = (obj: GetEbsDefaultKmsKeyIdRequest): any => ({ + export const filterSensitiveLog = (obj: ExportTransitGatewayRoutesRequest): any => ({ ...obj, }); } -export interface GetEbsDefaultKmsKeyIdResult { +export interface ExportTransitGatewayRoutesResult { /** - *

                                                The Amazon Resource Name (ARN) of the default KMS key for encryption by default.

                                                + *

                                                The URL of the exported file in Amazon S3. For example, + * s3://bucket_name/VPCTransitGateway/TransitGatewayRouteTables/file_name.

                                                */ - KmsKeyId?: string; + S3Location?: string; } -export namespace GetEbsDefaultKmsKeyIdResult { +export namespace ExportTransitGatewayRoutesResult { /** * @internal */ - export const filterSensitiveLog = (obj: GetEbsDefaultKmsKeyIdResult): any => ({ + export const filterSensitiveLog = (obj: ExportTransitGatewayRoutesResult): any => ({ ...obj, }); } -export interface GetEbsEncryptionByDefaultRequest { - /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                - */ - DryRun?: boolean; -} - -export namespace GetEbsEncryptionByDefaultRequest { +export interface GetAssociatedEnclaveCertificateIamRolesRequest { /** - * @internal + *

                                                The ARN of the ACM certificate for which to view the associated IAM roles, encryption keys, and Amazon + * S3 object information.

                                                */ - export const filterSensitiveLog = (obj: GetEbsEncryptionByDefaultRequest): any => ({ - ...obj, - }); -} + CertificateArn?: string; -export interface GetEbsEncryptionByDefaultResult { /** - *

                                                Indicates whether encryption by default is enabled.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                */ - EbsEncryptionByDefault?: boolean; + DryRun?: boolean; } -export namespace GetEbsEncryptionByDefaultResult { +export namespace GetAssociatedEnclaveCertificateIamRolesRequest { /** * @internal */ - export const filterSensitiveLog = (obj: GetEbsEncryptionByDefaultResult): any => ({ + export const filterSensitiveLog = (obj: GetAssociatedEnclaveCertificateIamRolesRequest): any => ({ ...obj, }); } -export enum PartitionLoadFrequency { - DAILY = "daily", - MONTHLY = "monthly", - NONE = "none", - WEEKLY = "weekly", -} - /** - *

                                                Describes integration options for Amazon Athena.

                                                + *

                                                Information about the associated IAM roles.

                                                */ -export interface AthenaIntegration { +export interface AssociatedRole { /** - *

                                                The location in Amazon S3 to store the generated CloudFormation template.

                                                + *

                                                The ARN of the associated IAM role.

                                                */ - IntegrationResultS3DestinationArn: string | undefined; + AssociatedRoleArn?: string; /** - *

                                                The schedule for adding new partitions to the table.

                                                + *

                                                The name of the Amazon S3 bucket in which the Amazon S3 object is stored.

                                                */ - PartitionLoadFrequency: PartitionLoadFrequency | string | undefined; + CertificateS3BucketName?: string; /** - *

                                                The start date for the partition.

                                                + *

                                                The key of the Amazon S3 object ey where the certificate, certificate chain, and encrypted private key bundle + * is stored. The object key is formated as follows: role_arn/certificate_arn. + *

                                                */ - PartitionStartDate?: Date; + CertificateS3ObjectKey?: string; /** - *

                                                The end date for the partition.

                                                + *

                                                The ID of the KMS customer master key (CMK) used to encrypt the private key.

                                                */ - PartitionEndDate?: Date; + EncryptionKmsKeyId?: string; } -export namespace AthenaIntegration { +export namespace AssociatedRole { /** * @internal */ - export const filterSensitiveLog = (obj: AthenaIntegration): any => ({ + export const filterSensitiveLog = (obj: AssociatedRole): any => ({ ...obj, }); } -/** - *

                                                Describes service integrations with VPC Flow logs.

                                                - */ -export interface IntegrateServices { +export interface GetAssociatedEnclaveCertificateIamRolesResult { /** - *

                                                Information about the integration with Amazon Athena.

                                                + *

                                                Information about the associated IAM roles.

                                                */ - AthenaIntegrations?: AthenaIntegration[]; + AssociatedRoles?: AssociatedRole[]; } -export namespace IntegrateServices { +export namespace GetAssociatedEnclaveCertificateIamRolesResult { /** * @internal */ - export const filterSensitiveLog = (obj: IntegrateServices): any => ({ + export const filterSensitiveLog = (obj: GetAssociatedEnclaveCertificateIamRolesResult): any => ({ ...obj, }); } -export interface GetFlowLogsIntegrationTemplateRequest { +export interface GetAssociatedIpv6PoolCidrsRequest { + /** + *

                                                The ID of the IPv6 address pool.

                                                + */ + PoolId: string | undefined; + + /** + *

                                                The token for the next page of results.

                                                + */ + NextToken?: string; + + /** + *

                                                The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                                                + */ + MaxResults?: number; + /** *

                                                Checks whether you have the required permissions for the action, without actually making the request, * and provides an error response. If you have the required permissions, the error response is DryRunOperation. * Otherwise, it is UnauthorizedOperation.

                                                */ DryRun?: boolean; +} +export namespace GetAssociatedIpv6PoolCidrsRequest { /** - *

                                                The ID of the flow log.

                                                + * @internal */ - FlowLogId: string | undefined; + export const filterSensitiveLog = (obj: GetAssociatedIpv6PoolCidrsRequest): any => ({ + ...obj, + }); +} +/** + *

                                                Describes an IPv6 CIDR block association.

                                                + */ +export interface Ipv6CidrAssociation { /** - *

                                                To store the CloudFormation template in Amazon S3, specify the location in Amazon S3.

                                                + *

                                                The IPv6 CIDR block.

                                                */ - ConfigDeliveryS3DestinationArn: string | undefined; + Ipv6Cidr?: string; /** - *

                                                Information about the service integration.

                                                + *

                                                The resource that's associated with the IPv6 CIDR block.

                                                */ - IntegrateServices: IntegrateServices | undefined; + AssociatedResource?: string; } -export namespace GetFlowLogsIntegrationTemplateRequest { +export namespace Ipv6CidrAssociation { /** * @internal */ - export const filterSensitiveLog = (obj: GetFlowLogsIntegrationTemplateRequest): any => ({ + export const filterSensitiveLog = (obj: Ipv6CidrAssociation): any => ({ ...obj, }); } -export interface GetFlowLogsIntegrationTemplateResult { +export interface GetAssociatedIpv6PoolCidrsResult { /** - *

                                                The generated CloudFormation template.

                                                + *

                                                Information about the IPv6 CIDR block associations.

                                                */ - Result?: string; + Ipv6CidrAssociations?: Ipv6CidrAssociation[]; + + /** + *

                                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                                + */ + NextToken?: string; } -export namespace GetFlowLogsIntegrationTemplateResult { +export namespace GetAssociatedIpv6PoolCidrsResult { /** * @internal */ - export const filterSensitiveLog = (obj: GetFlowLogsIntegrationTemplateResult): any => ({ + export const filterSensitiveLog = (obj: GetAssociatedIpv6PoolCidrsResult): any => ({ ...obj, }); } -export interface GetGroupsForCapacityReservationRequest { +export interface GetCapacityReservationUsageRequest { /** *

                                                The ID of the Capacity Reservation.

                                                */ @@ -4258,6 +4321,7 @@ export interface GetGroupsForCapacityReservationRequest { /** *

                                                The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned nextToken value. This value can be between 5 and 500. If maxResults is given a larger value than 500, you receive an error.

                                                + *

                                                Valid range: Minimum value of 1. Maximum value of 1000.

                                                */ MaxResults?: number; @@ -4267,292 +4331,348 @@ export interface GetGroupsForCapacityReservationRequest { DryRun?: boolean; } -export namespace GetGroupsForCapacityReservationRequest { +export namespace GetCapacityReservationUsageRequest { /** * @internal */ - export const filterSensitiveLog = (obj: GetGroupsForCapacityReservationRequest): any => ({ + export const filterSensitiveLog = (obj: GetCapacityReservationUsageRequest): any => ({ ...obj, }); } /** - *

                                                Describes a resource group to which a Capacity Reservation has been added.

                                                + *

                                                Information about the Capacity Reservation usage.

                                                */ -export interface CapacityReservationGroup { +export interface InstanceUsage { /** - *

                                                The ARN of the resource group.

                                                + *

                                                The ID of the Amazon Web Services account that is making use of the Capacity Reservation.

                                                */ - GroupArn?: string; + AccountId?: string; /** - *

                                                The ID of the Amazon Web Services account that owns the resource group.

                                                + *

                                                The number of instances the Amazon Web Services account currently has in the Capacity Reservation.

                                                */ - OwnerId?: string; + UsedInstanceCount?: number; } -export namespace CapacityReservationGroup { +export namespace InstanceUsage { /** * @internal */ - export const filterSensitiveLog = (obj: CapacityReservationGroup): any => ({ + export const filterSensitiveLog = (obj: InstanceUsage): any => ({ ...obj, }); } -export interface GetGroupsForCapacityReservationResult { +export interface GetCapacityReservationUsageResult { /** *

                                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                                */ NextToken?: string; /** - *

                                                Information about the resource groups to which the Capacity Reservation has been added.

                                                - */ - CapacityReservationGroups?: CapacityReservationGroup[]; -} - -export namespace GetGroupsForCapacityReservationResult { - /** - * @internal + *

                                                The ID of the Capacity Reservation.

                                                */ - export const filterSensitiveLog = (obj: GetGroupsForCapacityReservationResult): any => ({ - ...obj, - }); -} + CapacityReservationId?: string; -export interface GetHostReservationPurchasePreviewRequest { /** - *

                                                The IDs of the Dedicated Hosts with which the reservation is associated.

                                                + *

                                                The type of instance for which the Capacity Reservation reserves capacity.

                                                */ - HostIdSet: string[] | undefined; + InstanceType?: string; /** - *

                                                The offering ID of the reservation.

                                                + *

                                                The number of instances for which the Capacity Reservation reserves capacity.

                                                */ - OfferingId: string | undefined; -} + TotalInstanceCount?: number; -export namespace GetHostReservationPurchasePreviewRequest { /** - * @internal + *

                                                The remaining capacity. Indicates the number of instances that can be launched in the Capacity Reservation.

                                                */ - export const filterSensitiveLog = (obj: GetHostReservationPurchasePreviewRequest): any => ({ - ...obj, - }); -} + AvailableInstanceCount?: number; -/** - *

                                                Describes the result of the purchase.

                                                - */ -export interface Purchase { /** - *

                                                The currency in which the UpfrontPrice and HourlyPrice - * amounts are specified. At this time, the only supported currency is - * USD.

                                                + *

                                                The current state of the Capacity Reservation. A Capacity Reservation can be in one of the following states:

                                                + *
                                                  + *
                                                • + *

                                                  + * active - The Capacity Reservation is active and the capacity is available for your use.

                                                  + *
                                                  • + *
                                                • + *

                                                  + * expired - The Capacity Reservation expired automatically at the date and time specified + * in your request. The reserved capacity is no longer available for your use.

                                                  + *
                                                  • + *
                                                • + *

                                                  + * cancelled - The Capacity Reservation was cancelled. The reserved capacity is no + * longer available for your use.

                                                  + *
                                                  • + *
                                                • + *

                                                  + * pending - The Capacity Reservation request was successful but the capacity + * provisioning is still pending.

                                                  + *
                                                  • + *
                                                • + *

                                                  + * failed - The Capacity Reservation request has failed. A request might fail + * due to invalid request parameters, capacity constraints, or instance limit constraints. + * Failed requests are retained for 60 minutes.

                                                  + *
                                                  • + *
                                                */ - CurrencyCode?: CurrencyCodeValues | string; + State?: CapacityReservationState | string; /** - *

                                                The duration of the reservation's term in seconds.

                                                + *

                                                Information about the Capacity Reservation usage.

                                                */ - Duration?: number; + InstanceUsages?: InstanceUsage[]; +} +export namespace GetCapacityReservationUsageResult { /** - *

                                                The IDs of the Dedicated Hosts associated with the reservation.

                                                + * @internal */ - HostIdSet?: string[]; + export const filterSensitiveLog = (obj: GetCapacityReservationUsageResult): any => ({ + ...obj, + }); +} +export interface GetCoipPoolUsageRequest { /** - *

                                                The ID of the reservation.

                                                + *

                                                The ID of the address pool.

                                                */ - HostReservationId?: string; + PoolId: string | undefined; /** - *

                                                The hourly price of the reservation per hour.

                                                + *

                                                The filters. The following are the possible values:

                                                + *
                                                  + *
                                                • + *

                                                  + * coip-address-usage.allocation-id + *

                                                  + *
                                                  • + *
                                                + *
                                                  + *
                                                • + *

                                                  + * coip-address-usage.aws-account-id + *

                                                  + *
                                                  • + *
                                                + *
                                                  + *
                                                • + *

                                                  + * coip-address-usage.aws-service + *

                                                  + *
                                                  • + *
                                                + *
                                                  + *
                                                • + *

                                                  + * coip-address-usage.co-ip + *

                                                  + *
                                                  • + *
                                                */ - HourlyPrice?: string; + Filters?: Filter[]; /** - *

                                                The instance family on the Dedicated Host that the reservation can be associated - * with.

                                                + *

                                                The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                                                */ - InstanceFamily?: string; + MaxResults?: number; /** - *

                                                The payment option for the reservation.

                                                + *

                                                The token for the next page of results.

                                                */ - PaymentOption?: PaymentOption | string; + NextToken?: string; /** - *

                                                The upfront price of the reservation.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ - UpfrontPrice?: string; + DryRun?: boolean; } -export namespace Purchase { +export namespace GetCoipPoolUsageRequest { /** * @internal */ - export const filterSensitiveLog = (obj: Purchase): any => ({ + export const filterSensitiveLog = (obj: GetCoipPoolUsageRequest): any => ({ ...obj, }); } -export interface GetHostReservationPurchasePreviewResult { +/** + *

                                                Describes address usage for a customer-owned address pool.

                                                + */ +export interface CoipAddressUsage { /** - *

                                                The currency in which the totalUpfrontPrice and - * totalHourlyPrice amounts are specified. At this time, the only - * supported currency is USD.

                                                + *

                                                The allocation ID of the address.

                                                */ - CurrencyCode?: CurrencyCodeValues | string; + AllocationId?: string; /** - *

                                                The purchase information of the Dedicated Host reservation and the Dedicated Hosts - * associated with it.

                                                + *

                                                The AWS account ID.

                                                */ - Purchase?: Purchase[]; + AwsAccountId?: string; /** - *

                                                The potential total hourly price of the reservation per hour.

                                                + *

                                                The AWS service.

                                                */ - TotalHourlyPrice?: string; + AwsService?: string; /** - *

                                                The potential total upfront price. This is billed immediately.

                                                + *

                                                The customer-owned IP address.

                                                */ - TotalUpfrontPrice?: string; + CoIp?: string; } -export namespace GetHostReservationPurchasePreviewResult { +export namespace CoipAddressUsage { /** * @internal */ - export const filterSensitiveLog = (obj: GetHostReservationPurchasePreviewResult): any => ({ + export const filterSensitiveLog = (obj: CoipAddressUsage): any => ({ ...obj, }); } -export interface GetLaunchTemplateDataRequest { +export interface GetCoipPoolUsageResult { /** - *

                                                Checks whether you have the required permissions for the action, without actually - * making the request, and provides an error response. If you have the required - * permissions, the error response is DryRunOperation. Otherwise, it is - * UnauthorizedOperation.

                                                + *

                                                The ID of the customer-owned address pool.

                                                */ - DryRun?: boolean; + CoipPoolId?: string; /** - *

                                                The ID of the instance.

                                                + *

                                                Information about the address usage.

                                                */ - InstanceId: string | undefined; + CoipAddressUsages?: CoipAddressUsage[]; + + /** + *

                                                The ID of the local gateway route table.

                                                + */ + LocalGatewayRouteTableId?: string; } -export namespace GetLaunchTemplateDataRequest { +export namespace GetCoipPoolUsageResult { /** * @internal */ - export const filterSensitiveLog = (obj: GetLaunchTemplateDataRequest): any => ({ + export const filterSensitiveLog = (obj: GetCoipPoolUsageResult): any => ({ ...obj, }); } -export interface GetLaunchTemplateDataResult { +export interface GetConsoleOutputRequest { /** - *

                                                The instance data.

                                                + *

                                                The ID of the instance.

                                                */ - LaunchTemplateData?: ResponseLaunchTemplateData; + InstanceId: string | undefined; + + /** + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                + */ + DryRun?: boolean; + + /** + *

                                                When enabled, retrieves the latest console output for the instance.

                                                + *

                                                Default: disabled (false)

                                                + */ + Latest?: boolean; } -export namespace GetLaunchTemplateDataResult { +export namespace GetConsoleOutputRequest { /** * @internal */ - export const filterSensitiveLog = (obj: GetLaunchTemplateDataResult): any => ({ + export const filterSensitiveLog = (obj: GetConsoleOutputRequest): any => ({ ...obj, }); } -export interface GetManagedPrefixListAssociationsRequest { - /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                - */ - DryRun?: boolean; - +export interface GetConsoleOutputResult { /** - *

                                                The ID of the prefix list.

                                                + *

                                                The ID of the instance.

                                                */ - PrefixListId: string | undefined; + InstanceId?: string; /** - *

                                                The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

                                                + *

                                                The console output, base64-encoded. If you are using a command line tool, the tool + * decodes the output for you.

                                                */ - MaxResults?: number; + Output?: string; /** - *

                                                The token for the next page of results.

                                                + *

                                                The time at which the output was last updated.

                                                */ - NextToken?: string; + Timestamp?: Date; } -export namespace GetManagedPrefixListAssociationsRequest { +export namespace GetConsoleOutputResult { /** * @internal */ - export const filterSensitiveLog = (obj: GetManagedPrefixListAssociationsRequest): any => ({ + export const filterSensitiveLog = (obj: GetConsoleOutputResult): any => ({ ...obj, }); } -/** - *

                                                Describes the resource with which a prefix list is associated.

                                                - */ -export interface PrefixListAssociation { +export interface GetConsoleScreenshotRequest { /** - *

                                                The ID of the resource.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ - ResourceId?: string; + DryRun?: boolean; /** - *

                                                The owner of the resource.

                                                + *

                                                The ID of the instance.

                                                */ - ResourceOwner?: string; + InstanceId: string | undefined; + + /** + *

                                                When set to true, acts as keystroke input and wakes up an instance that's + * in standby or "sleep" mode.

                                                + */ + WakeUp?: boolean; } -export namespace PrefixListAssociation { +export namespace GetConsoleScreenshotRequest { /** * @internal */ - export const filterSensitiveLog = (obj: PrefixListAssociation): any => ({ + export const filterSensitiveLog = (obj: GetConsoleScreenshotRequest): any => ({ ...obj, }); } -export interface GetManagedPrefixListAssociationsResult { +export interface GetConsoleScreenshotResult { /** - *

                                                Information about the associations.

                                                + *

                                                The data that comprises the image.

                                                */ - PrefixListAssociations?: PrefixListAssociation[]; + ImageData?: string; /** - *

                                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                                + *

                                                The ID of the instance.

                                                */ - NextToken?: string; + InstanceId?: string; } -export namespace GetManagedPrefixListAssociationsResult { +export namespace GetConsoleScreenshotResult { /** * @internal */ - export const filterSensitiveLog = (obj: GetManagedPrefixListAssociationsResult): any => ({ + export const filterSensitiveLog = (obj: GetConsoleScreenshotResult): any => ({ ...obj, }); } -export interface GetManagedPrefixListEntriesRequest { +export type UnlimitedSupportedInstanceFamily = "t2" | "t3" | "t3a" | "t4g"; + +export interface GetDefaultCreditSpecificationRequest { /** *

                                                Checks whether you have the required permissions for the action, without actually making the request, * and provides an error response. If you have the required permissions, the error response is DryRunOperation. @@ -4561,87 +4681,61 @@ export interface GetManagedPrefixListEntriesRequest { DryRun?: boolean; /** - *

                                                The ID of the prefix list.

                                                - */ - PrefixListId: string | undefined; - - /** - *

                                                The version of the prefix list for which to return the entries. The default is the current version.

                                                - */ - TargetVersion?: number; - - /** - *

                                                The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

                                                - */ - MaxResults?: number; - - /** - *

                                                The token for the next page of results.

                                                + *

                                                The instance family.

                                                */ - NextToken?: string; + InstanceFamily: UnlimitedSupportedInstanceFamily | string | undefined; } -export namespace GetManagedPrefixListEntriesRequest { +export namespace GetDefaultCreditSpecificationRequest { /** * @internal */ - export const filterSensitiveLog = (obj: GetManagedPrefixListEntriesRequest): any => ({ + export const filterSensitiveLog = (obj: GetDefaultCreditSpecificationRequest): any => ({ ...obj, }); } /** - *

                                                Describes a prefix list entry.

                                                + *

                                                Describes the default credit option for CPU usage of a burstable performance instance family.

                                                */ -export interface PrefixListEntry { +export interface InstanceFamilyCreditSpecification { /** - *

                                                The CIDR block.

                                                + *

                                                The instance family.

                                                */ - Cidr?: string; + InstanceFamily?: UnlimitedSupportedInstanceFamily | string; /** - *

                                                The description.

                                                + *

                                                The default credit option for CPU usage of the instance family. Valid values are standard and unlimited.

                                                */ - Description?: string; + CpuCredits?: string; } -export namespace PrefixListEntry { +export namespace InstanceFamilyCreditSpecification { /** * @internal */ - export const filterSensitiveLog = (obj: PrefixListEntry): any => ({ + export const filterSensitiveLog = (obj: InstanceFamilyCreditSpecification): any => ({ ...obj, }); } -export interface GetManagedPrefixListEntriesResult { - /** - *

                                                Information about the prefix list entries.

                                                - */ - Entries?: PrefixListEntry[]; - +export interface GetDefaultCreditSpecificationResult { /** - *

                                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                                + *

                                                The default credit option for CPU usage of the instance family.

                                                */ - NextToken?: string; + InstanceFamilyCreditSpecification?: InstanceFamilyCreditSpecification; } -export namespace GetManagedPrefixListEntriesResult { +export namespace GetDefaultCreditSpecificationResult { /** * @internal */ - export const filterSensitiveLog = (obj: GetManagedPrefixListEntriesResult): any => ({ + export const filterSensitiveLog = (obj: GetDefaultCreditSpecificationResult): any => ({ ...obj, }); } -export interface GetPasswordDataRequest { - /** - *

                                                The ID of the Windows instance.

                                                - */ - InstanceId: string | undefined; - +export interface GetEbsDefaultKmsKeyIdRequest { /** *

                                                Checks whether you have the required permissions for the action, without actually making the request, * and provides an error response. If you have the required permissions, the error response is DryRunOperation. @@ -4650,481 +4744,414 @@ export interface GetPasswordDataRequest { DryRun?: boolean; } -export namespace GetPasswordDataRequest { +export namespace GetEbsDefaultKmsKeyIdRequest { /** * @internal */ - export const filterSensitiveLog = (obj: GetPasswordDataRequest): any => ({ + export const filterSensitiveLog = (obj: GetEbsDefaultKmsKeyIdRequest): any => ({ ...obj, }); } -export interface GetPasswordDataResult { - /** - *

                                                The ID of the Windows instance.

                                                - */ - InstanceId?: string; - - /** - *

                                                The password of the instance. Returns an empty string if the password is not - * available.

                                                - */ - PasswordData?: string; - +export interface GetEbsDefaultKmsKeyIdResult { /** - *

                                                The time the data was last updated.

                                                + *

                                                The Amazon Resource Name (ARN) of the default KMS key for encryption by default.

                                                */ - Timestamp?: Date; + KmsKeyId?: string; } -export namespace GetPasswordDataResult { +export namespace GetEbsDefaultKmsKeyIdResult { /** * @internal */ - export const filterSensitiveLog = (obj: GetPasswordDataResult): any => ({ + export const filterSensitiveLog = (obj: GetEbsDefaultKmsKeyIdResult): any => ({ ...obj, }); } -/** - *

                                                Contains the parameters for GetReservedInstanceExchangeQuote.

                                                - */ -export interface GetReservedInstancesExchangeQuoteRequest { +export interface GetEbsEncryptionByDefaultRequest { /** *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ DryRun?: boolean; +} +export namespace GetEbsEncryptionByDefaultRequest { /** - *

                                                The IDs of the Convertible Reserved Instances to exchange.

                                                + * @internal */ - ReservedInstanceIds: string[] | undefined; + export const filterSensitiveLog = (obj: GetEbsEncryptionByDefaultRequest): any => ({ + ...obj, + }); +} +export interface GetEbsEncryptionByDefaultResult { /** - *

                                                The configuration of the target Convertible Reserved Instance to exchange for your - * current Convertible Reserved Instances.

                                                + *

                                                Indicates whether encryption by default is enabled.

                                                */ - TargetConfigurations?: TargetConfigurationRequest[]; + EbsEncryptionByDefault?: boolean; } -export namespace GetReservedInstancesExchangeQuoteRequest { +export namespace GetEbsEncryptionByDefaultResult { /** * @internal */ - export const filterSensitiveLog = (obj: GetReservedInstancesExchangeQuoteRequest): any => ({ + export const filterSensitiveLog = (obj: GetEbsEncryptionByDefaultResult): any => ({ ...obj, }); } +export enum PartitionLoadFrequency { + DAILY = "daily", + MONTHLY = "monthly", + NONE = "none", + WEEKLY = "weekly", +} + /** - *

                                                The cost associated with the Reserved Instance.

                                                + *

                                                Describes integration options for Amazon Athena.

                                                */ -export interface ReservationValue { +export interface AthenaIntegration { + /** + *

                                                The location in Amazon S3 to store the generated CloudFormation template.

                                                + */ + IntegrationResultS3DestinationArn: string | undefined; + /** - *

                                                The hourly rate of the reservation.

                                                + *

                                                The schedule for adding new partitions to the table.

                                                */ - HourlyPrice?: string; + PartitionLoadFrequency: PartitionLoadFrequency | string | undefined; /** - *

                                                The balance of the total value (the sum of remainingUpfrontValue + hourlyPrice * number of hours remaining).

                                                + *

                                                The start date for the partition.

                                                */ - RemainingTotalValue?: string; + PartitionStartDate?: Date; /** - *

                                                The remaining upfront cost of the reservation.

                                                + *

                                                The end date for the partition.

                                                */ - RemainingUpfrontValue?: string; + PartitionEndDate?: Date; } -export namespace ReservationValue { +export namespace AthenaIntegration { /** * @internal */ - export const filterSensitiveLog = (obj: ReservationValue): any => ({ + export const filterSensitiveLog = (obj: AthenaIntegration): any => ({ ...obj, }); } /** - *

                                                The total value of the Convertible Reserved Instance.

                                                + *

                                                Describes service integrations with VPC Flow logs.

                                                */ -export interface ReservedInstanceReservationValue { - /** - *

                                                The total value of the Convertible Reserved Instance that you are exchanging.

                                                - */ - ReservationValue?: ReservationValue; - +export interface IntegrateServices { /** - *

                                                The ID of the Convertible Reserved Instance that you are exchanging.

                                                + *

                                                Information about the integration with Amazon Athena.

                                                */ - ReservedInstanceId?: string; + AthenaIntegrations?: AthenaIntegration[]; } -export namespace ReservedInstanceReservationValue { +export namespace IntegrateServices { /** * @internal */ - export const filterSensitiveLog = (obj: ReservedInstanceReservationValue): any => ({ + export const filterSensitiveLog = (obj: IntegrateServices): any => ({ ...obj, }); } -/** - *

                                                Information about the Convertible Reserved Instance offering.

                                                - */ -export interface TargetConfiguration { - /** - *

                                                The number of instances the Convertible Reserved Instance offering can be applied to. This parameter is - * reserved and cannot be specified in a request

                                                - */ - InstanceCount?: number; - +export interface GetFlowLogsIntegrationTemplateRequest { /** - *

                                                The ID of the Convertible Reserved Instance offering.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ - OfferingId?: string; -} + DryRun?: boolean; -export namespace TargetConfiguration { /** - * @internal + *

                                                The ID of the flow log.

                                                */ - export const filterSensitiveLog = (obj: TargetConfiguration): any => ({ - ...obj, - }); -} + FlowLogId: string | undefined; -/** - *

                                                The total value of the new Convertible Reserved Instances.

                                                - */ -export interface TargetReservationValue { /** - *

                                                The total value of the Convertible Reserved Instances that make up the exchange. This is the sum of - * the list value, remaining upfront price, and additional upfront cost of the exchange.

                                                + *

                                                To store the CloudFormation template in Amazon S3, specify the location in Amazon S3.

                                                */ - ReservationValue?: ReservationValue; + ConfigDeliveryS3DestinationArn: string | undefined; /** - *

                                                The configuration of the Convertible Reserved Instances that make up the exchange.

                                                + *

                                                Information about the service integration.

                                                */ - TargetConfiguration?: TargetConfiguration; + IntegrateServices: IntegrateServices | undefined; } -export namespace TargetReservationValue { +export namespace GetFlowLogsIntegrationTemplateRequest { /** * @internal */ - export const filterSensitiveLog = (obj: TargetReservationValue): any => ({ + export const filterSensitiveLog = (obj: GetFlowLogsIntegrationTemplateRequest): any => ({ ...obj, }); } -/** - *

                                                Contains the output of GetReservedInstancesExchangeQuote.

                                                - */ -export interface GetReservedInstancesExchangeQuoteResult { +export interface GetFlowLogsIntegrationTemplateResult { /** - *

                                                The currency of the transaction.

                                                + *

                                                The generated CloudFormation template.

                                                */ - CurrencyCode?: string; + Result?: string; +} +export namespace GetFlowLogsIntegrationTemplateResult { /** - *

                                                If true, the exchange is valid. If false, the exchange cannot be completed.

                                                + * @internal */ - IsValidExchange?: boolean; + export const filterSensitiveLog = (obj: GetFlowLogsIntegrationTemplateResult): any => ({ + ...obj, + }); +} +export interface GetGroupsForCapacityReservationRequest { /** - *

                                                The new end date of the reservation term.

                                                + *

                                                The ID of the Capacity Reservation.

                                                */ - OutputReservedInstancesWillExpireAt?: Date; + CapacityReservationId: string | undefined; /** - *

                                                The total true upfront charge for the exchange.

                                                + *

                                                The token to use to retrieve the next page of results.

                                                */ - PaymentDue?: string; + NextToken?: string; /** - *

                                                The cost associated with the Reserved Instance.

                                                + *

                                                The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned nextToken value. This value can be between 5 and 500. If maxResults is given a larger value than 500, you receive an error.

                                                */ - ReservedInstanceValueRollup?: ReservationValue; + MaxResults?: number; /** - *

                                                The configuration of your Convertible Reserved Instances.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                */ - ReservedInstanceValueSet?: ReservedInstanceReservationValue[]; + DryRun?: boolean; +} +export namespace GetGroupsForCapacityReservationRequest { /** - *

                                                The cost associated with the Reserved Instance.

                                                + * @internal */ - TargetConfigurationValueRollup?: ReservationValue; + export const filterSensitiveLog = (obj: GetGroupsForCapacityReservationRequest): any => ({ + ...obj, + }); +} +/** + *

                                                Describes a resource group to which a Capacity Reservation has been added.

                                                + */ +export interface CapacityReservationGroup { /** - *

                                                The values of the target Convertible Reserved Instances.

                                                + *

                                                The ARN of the resource group.

                                                */ - TargetConfigurationValueSet?: TargetReservationValue[]; + GroupArn?: string; /** - *

                                                Describes the reason why the exchange cannot be completed.

                                                + *

                                                The ID of the Amazon Web Services account that owns the resource group.

                                                */ - ValidationFailureReason?: string; + OwnerId?: string; } -export namespace GetReservedInstancesExchangeQuoteResult { +export namespace CapacityReservationGroup { /** * @internal */ - export const filterSensitiveLog = (obj: GetReservedInstancesExchangeQuoteResult): any => ({ + export const filterSensitiveLog = (obj: CapacityReservationGroup): any => ({ ...obj, }); } -export interface GetSerialConsoleAccessStatusRequest { +export interface GetGroupsForCapacityReservationResult { /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                + *

                                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                                */ - DryRun?: boolean; + NextToken?: string; + + /** + *

                                                Information about the resource groups to which the Capacity Reservation has been added.

                                                + */ + CapacityReservationGroups?: CapacityReservationGroup[]; } -export namespace GetSerialConsoleAccessStatusRequest { +export namespace GetGroupsForCapacityReservationResult { /** * @internal */ - export const filterSensitiveLog = (obj: GetSerialConsoleAccessStatusRequest): any => ({ + export const filterSensitiveLog = (obj: GetGroupsForCapacityReservationResult): any => ({ ...obj, }); } -export interface GetSerialConsoleAccessStatusResult { +export interface GetHostReservationPurchasePreviewRequest { /** - *

                                                If true, access to the EC2 serial console of all instances is enabled for - * your account. If false, access to the EC2 serial console of all instances - * is disabled for your account.

                                                + *

                                                The IDs of the Dedicated Hosts with which the reservation is associated.

                                                */ - SerialConsoleAccessEnabled?: boolean; + HostIdSet: string[] | undefined; + + /** + *

                                                The offering ID of the reservation.

                                                + */ + OfferingId: string | undefined; } -export namespace GetSerialConsoleAccessStatusResult { +export namespace GetHostReservationPurchasePreviewRequest { /** * @internal */ - export const filterSensitiveLog = (obj: GetSerialConsoleAccessStatusResult): any => ({ + export const filterSensitiveLog = (obj: GetHostReservationPurchasePreviewRequest): any => ({ ...obj, }); } -export interface GetSubnetCidrReservationsRequest { - /** - *

                                                One or more filters.

                                                - *
                                                  - *
                                                • - *

                                                  - * reservationType - The type of reservation (prefix | - * explicit).

                                                  - *
                                                  • - *
                                                • - *

                                                  - * subnet-id - The ID of the subnet.

                                                  - *
                                                  • - *
                                                • - *

                                                  - * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. - * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                                                  - *
                                                  • - *
                                                • - *

                                                  - * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                                                  - *
                                                  • - *
                                                - */ - Filters?: Filter[]; - +/** + *

                                                Describes the result of the purchase.

                                                + */ +export interface Purchase { /** - *

                                                The ID of the subnet.

                                                + *

                                                The currency in which the UpfrontPrice and HourlyPrice + * amounts are specified. At this time, the only supported currency is + * USD.

                                                */ - SubnetId: string | undefined; + CurrencyCode?: CurrencyCodeValues | string; /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + *

                                                The duration of the reservation's term in seconds.

                                                */ - DryRun?: boolean; + Duration?: number; /** - *

                                                The token for the next page of results.

                                                + *

                                                The IDs of the Dedicated Hosts associated with the reservation.

                                                */ - NextToken?: string; + HostIdSet?: string[]; /** - *

                                                The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

                                                + *

                                                The ID of the reservation.

                                                */ - MaxResults?: number; -} + HostReservationId?: string; -export namespace GetSubnetCidrReservationsRequest { /** - * @internal + *

                                                The hourly price of the reservation per hour.

                                                */ - export const filterSensitiveLog = (obj: GetSubnetCidrReservationsRequest): any => ({ - ...obj, - }); -} + HourlyPrice?: string; -export interface GetSubnetCidrReservationsResult { /** - *

                                                Information about the IPv4 subnet CIDR reservations.

                                                + *

                                                The instance family on the Dedicated Host that the reservation can be associated + * with.

                                                */ - SubnetIpv4CidrReservations?: SubnetCidrReservation[]; + InstanceFamily?: string; /** - *

                                                Information about the IPv6 subnet CIDR reservations.

                                                + *

                                                The payment option for the reservation.

                                                */ - SubnetIpv6CidrReservations?: SubnetCidrReservation[]; + PaymentOption?: PaymentOption | string; /** - *

                                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                                + *

                                                The upfront price of the reservation.

                                                */ - NextToken?: string; + UpfrontPrice?: string; } -export namespace GetSubnetCidrReservationsResult { +export namespace Purchase { /** * @internal */ - export const filterSensitiveLog = (obj: GetSubnetCidrReservationsResult): any => ({ + export const filterSensitiveLog = (obj: Purchase): any => ({ ...obj, }); -} - -export interface GetTransitGatewayAttachmentPropagationsRequest { - /** - *

                                                The ID of the attachment.

                                                - */ - TransitGatewayAttachmentId: string | undefined; +} +export interface GetHostReservationPurchasePreviewResult { /** - *

                                                One or more filters. The possible values are:

                                                - *
                                                  - *
                                                • - *

                                                  - * transit-gateway-route-table-id - The ID of the transit gateway route table.

                                                  - *
                                                  • - *
                                                + *

                                                The currency in which the totalUpfrontPrice and + * totalHourlyPrice amounts are specified. At this time, the only + * supported currency is USD.

                                                */ - Filters?: Filter[]; + CurrencyCode?: CurrencyCodeValues | string; /** - *

                                                The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

                                                + *

                                                The purchase information of the Dedicated Host reservation and the Dedicated Hosts + * associated with it.

                                                */ - MaxResults?: number; + Purchase?: Purchase[]; /** - *

                                                The token for the next page of results.

                                                + *

                                                The potential total hourly price of the reservation per hour.

                                                */ - NextToken?: string; + TotalHourlyPrice?: string; /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + *

                                                The potential total upfront price. This is billed immediately.

                                                */ - DryRun?: boolean; + TotalUpfrontPrice?: string; } -export namespace GetTransitGatewayAttachmentPropagationsRequest { +export namespace GetHostReservationPurchasePreviewResult { /** * @internal */ - export const filterSensitiveLog = (obj: GetTransitGatewayAttachmentPropagationsRequest): any => ({ + export const filterSensitiveLog = (obj: GetHostReservationPurchasePreviewResult): any => ({ ...obj, }); } -/** - *

                                                Describes a propagation route table.

                                                - */ -export interface TransitGatewayAttachmentPropagation { +export interface GetLaunchTemplateDataRequest { /** - *

                                                The ID of the propagation route table.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually + * making the request, and provides an error response. If you have the required + * permissions, the error response is DryRunOperation. Otherwise, it is + * UnauthorizedOperation.

                                                */ - TransitGatewayRouteTableId?: string; + DryRun?: boolean; /** - *

                                                The state of the propagation route table.

                                                + *

                                                The ID of the instance.

                                                */ - State?: TransitGatewayPropagationState | string; + InstanceId: string | undefined; } -export namespace TransitGatewayAttachmentPropagation { +export namespace GetLaunchTemplateDataRequest { /** * @internal */ - export const filterSensitiveLog = (obj: TransitGatewayAttachmentPropagation): any => ({ + export const filterSensitiveLog = (obj: GetLaunchTemplateDataRequest): any => ({ ...obj, }); } -export interface GetTransitGatewayAttachmentPropagationsResult { - /** - *

                                                Information about the propagation route tables.

                                                - */ - TransitGatewayAttachmentPropagations?: TransitGatewayAttachmentPropagation[]; - +export interface GetLaunchTemplateDataResult { /** - *

                                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                                + *

                                                The instance data.

                                                */ - NextToken?: string; + LaunchTemplateData?: ResponseLaunchTemplateData; } -export namespace GetTransitGatewayAttachmentPropagationsResult { +export namespace GetLaunchTemplateDataResult { /** * @internal */ - export const filterSensitiveLog = (obj: GetTransitGatewayAttachmentPropagationsResult): any => ({ + export const filterSensitiveLog = (obj: GetLaunchTemplateDataResult): any => ({ ...obj, }); } -export interface GetTransitGatewayMulticastDomainAssociationsRequest { +export interface GetManagedPrefixListAssociationsRequest { /** - *

                                                The ID of the transit gateway multicast domain.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ - TransitGatewayMulticastDomainId?: string; + DryRun?: boolean; /** - *

                                                One or more filters. The possible values are:

                                                - *
                                                  - *
                                                • - *

                                                  - * resource-id - The ID of the resource.

                                                  - *
                                                  • - *
                                                • - *

                                                  - * resource-type - The type of resource. The valid value is: vpc.

                                                  - *
                                                  • - *
                                                • - * - *

                                                  - * state - The state of the subnet association. Valid values are - * associated | - * associating - * | disassociated | disassociating.

                                                  - *
                                                  • - *
                                                • - *

                                                  - * subnet-id - The ID of the subnet.

                                                  - *
                                                  • - *
                                                • - *

                                                  - * transit-gateway-attachment-id - The id of the transit gateway attachment.

                                                  - *
                                                  • - *
                                                + *

                                                The ID of the prefix list.

                                                */ - Filters?: Filter[]; + PrefixListId: string | undefined; /** *

                                                The maximum number of results to return with a single call. @@ -5136,68 +5163,46 @@ export interface GetTransitGatewayMulticastDomainAssociationsRequest { *

                                                The token for the next page of results.

                                                */ NextToken?: string; - - /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                - */ - DryRun?: boolean; } -export namespace GetTransitGatewayMulticastDomainAssociationsRequest { +export namespace GetManagedPrefixListAssociationsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: GetTransitGatewayMulticastDomainAssociationsRequest): any => ({ + export const filterSensitiveLog = (obj: GetManagedPrefixListAssociationsRequest): any => ({ ...obj, }); } /** - *

                                                Describes the resources associated with the transit gateway multicast domain.

                                                + *

                                                Describes the resource with which a prefix list is associated.

                                                */ -export interface TransitGatewayMulticastDomainAssociation { - /** - *

                                                The ID of the transit gateway attachment.

                                                - */ - TransitGatewayAttachmentId?: string; - +export interface PrefixListAssociation { /** *

                                                The ID of the resource.

                                                */ ResourceId?: string; /** - *

                                                The type of resource, for example a VPC attachment.

                                                - */ - ResourceType?: TransitGatewayAttachmentResourceType | string; - - /** - *

                                                The ID of the Amazon Web Services account that owns the transit gateway multicast domain association resource.

                                                - */ - ResourceOwnerId?: string; - - /** - *

                                                The subnet associated with the transit gateway multicast domain.

                                                + *

                                                The owner of the resource.

                                                */ - Subnet?: SubnetAssociation; + ResourceOwner?: string; } -export namespace TransitGatewayMulticastDomainAssociation { +export namespace PrefixListAssociation { /** * @internal */ - export const filterSensitiveLog = (obj: TransitGatewayMulticastDomainAssociation): any => ({ + export const filterSensitiveLog = (obj: PrefixListAssociation): any => ({ ...obj, }); } -export interface GetTransitGatewayMulticastDomainAssociationsResult { +export interface GetManagedPrefixListAssociationsResult { /** - *

                                                Information about the multicast domain associations.

                                                + *

                                                Information about the associations.

                                                */ - MulticastDomainAssociations?: TransitGatewayMulticastDomainAssociation[]; + PrefixListAssociations?: PrefixListAssociation[]; /** *

                                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                                @@ -5205,57 +5210,32 @@ export interface GetTransitGatewayMulticastDomainAssociationsResult { NextToken?: string; } -export namespace GetTransitGatewayMulticastDomainAssociationsResult { +export namespace GetManagedPrefixListAssociationsResult { /** * @internal */ - export const filterSensitiveLog = (obj: GetTransitGatewayMulticastDomainAssociationsResult): any => ({ + export const filterSensitiveLog = (obj: GetManagedPrefixListAssociationsResult): any => ({ ...obj, }); } -export interface GetTransitGatewayPrefixListReferencesRequest { +export interface GetManagedPrefixListEntriesRequest { /** - *

                                                The ID of the transit gateway route table.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ - TransitGatewayRouteTableId: string | undefined; + DryRun?: boolean; /** - *

                                                One or more filters. The possible values are:

                                                - *
                                                  - *
                                                • - *

                                                  - * attachment.resource-id - The ID of the resource for the attachment.

                                                  - *
                                                  • - *
                                                • - *

                                                  - * attachment.resource-type - The type of resource for the - * attachment. Valid values are vpc | vpn | - * direct-connect-gateway | peering.

                                                  - *
                                                  • - *
                                                • - *

                                                  - * attachment.transit-gateway-attachment-id - The ID of the attachment.

                                                  - *
                                                  • - *
                                                • - *

                                                  - * is-blackhole - Whether traffic matching the route is blocked (true | false).

                                                  - *
                                                  • - *
                                                • - *

                                                  - * prefix-list-id - The ID of the prefix list.

                                                  - *
                                                  • - *
                                                • - *

                                                  - * prefix-list-owner-id - The ID of the owner of the prefix list.

                                                  - *
                                                  • - *
                                                • - *

                                                  - * state - The state of the prefix list reference (pending | available | modifying | deleting).

                                                  - *
                                                  • - *
                                                + *

                                                The ID of the prefix list.

                                                */ - Filters?: Filter[]; + PrefixListId: string | undefined; + + /** + *

                                                The version of the prefix list for which to return the entries. The default is the current version.

                                                + */ + TargetVersion?: number; /** *

                                                The maximum number of results to return with a single call. @@ -5267,82 +5247,67 @@ export interface GetTransitGatewayPrefixListReferencesRequest { *

                                                The token for the next page of results.

                                                */ NextToken?: string; - - /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                - */ - DryRun?: boolean; } -export namespace GetTransitGatewayPrefixListReferencesRequest { +export namespace GetManagedPrefixListEntriesRequest { /** * @internal */ - export const filterSensitiveLog = (obj: GetTransitGatewayPrefixListReferencesRequest): any => ({ + export const filterSensitiveLog = (obj: GetManagedPrefixListEntriesRequest): any => ({ ...obj, }); } -export interface GetTransitGatewayPrefixListReferencesResult { +/** + *

                                                Describes a prefix list entry.

                                                + */ +export interface PrefixListEntry { /** - *

                                                Information about the prefix list references.

                                                + *

                                                The CIDR block.

                                                */ - TransitGatewayPrefixListReferences?: TransitGatewayPrefixListReference[]; + Cidr?: string; /** - *

                                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                                + *

                                                The description.

                                                */ - NextToken?: string; + Description?: string; } -export namespace GetTransitGatewayPrefixListReferencesResult { +export namespace PrefixListEntry { /** * @internal */ - export const filterSensitiveLog = (obj: GetTransitGatewayPrefixListReferencesResult): any => ({ + export const filterSensitiveLog = (obj: PrefixListEntry): any => ({ ...obj, }); } -export interface GetTransitGatewayRouteTableAssociationsRequest { +export interface GetManagedPrefixListEntriesResult { /** - *

                                                The ID of the transit gateway route table.

                                                + *

                                                Information about the prefix list entries.

                                                */ - TransitGatewayRouteTableId: string | undefined; + Entries?: PrefixListEntry[]; - /** - *

                                                One or more filters. The possible values are:

                                                - *
                                                  - *
                                                • - *

                                                  - * resource-id - The ID of the resource.

                                                  - *
                                                  • - *
                                                • - *

                                                  - * resource-type - The resource type. Valid values are vpc - * | vpn | direct-connect-gateway | peering - * | connect.

                                                  - *
                                                  • - *
                                                • - *

                                                  - * transit-gateway-attachment-id - The ID of the attachment.

                                                  - *
                                                  • - *
                                                + /** + *

                                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                                */ - Filters?: Filter[]; + NextToken?: string; +} +export namespace GetManagedPrefixListEntriesResult { /** - *

                                                The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

                                                + * @internal */ - MaxResults?: number; + export const filterSensitiveLog = (obj: GetManagedPrefixListEntriesResult): any => ({ + ...obj, + }); +} +export interface GetPasswordDataRequest { /** - *

                                                The token for the next page of results.

                                                + *

                                                The ID of the Windows instance.

                                                */ - NextToken?: string; + InstanceId: string | undefined; /** *

                                                Checks whether you have the required permissions for the action, without actually making the request, @@ -5352,1075 +5317,1233 @@ export interface GetTransitGatewayRouteTableAssociationsRequest { DryRun?: boolean; } -export namespace GetTransitGatewayRouteTableAssociationsRequest { +export namespace GetPasswordDataRequest { /** * @internal */ - export const filterSensitiveLog = (obj: GetTransitGatewayRouteTableAssociationsRequest): any => ({ + export const filterSensitiveLog = (obj: GetPasswordDataRequest): any => ({ ...obj, }); } -/** - *

                                                Describes an association between a route table and a resource attachment.

                                                - */ -export interface TransitGatewayRouteTableAssociation { - /** - *

                                                The ID of the attachment.

                                                - */ - TransitGatewayAttachmentId?: string; - +export interface GetPasswordDataResult { /** - *

                                                The ID of the resource.

                                                + *

                                                The ID of the Windows instance.

                                                */ - ResourceId?: string; + InstanceId?: string; /** - *

                                                The resource type. Note that the tgw-peering resource type has been deprecated.

                                                + *

                                                The password of the instance. Returns an empty string if the password is not + * available.

                                                */ - ResourceType?: TransitGatewayAttachmentResourceType | string; + PasswordData?: string; /** - *

                                                The state of the association.

                                                + *

                                                The time the data was last updated.

                                                */ - State?: TransitGatewayAssociationState | string; + Timestamp?: Date; } -export namespace TransitGatewayRouteTableAssociation { +export namespace GetPasswordDataResult { /** * @internal */ - export const filterSensitiveLog = (obj: TransitGatewayRouteTableAssociation): any => ({ + export const filterSensitiveLog = (obj: GetPasswordDataResult): any => ({ ...obj, }); } -export interface GetTransitGatewayRouteTableAssociationsResult { +/** + *

                                                Contains the parameters for GetReservedInstanceExchangeQuote.

                                                + */ +export interface GetReservedInstancesExchangeQuoteRequest { /** - *

                                                Information about the associations.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ - Associations?: TransitGatewayRouteTableAssociation[]; + DryRun?: boolean; /** - *

                                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                                + *

                                                The IDs of the Convertible Reserved Instances to exchange.

                                                */ - NextToken?: string; + ReservedInstanceIds: string[] | undefined; + + /** + *

                                                The configuration of the target Convertible Reserved Instance to exchange for your + * current Convertible Reserved Instances.

                                                + */ + TargetConfigurations?: TargetConfigurationRequest[]; } -export namespace GetTransitGatewayRouteTableAssociationsResult { +export namespace GetReservedInstancesExchangeQuoteRequest { /** * @internal */ - export const filterSensitiveLog = (obj: GetTransitGatewayRouteTableAssociationsResult): any => ({ + export const filterSensitiveLog = (obj: GetReservedInstancesExchangeQuoteRequest): any => ({ ...obj, }); } -export interface GetTransitGatewayRouteTablePropagationsRequest { +/** + *

                                                The cost associated with the Reserved Instance.

                                                + */ +export interface ReservationValue { /** - *

                                                The ID of the transit gateway route table.

                                                + *

                                                The hourly rate of the reservation.

                                                */ - TransitGatewayRouteTableId: string | undefined; + HourlyPrice?: string; /** - *

                                                One or more filters. The possible values are:

                                                - *
                                                  - *
                                                • - *

                                                  - * resource-id - The ID of the resource.

                                                  - *
                                                  • - *
                                                • - *

                                                  - * resource-type - The resource type. Valid values are vpc - * | vpn | direct-connect-gateway | peering - * | connect.

                                                  - *
                                                  • - *
                                                • - *

                                                  - * transit-gateway-attachment-id - The ID of the attachment.

                                                  - *
                                                  • - *
                                                + *

                                                The balance of the total value (the sum of remainingUpfrontValue + hourlyPrice * number of hours remaining).

                                                */ - Filters?: Filter[]; + RemainingTotalValue?: string; /** - *

                                                The maximum number of results to return with a single call. - * To retrieve the remaining results, make another call with the returned nextToken value.

                                                + *

                                                The remaining upfront cost of the reservation.

                                                */ - MaxResults?: number; + RemainingUpfrontValue?: string; +} +export namespace ReservationValue { /** - *

                                                The token for the next page of results.

                                                + * @internal */ - NextToken?: string; + export const filterSensitiveLog = (obj: ReservationValue): any => ({ + ...obj, + }); +} +/** + *

                                                The total value of the Convertible Reserved Instance.

                                                + */ +export interface ReservedInstanceReservationValue { /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + *

                                                The total value of the Convertible Reserved Instance that you are exchanging.

                                                */ - DryRun?: boolean; + ReservationValue?: ReservationValue; + + /** + *

                                                The ID of the Convertible Reserved Instance that you are exchanging.

                                                + */ + ReservedInstanceId?: string; } -export namespace GetTransitGatewayRouteTablePropagationsRequest { +export namespace ReservedInstanceReservationValue { /** * @internal */ - export const filterSensitiveLog = (obj: GetTransitGatewayRouteTablePropagationsRequest): any => ({ + export const filterSensitiveLog = (obj: ReservedInstanceReservationValue): any => ({ ...obj, }); } /** - *

                                                Describes a route table propagation.

                                                + *

                                                Information about the Convertible Reserved Instance offering.

                                                */ -export interface TransitGatewayRouteTablePropagation { +export interface TargetConfiguration { /** - *

                                                The ID of the attachment.

                                                + *

                                                The number of instances the Convertible Reserved Instance offering can be applied to. This parameter is + * reserved and cannot be specified in a request

                                                */ - TransitGatewayAttachmentId?: string; + InstanceCount?: number; /** - *

                                                The ID of the resource.

                                                + *

                                                The ID of the Convertible Reserved Instance offering.

                                                */ - ResourceId?: string; + OfferingId?: string; +} +export namespace TargetConfiguration { /** - *

                                                The type of resource. Note that the tgw-peering resource type has been deprecated.

                                                + * @internal */ - ResourceType?: TransitGatewayAttachmentResourceType | string; + export const filterSensitiveLog = (obj: TargetConfiguration): any => ({ + ...obj, + }); +} + +/** + *

                                                The total value of the new Convertible Reserved Instances.

                                                + */ +export interface TargetReservationValue { + /** + *

                                                The total value of the Convertible Reserved Instances that make up the exchange. This is the sum of + * the list value, remaining upfront price, and additional upfront cost of the exchange.

                                                + */ + ReservationValue?: ReservationValue; /** - *

                                                The state of the resource.

                                                + *

                                                The configuration of the Convertible Reserved Instances that make up the exchange.

                                                */ - State?: TransitGatewayPropagationState | string; + TargetConfiguration?: TargetConfiguration; } -export namespace TransitGatewayRouteTablePropagation { +export namespace TargetReservationValue { /** * @internal */ - export const filterSensitiveLog = (obj: TransitGatewayRouteTablePropagation): any => ({ + export const filterSensitiveLog = (obj: TargetReservationValue): any => ({ ...obj, }); } -export interface GetTransitGatewayRouteTablePropagationsResult { +/** + *

                                                Contains the output of GetReservedInstancesExchangeQuote.

                                                + */ +export interface GetReservedInstancesExchangeQuoteResult { /** - *

                                                Information about the route table propagations.

                                                + *

                                                The currency of the transaction.

                                                */ - TransitGatewayRouteTablePropagations?: TransitGatewayRouteTablePropagation[]; + CurrencyCode?: string; /** - *

                                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                                + *

                                                If true, the exchange is valid. If false, the exchange cannot be completed.

                                                */ - NextToken?: string; -} + IsValidExchange?: boolean; -export namespace GetTransitGatewayRouteTablePropagationsResult { /** - * @internal + *

                                                The new end date of the reservation term.

                                                */ - export const filterSensitiveLog = (obj: GetTransitGatewayRouteTablePropagationsResult): any => ({ - ...obj, - }); -} + OutputReservedInstancesWillExpireAt?: Date; -export interface GetVpnConnectionDeviceSampleConfigurationRequest { /** - *

                                                The VpnConnectionId specifies the Site-to-Site VPN connection used for the sample - * configuration.

                                                + *

                                                The total true upfront charge for the exchange.

                                                */ - VpnConnectionId: string | undefined; + PaymentDue?: string; /** - *

                                                Device identifier provided by the GetVpnConnectionDeviceTypes API.

                                                + *

                                                The cost associated with the Reserved Instance.

                                                */ - VpnConnectionDeviceTypeId: string | undefined; + ReservedInstanceValueRollup?: ReservationValue; /** - *

                                                The IKE version to be used in the sample configuration file for your customer gateway - * device. You can specify one of the following versions: ikev1 or - * ikev2.

                                                + *

                                                The configuration of your Convertible Reserved Instances.

                                                */ - InternetKeyExchangeVersion?: string; + ReservedInstanceValueSet?: ReservedInstanceReservationValue[]; /** - *

                                                Checks whether you have the required permissions for the action, without actually - * making the request, and provides an error response. If you have the required - * permissions, the error response is DryRunOperation. Otherwise, it is - * UnauthorizedOperation.

                                                + *

                                                The cost associated with the Reserved Instance.

                                                */ - DryRun?: boolean; -} + TargetConfigurationValueRollup?: ReservationValue; -export namespace GetVpnConnectionDeviceSampleConfigurationRequest { /** - * @internal + *

                                                The values of the target Convertible Reserved Instances.

                                                */ - export const filterSensitiveLog = (obj: GetVpnConnectionDeviceSampleConfigurationRequest): any => ({ - ...obj, - }); -} + TargetConfigurationValueSet?: TargetReservationValue[]; -export interface GetVpnConnectionDeviceSampleConfigurationResult { /** - *

                                                Sample configuration file for the specified customer gateway device.

                                                + *

                                                Describes the reason why the exchange cannot be completed.

                                                */ - VpnConnectionDeviceSampleConfiguration?: string; + ValidationFailureReason?: string; } -export namespace GetVpnConnectionDeviceSampleConfigurationResult { +export namespace GetReservedInstancesExchangeQuoteResult { /** * @internal */ - export const filterSensitiveLog = (obj: GetVpnConnectionDeviceSampleConfigurationResult): any => ({ + export const filterSensitiveLog = (obj: GetReservedInstancesExchangeQuoteResult): any => ({ ...obj, - ...(obj.VpnConnectionDeviceSampleConfiguration && { VpnConnectionDeviceSampleConfiguration: SENSITIVE_STRING }), }); } -export interface GetVpnConnectionDeviceTypesRequest { +export interface GetSerialConsoleAccessStatusRequest { /** - *

                                                The maximum number of results returned by GetVpnConnectionDeviceTypes in - * paginated output. When this parameter is used, GetVpnConnectionDeviceTypes - * only returns MaxResults results in a single page along with a - * NextToken response element. The remaining results of the initial - * request can be seen by sending another GetVpnConnectionDeviceTypes request - * with the returned NextToken value. This value can be between 200 and 1000. - * If this parameter is not used, then GetVpnConnectionDeviceTypes returns all - * results.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                */ - MaxResults?: number; + DryRun?: boolean; +} +export namespace GetSerialConsoleAccessStatusRequest { /** - *

                                                The NextToken value returned from a previous paginated - * GetVpnConnectionDeviceTypes request where MaxResults was - * used and the results exceeded the value of that parameter. Pagination continues from the - * end of the previous results that returned the NextToken value. This value - * is null when there are no more results to return.

                                                + * @internal */ - NextToken?: string; + export const filterSensitiveLog = (obj: GetSerialConsoleAccessStatusRequest): any => ({ + ...obj, + }); +} +export interface GetSerialConsoleAccessStatusResult { /** - *

                                                Checks whether you have the required permissions for the action, without actually - * making the request, and provides an error response. If you have the required - * permissions, the error response is DryRunOperation. Otherwise, it is - * UnauthorizedOperation.

                                                + *

                                                If true, access to the EC2 serial console of all instances is enabled for + * your account. If false, access to the EC2 serial console of all instances + * is disabled for your account.

                                                */ - DryRun?: boolean; + SerialConsoleAccessEnabled?: boolean; } -export namespace GetVpnConnectionDeviceTypesRequest { +export namespace GetSerialConsoleAccessStatusResult { /** * @internal */ - export const filterSensitiveLog = (obj: GetVpnConnectionDeviceTypesRequest): any => ({ + export const filterSensitiveLog = (obj: GetSerialConsoleAccessStatusResult): any => ({ ...obj, }); } -/** - *

                                                List of customer gateway devices that have a sample configuration file available for - * use. You can also see the list of device types with sample configuration files available - * under Your customer - * gateway device in the Amazon Web Services Site-to-Site VPN User Guide.

                                                - */ -export interface VpnConnectionDeviceType { +export interface GetSubnetCidrReservationsRequest { /** - *

                                                Customer gateway device identifier.

                                                + *

                                                One or more filters.

                                                + *
                                                  + *
                                                • + *

                                                  + * reservationType - The type of reservation (prefix | + * explicit).

                                                  + *
                                                  • + *
                                                • + *

                                                  + * subnet-id - The ID of the subnet.

                                                  + *
                                                  • + *
                                                • + *

                                                  + * tag: - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. + * For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

                                                  + *
                                                  • + *
                                                • + *

                                                  + * tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

                                                  + *
                                                  • + *
                                                */ - VpnConnectionDeviceTypeId?: string; + Filters?: Filter[]; /** - *

                                                Customer gateway device vendor.

                                                + *

                                                The ID of the subnet.

                                                */ - Vendor?: string; + SubnetId: string | undefined; /** - *

                                                Customer gateway device platform.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ - Platform?: string; + DryRun?: boolean; /** - *

                                                Customer gateway device software version.

                                                + *

                                                The token for the next page of results.

                                                */ - Software?: string; + NextToken?: string; + + /** + *

                                                The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                                                + */ + MaxResults?: number; } -export namespace VpnConnectionDeviceType { +export namespace GetSubnetCidrReservationsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: VpnConnectionDeviceType): any => ({ + export const filterSensitiveLog = (obj: GetSubnetCidrReservationsRequest): any => ({ ...obj, }); } -export interface GetVpnConnectionDeviceTypesResult { +export interface GetSubnetCidrReservationsResult { /** - *

                                                List of customer gateway devices that have a sample configuration file available for - * use.

                                                + *

                                                Information about the IPv4 subnet CIDR reservations.

                                                */ - VpnConnectionDeviceTypes?: VpnConnectionDeviceType[]; + SubnetIpv4CidrReservations?: SubnetCidrReservation[]; /** - *

                                                The NextToken value to include in a future - * GetVpnConnectionDeviceTypes request. When the results of a - * GetVpnConnectionDeviceTypes request exceed MaxResults, - * this value can be used to retrieve the next page of results. This value is null when - * there are no more results to return.

                                                + *

                                                Information about the IPv6 subnet CIDR reservations.

                                                + */ + SubnetIpv6CidrReservations?: SubnetCidrReservation[]; + + /** + *

                                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                                */ NextToken?: string; } -export namespace GetVpnConnectionDeviceTypesResult { +export namespace GetSubnetCidrReservationsResult { /** * @internal */ - export const filterSensitiveLog = (obj: GetVpnConnectionDeviceTypesResult): any => ({ + export const filterSensitiveLog = (obj: GetSubnetCidrReservationsResult): any => ({ ...obj, }); } -export interface ImportClientVpnClientCertificateRevocationListRequest { +export interface GetTransitGatewayAttachmentPropagationsRequest { /** - *

                                                The ID of the Client VPN endpoint to which the client certificate revocation list applies.

                                                + *

                                                The ID of the attachment.

                                                */ - ClientVpnEndpointId: string | undefined; + TransitGatewayAttachmentId: string | undefined; /** - *

                                                The client certificate revocation list file. For more information, see Generate a Client Certificate Revocation List in the - * Client VPN Administrator Guide.

                                                + *

                                                One or more filters. The possible values are:

                                                + *
                                                  + *
                                                • + *

                                                  + * transit-gateway-route-table-id - The ID of the transit gateway route table.

                                                  + *
                                                  • + *
                                                */ - CertificateRevocationList: string | undefined; + Filters?: Filter[]; /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                + *

                                                The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                                                */ - DryRun?: boolean; -} + MaxResults?: number; -export namespace ImportClientVpnClientCertificateRevocationListRequest { /** - * @internal + *

                                                The token for the next page of results.

                                                */ - export const filterSensitiveLog = (obj: ImportClientVpnClientCertificateRevocationListRequest): any => ({ - ...obj, - }); -} + NextToken?: string; -export interface ImportClientVpnClientCertificateRevocationListResult { /** - *

                                                Returns true if the request succeeds; otherwise, it returns an error.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ - Return?: boolean; + DryRun?: boolean; } -export namespace ImportClientVpnClientCertificateRevocationListResult { +export namespace GetTransitGatewayAttachmentPropagationsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ImportClientVpnClientCertificateRevocationListResult): any => ({ + export const filterSensitiveLog = (obj: GetTransitGatewayAttachmentPropagationsRequest): any => ({ ...obj, }); } /** - *

                                                Describes the client-specific data.

                                                + *

                                                Describes a propagation route table.

                                                */ -export interface ClientData { - /** - *

                                                A user-defined comment about the disk upload.

                                                - */ - Comment?: string; - - /** - *

                                                The time that the disk upload ends.

                                                - */ - UploadEnd?: Date; - +export interface TransitGatewayAttachmentPropagation { /** - *

                                                The size of the uploaded disk image, in GiB.

                                                + *

                                                The ID of the propagation route table.

                                                */ - UploadSize?: number; + TransitGatewayRouteTableId?: string; /** - *

                                                The time that the disk upload starts.

                                                + *

                                                The state of the propagation route table.

                                                */ - UploadStart?: Date; + State?: TransitGatewayPropagationState | string; } -export namespace ClientData { +export namespace TransitGatewayAttachmentPropagation { /** * @internal */ - export const filterSensitiveLog = (obj: ClientData): any => ({ + export const filterSensitiveLog = (obj: TransitGatewayAttachmentPropagation): any => ({ ...obj, }); } -/** - *

                                                Describes the Amazon S3 bucket for the disk image.

                                                - */ -export interface UserBucket { +export interface GetTransitGatewayAttachmentPropagationsResult { /** - *

                                                The name of the Amazon S3 bucket where the disk image is located.

                                                + *

                                                Information about the propagation route tables.

                                                */ - S3Bucket?: string; + TransitGatewayAttachmentPropagations?: TransitGatewayAttachmentPropagation[]; /** - *

                                                The file name of the disk image.

                                                + *

                                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                                */ - S3Key?: string; + NextToken?: string; } -export namespace UserBucket { +export namespace GetTransitGatewayAttachmentPropagationsResult { /** * @internal */ - export const filterSensitiveLog = (obj: UserBucket): any => ({ + export const filterSensitiveLog = (obj: GetTransitGatewayAttachmentPropagationsResult): any => ({ ...obj, }); } -/** - *

                                                Describes the disk container object for an import image task.

                                                - */ -export interface ImageDiskContainer { - /** - *

                                                The description of the disk image.

                                                - */ - Description?: string; - +export interface GetTransitGatewayMulticastDomainAssociationsRequest { /** - *

                                                The block device mapping for the disk.

                                                + *

                                                The ID of the transit gateway multicast domain.

                                                */ - DeviceName?: string; + TransitGatewayMulticastDomainId?: string; /** - *

                                                The format of the disk image being imported.

                                                - *

                                                Valid values: OVA | VHD | VHDX | VMDK | RAW - *

                                                + *

                                                One or more filters. The possible values are:

                                                + *
                                                  + *
                                                • + *

                                                  + * resource-id - The ID of the resource.

                                                  + *
                                                  • + *
                                                • + *

                                                  + * resource-type - The type of resource. The valid value is: vpc.

                                                  + *
                                                  • + *
                                                • + * + *

                                                  + * state - The state of the subnet association. Valid values are + * associated | + * associating + * | disassociated | disassociating.

                                                  + *
                                                  • + *
                                                • + *

                                                  + * subnet-id - The ID of the subnet.

                                                  + *
                                                  • + *
                                                • + *

                                                  + * transit-gateway-attachment-id - The id of the transit gateway attachment.

                                                  + *
                                                  • + *
                                                */ - Format?: string; + Filters?: Filter[]; /** - *

                                                The ID of the EBS snapshot to be used for importing the snapshot.

                                                + *

                                                The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                                                */ - SnapshotId?: string; + MaxResults?: number; /** - *

                                                The URL to the Amazon S3-based disk image being imported. The URL can either be a https URL (https://..) or an - * Amazon S3 URL (s3://..)

                                                + *

                                                The token for the next page of results.

                                                */ - Url?: string; + NextToken?: string; /** - *

                                                The S3 bucket for the disk image.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ - UserBucket?: UserBucket; + DryRun?: boolean; } -export namespace ImageDiskContainer { +export namespace GetTransitGatewayMulticastDomainAssociationsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ImageDiskContainer): any => ({ + export const filterSensitiveLog = (obj: GetTransitGatewayMulticastDomainAssociationsRequest): any => ({ ...obj, }); } /** - *

                                                The request information of license configurations.

                                                + *

                                                Describes the resources associated with the transit gateway multicast domain.

                                                */ -export interface ImportImageLicenseConfigurationRequest { +export interface TransitGatewayMulticastDomainAssociation { /** - *

                                                The ARN of a license configuration.

                                                + *

                                                The ID of the transit gateway attachment.

                                                */ - LicenseConfigurationArn?: string; -} + TransitGatewayAttachmentId?: string; -export namespace ImportImageLicenseConfigurationRequest { /** - * @internal + *

                                                The ID of the resource.

                                                */ - export const filterSensitiveLog = (obj: ImportImageLicenseConfigurationRequest): any => ({ - ...obj, - }); -} + ResourceId?: string; -export interface ImportImageRequest { /** - *

                                                The architecture of the virtual machine.

                                                - *

                                                Valid values: i386 | x86_64 | arm64 - *

                                                + *

                                                The type of resource, for example a VPC attachment.

                                                */ - Architecture?: string; + ResourceType?: TransitGatewayAttachmentResourceType | string; /** - *

                                                The client-specific data.

                                                + *

                                                The ID of the Amazon Web Services account that owns the transit gateway multicast domain association resource.

                                                */ - ClientData?: ClientData; + ResourceOwnerId?: string; /** - *

                                                The token to enable idempotency for VM import requests.

                                                + *

                                                The subnet associated with the transit gateway multicast domain.

                                                */ - ClientToken?: string; + Subnet?: SubnetAssociation; +} +export namespace TransitGatewayMulticastDomainAssociation { /** - *

                                                A description string for the import image task.

                                                + * @internal */ - Description?: string; + export const filterSensitiveLog = (obj: TransitGatewayMulticastDomainAssociation): any => ({ + ...obj, + }); +} +export interface GetTransitGatewayMulticastDomainAssociationsResult { /** - *

                                                Information about the disk containers.

                                                + *

                                                Information about the multicast domain associations.

                                                */ - DiskContainers?: ImageDiskContainer[]; + MulticastDomainAssociations?: TransitGatewayMulticastDomainAssociation[]; /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + *

                                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                                */ - DryRun?: boolean; + NextToken?: string; +} +export namespace GetTransitGatewayMulticastDomainAssociationsResult { /** - *

                                                Specifies whether the destination AMI of the imported image should be encrypted. The default KMS key for EBS is used - * unless you specify a non-default KMS key using KmsKeyId. For more information, see Amazon EBS Encryption in the - * Amazon Elastic Compute Cloud User Guide.

                                                + * @internal */ - Encrypted?: boolean; + export const filterSensitiveLog = (obj: GetTransitGatewayMulticastDomainAssociationsResult): any => ({ + ...obj, + }); +} +export interface GetTransitGatewayPrefixListReferencesRequest { /** - *

                                                The target hypervisor platform.

                                                - *

                                                Valid values: xen - *

                                                + *

                                                The ID of the transit gateway route table.

                                                */ - Hypervisor?: string; + TransitGatewayRouteTableId: string | undefined; /** - *

                                                An identifier for the symmetric KMS key to use when creating the - * encrypted AMI. This parameter is only required if you want to use a non-default KMS key; if this - * parameter is not specified, the default KMS key for EBS is used. If a KmsKeyId is - * specified, the Encrypted flag must also be set.

                                                - *

                                                The KMS key identifier may be provided in any of the following formats:

                                                - *
                                                  + *

                                                  One or more filters. The possible values are:

                                                  + *
                                                    *
                                                  • - *

                                                    Key ID

                                                    + *

                                                    + * attachment.resource-id - The ID of the resource for the attachment.

                                                    *
                                                    • *
                                                  • - *

                                                    Key alias. The alias ARN contains the arn:aws:kms namespace, followed by the Region of the key, the Amazon Web Services account ID of the key owner, the alias namespace, and then the key alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.

                                                    + *

                                                    + * attachment.resource-type - The type of resource for the + * attachment. Valid values are vpc | vpn | + * direct-connect-gateway | peering.

                                                    *
                                                    • *
                                                  • - *

                                                    ARN using key ID. The ID ARN contains the arn:aws:kms namespace, followed by the Region of the key, the Amazon Web Services account ID of the key owner, the key namespace, and then the key ID. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef.

                                                    + *

                                                    + * attachment.transit-gateway-attachment-id - The ID of the attachment.

                                                    *
                                                    • *
                                                  • - *

                                                    ARN using key alias. The alias ARN contains the arn:aws:kms namespace, followed by the Region of the key, the Amazon Web Services account ID of the key owner, the alias namespace, and then the key alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.

                                                    + *

                                                    + * is-blackhole - Whether traffic matching the route is blocked (true | false).

                                                    + *
                                                    • + *
                                                  • + *

                                                    + * prefix-list-id - The ID of the prefix list.

                                                    + *
                                                    • + *
                                                  • + *

                                                    + * prefix-list-owner-id - The ID of the owner of the prefix list.

                                                    + *
                                                    • + *
                                                  • + *

                                                    + * state - The state of the prefix list reference (pending | available | modifying | deleting).

                                                    *
                                                    • *
                                                  - *

                                                  Amazon Web Services parses KmsKeyId asynchronously, meaning that the action you call may appear to complete even - * though you provided an invalid identifier. This action will eventually report failure.

                                                  - *

                                                  The specified KMS key must exist in the Region that the AMI is being copied to.

                                                  - *

                                                  Amazon EBS does not support asymmetric KMS keys.

                                                  - */ - KmsKeyId?: string; - - /** - *

                                                  The license type to be used for the Amazon Machine Image (AMI) after importing.

                                                  - *

                                                  By default, we detect the source-system operating system (OS) and apply the appropriate license. Specify - * AWS to replace the source-system license with an Amazon Web Services license, if appropriate. Specify BYOL - * to retain the source-system license, if appropriate.

                                                  - *

                                                  To use BYOL, you must have existing licenses with rights to use these licenses in a third party - * cloud, such as Amazon Web Services. For more information, see Prerequisites in the - * VM Import/Export User Guide.

                                                  */ - LicenseType?: string; + Filters?: Filter[]; /** - *

                                                  The operating system of the virtual machine.

                                                  - *

                                                  Valid values: Windows | Linux - *

                                                  + *

                                                  The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                                                  */ - Platform?: string; + MaxResults?: number; /** - *

                                                  The name of the role to use when not using the default role, 'vmimport'.

                                                  + *

                                                  The token for the next page of results.

                                                  */ - RoleName?: string; + NextToken?: string; /** - *

                                                  The ARNs of the license configurations.

                                                  + *

                                                  Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                  */ - LicenseSpecifications?: ImportImageLicenseConfigurationRequest[]; + DryRun?: boolean; +} +export namespace GetTransitGatewayPrefixListReferencesRequest { /** - *

                                                  The tags to apply to the import image task during creation.

                                                  + * @internal */ - TagSpecifications?: TagSpecification[]; + export const filterSensitiveLog = (obj: GetTransitGatewayPrefixListReferencesRequest): any => ({ + ...obj, + }); +} +export interface GetTransitGatewayPrefixListReferencesResult { /** - *

                                                  The usage operation value. For more information, see AMI billing information fields in the Amazon Elastic Compute Cloud User Guide.

                                                  + *

                                                  Information about the prefix list references.

                                                  */ - UsageOperation?: string; + TransitGatewayPrefixListReferences?: TransitGatewayPrefixListReference[]; /** - *

                                                  The boot mode of the virtual machine.

                                                  + *

                                                  The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                                  */ - BootMode?: BootModeValues | string; + NextToken?: string; } -export namespace ImportImageRequest { +export namespace GetTransitGatewayPrefixListReferencesResult { /** * @internal */ - export const filterSensitiveLog = (obj: ImportImageRequest): any => ({ + export const filterSensitiveLog = (obj: GetTransitGatewayPrefixListReferencesResult): any => ({ ...obj, }); } -export interface ImportImageResult { +export interface GetTransitGatewayRouteTableAssociationsRequest { /** - *

                                                  The architecture of the virtual machine.

                                                  + *

                                                  The ID of the transit gateway route table.

                                                  */ - Architecture?: string; + TransitGatewayRouteTableId: string | undefined; /** - *

                                                  A description of the import task.

                                                  + *

                                                  One or more filters. The possible values are:

                                                  + *
                                                    + *
                                                  • + *

                                                    + * resource-id - The ID of the resource.

                                                    + *
                                                    • + *
                                                  • + *

                                                    + * resource-type - The resource type. Valid values are vpc + * | vpn | direct-connect-gateway | peering + * | connect.

                                                    + *
                                                    • + *
                                                  • + *

                                                    + * transit-gateway-attachment-id - The ID of the attachment.

                                                    + *
                                                    • + *
                                                  */ - Description?: string; + Filters?: Filter[]; /** - *

                                                  Indicates whether the AMI is encrypted.

                                                  + *

                                                  The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                                                  */ - Encrypted?: boolean; + MaxResults?: number; /** - *

                                                  The target hypervisor of the import task.

                                                  + *

                                                  The token for the next page of results.

                                                  */ - Hypervisor?: string; + NextToken?: string; /** - *

                                                  The ID of the Amazon Machine Image (AMI) created by the import task.

                                                  + *

                                                  Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                  */ - ImageId?: string; + DryRun?: boolean; +} +export namespace GetTransitGatewayRouteTableAssociationsRequest { /** - *

                                                  The task ID of the import image task.

                                                  + * @internal */ - ImportTaskId?: string; + export const filterSensitiveLog = (obj: GetTransitGatewayRouteTableAssociationsRequest): any => ({ + ...obj, + }); +} +/** + *

                                                  Describes an association between a route table and a resource attachment.

                                                  + */ +export interface TransitGatewayRouteTableAssociation { /** - *

                                                  The identifier for the symmetric KMS key that was used to create the encrypted AMI.

                                                  + *

                                                  The ID of the attachment.

                                                  */ - KmsKeyId?: string; + TransitGatewayAttachmentId?: string; /** - *

                                                  The license type of the virtual machine.

                                                  + *

                                                  The ID of the resource.

                                                  */ - LicenseType?: string; + ResourceId?: string; /** - *

                                                  The operating system of the virtual machine.

                                                  + *

                                                  The resource type. Note that the tgw-peering resource type has been deprecated.

                                                  */ - Platform?: string; + ResourceType?: TransitGatewayAttachmentResourceType | string; /** - *

                                                  The progress of the task.

                                                  + *

                                                  The state of the association.

                                                  */ - Progress?: string; + State?: TransitGatewayAssociationState | string; +} +export namespace TransitGatewayRouteTableAssociation { /** - *

                                                  Information about the snapshots.

                                                  + * @internal */ - SnapshotDetails?: SnapshotDetail[]; + export const filterSensitiveLog = (obj: TransitGatewayRouteTableAssociation): any => ({ + ...obj, + }); +} + +export interface GetTransitGatewayRouteTableAssociationsResult { + /** + *

                                                  Information about the associations.

                                                  + */ + Associations?: TransitGatewayRouteTableAssociation[]; + + /** + *

                                                  The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                                  + */ + NextToken?: string; +} + +export namespace GetTransitGatewayRouteTableAssociationsResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: GetTransitGatewayRouteTableAssociationsResult): any => ({ + ...obj, + }); +} +export interface GetTransitGatewayRouteTablePropagationsRequest { /** - *

                                                  A brief status of the task.

                                                  + *

                                                  The ID of the transit gateway route table.

                                                  */ - Status?: string; + TransitGatewayRouteTableId: string | undefined; /** - *

                                                  A detailed status message of the import task.

                                                  + *

                                                  One or more filters. The possible values are:

                                                  + *
                                                    + *
                                                  • + *

                                                    + * resource-id - The ID of the resource.

                                                    + *
                                                    • + *
                                                  • + *

                                                    + * resource-type - The resource type. Valid values are vpc + * | vpn | direct-connect-gateway | peering + * | connect.

                                                    + *
                                                    • + *
                                                  • + *

                                                    + * transit-gateway-attachment-id - The ID of the attachment.

                                                    + *
                                                    • + *
                                                  */ - StatusMessage?: string; + Filters?: Filter[]; /** - *

                                                  The ARNs of the license configurations.

                                                  + *

                                                  The maximum number of results to return with a single call. + * To retrieve the remaining results, make another call with the returned nextToken value.

                                                  */ - LicenseSpecifications?: ImportImageLicenseConfigurationResponse[]; + MaxResults?: number; /** - *

                                                  Any tags assigned to the import image task.

                                                  + *

                                                  The token for the next page of results.

                                                  */ - Tags?: Tag[]; + NextToken?: string; /** - *

                                                  The usage operation value.

                                                  + *

                                                  Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                  */ - UsageOperation?: string; + DryRun?: boolean; } -export namespace ImportImageResult { +export namespace GetTransitGatewayRouteTablePropagationsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ImportImageResult): any => ({ + export const filterSensitiveLog = (obj: GetTransitGatewayRouteTablePropagationsRequest): any => ({ ...obj, }); } /** - *

                                                  Describes a disk image.

                                                  + *

                                                  Describes a route table propagation.

                                                  */ -export interface DiskImageDetail { +export interface TransitGatewayRouteTablePropagation { /** - *

                                                  The size of the disk image, in GiB.

                                                  + *

                                                  The ID of the attachment.

                                                  */ - Bytes: number | undefined; + TransitGatewayAttachmentId?: string; /** - *

                                                  The disk image format.

                                                  + *

                                                  The ID of the resource.

                                                  */ - Format: DiskImageFormat | string | undefined; + ResourceId?: string; /** - *

                                                  A presigned URL for the import manifest stored in Amazon S3 and presented here as an Amazon S3 presigned URL. - * For information about creating a presigned URL for an Amazon S3 object, read the "Query String Request Authentication - * Alternative" section of the Authenticating REST Requests topic in the Amazon Simple Storage Service Developer - * Guide.

                                                  - *

                                                  For information about the import manifest referenced by this API action, see VM Import Manifest.

                                                  + *

                                                  The type of resource. Note that the tgw-peering resource type has been deprecated.

                                                  */ - ImportManifestUrl: string | undefined; + ResourceType?: TransitGatewayAttachmentResourceType | string; + + /** + *

                                                  The state of the resource.

                                                  + */ + State?: TransitGatewayPropagationState | string; } -export namespace DiskImageDetail { +export namespace TransitGatewayRouteTablePropagation { /** * @internal */ - export const filterSensitiveLog = (obj: DiskImageDetail): any => ({ + export const filterSensitiveLog = (obj: TransitGatewayRouteTablePropagation): any => ({ ...obj, }); } -/** - *

                                                  Describes an EBS volume.

                                                  - */ -export interface VolumeDetail { +export interface GetTransitGatewayRouteTablePropagationsResult { /** - *

                                                  The size of the volume, in GiB.

                                                  + *

                                                  Information about the route table propagations.

                                                  */ - Size: number | undefined; + TransitGatewayRouteTablePropagations?: TransitGatewayRouteTablePropagation[]; + + /** + *

                                                  The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                                  + */ + NextToken?: string; } -export namespace VolumeDetail { +export namespace GetTransitGatewayRouteTablePropagationsResult { /** * @internal */ - export const filterSensitiveLog = (obj: VolumeDetail): any => ({ + export const filterSensitiveLog = (obj: GetTransitGatewayRouteTablePropagationsResult): any => ({ ...obj, }); } -/** - *

                                                  Describes a disk image.

                                                  - */ -export interface DiskImage { +export interface GetVpnConnectionDeviceSampleConfigurationRequest { /** - *

                                                  A description of the disk image.

                                                  + *

                                                  The VpnConnectionId specifies the Site-to-Site VPN connection used for the sample + * configuration.

                                                  */ - Description?: string; + VpnConnectionId: string | undefined; /** - *

                                                  Information about the disk image.

                                                  + *

                                                  Device identifier provided by the GetVpnConnectionDeviceTypes API.

                                                  */ - Image?: DiskImageDetail; + VpnConnectionDeviceTypeId: string | undefined; /** - *

                                                  Information about the volume.

                                                  + *

                                                  The IKE version to be used in the sample configuration file for your customer gateway + * device. You can specify one of the following versions: ikev1 or + * ikev2.

                                                  */ - Volume?: VolumeDetail; + InternetKeyExchangeVersion?: string; + + /** + *

                                                  Checks whether you have the required permissions for the action, without actually + * making the request, and provides an error response. If you have the required + * permissions, the error response is DryRunOperation. Otherwise, it is + * UnauthorizedOperation.

                                                  + */ + DryRun?: boolean; } -export namespace DiskImage { +export namespace GetVpnConnectionDeviceSampleConfigurationRequest { /** * @internal */ - export const filterSensitiveLog = (obj: DiskImage): any => ({ + export const filterSensitiveLog = (obj: GetVpnConnectionDeviceSampleConfigurationRequest): any => ({ ...obj, }); } -/** - *

                                                  Describes the user data for an instance.

                                                  - */ -export interface UserData { +export interface GetVpnConnectionDeviceSampleConfigurationResult { /** - *

                                                  The user data. If you are using an Amazon Web Services SDK or command line tool, Base64-encoding is performed for you, and you - * can load the text from a file. Otherwise, you must provide Base64-encoded text.

                                                  + *

                                                  Sample configuration file for the specified customer gateway device.

                                                  */ - Data?: string; + VpnConnectionDeviceSampleConfiguration?: string; } -export namespace UserData { +export namespace GetVpnConnectionDeviceSampleConfigurationResult { /** * @internal */ - export const filterSensitiveLog = (obj: UserData): any => ({ + export const filterSensitiveLog = (obj: GetVpnConnectionDeviceSampleConfigurationResult): any => ({ ...obj, + ...(obj.VpnConnectionDeviceSampleConfiguration && { VpnConnectionDeviceSampleConfiguration: SENSITIVE_STRING }), }); } -/** - *

                                                  Describes the launch specification for VM import.

                                                  - */ -export interface ImportInstanceLaunchSpecification { +export interface GetVpnConnectionDeviceTypesRequest { /** - *

                                                  Reserved.

                                                  + *

                                                  The maximum number of results returned by GetVpnConnectionDeviceTypes in + * paginated output. When this parameter is used, GetVpnConnectionDeviceTypes + * only returns MaxResults results in a single page along with a + * NextToken response element. The remaining results of the initial + * request can be seen by sending another GetVpnConnectionDeviceTypes request + * with the returned NextToken value. This value can be between 200 and 1000. + * If this parameter is not used, then GetVpnConnectionDeviceTypes returns all + * results.

                                                  */ - AdditionalInfo?: string; + MaxResults?: number; /** - *

                                                  The architecture of the instance.

                                                  + *

                                                  The NextToken value returned from a previous paginated + * GetVpnConnectionDeviceTypes request where MaxResults was + * used and the results exceeded the value of that parameter. Pagination continues from the + * end of the previous results that returned the NextToken value. This value + * is null when there are no more results to return.

                                                  */ - Architecture?: ArchitectureValues | string; + NextToken?: string; /** - *

                                                  The security group IDs.

                                                  + *

                                                  Checks whether you have the required permissions for the action, without actually + * making the request, and provides an error response. If you have the required + * permissions, the error response is DryRunOperation. Otherwise, it is + * UnauthorizedOperation.

                                                  */ - GroupIds?: string[]; + DryRun?: boolean; +} +export namespace GetVpnConnectionDeviceTypesRequest { /** - *

                                                  The security group names.

                                                  + * @internal */ - GroupNames?: string[]; + export const filterSensitiveLog = (obj: GetVpnConnectionDeviceTypesRequest): any => ({ + ...obj, + }); +} +/** + *

                                                  List of customer gateway devices that have a sample configuration file available for + * use. You can also see the list of device types with sample configuration files available + * under Your customer + * gateway device in the Amazon Web Services Site-to-Site VPN User Guide.

                                                  + */ +export interface VpnConnectionDeviceType { /** - *

                                                  Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the - * operating system command for system shutdown).

                                                  + *

                                                  Customer gateway device identifier.

                                                  */ - InstanceInitiatedShutdownBehavior?: ShutdownBehavior | string; + VpnConnectionDeviceTypeId?: string; /** - *

                                                  The instance type. For more information about the instance types that you can import, see Instance Types in the - * VM Import/Export User Guide.

                                                  + *

                                                  Customer gateway device vendor.

                                                  */ - InstanceType?: _InstanceType | string; + Vendor?: string; /** - *

                                                  Indicates whether monitoring is enabled.

                                                  + *

                                                  Customer gateway device platform.

                                                  */ - Monitoring?: boolean; + Platform?: string; /** - *

                                                  The placement information for the instance.

                                                  + *

                                                  Customer gateway device software version.

                                                  */ - Placement?: Placement; + Software?: string; +} +export namespace VpnConnectionDeviceType { /** - *

                                                  [EC2-VPC] An available IP address from the IP address range of the subnet.

                                                  + * @internal */ - PrivateIpAddress?: string; + export const filterSensitiveLog = (obj: VpnConnectionDeviceType): any => ({ + ...obj, + }); +} +export interface GetVpnConnectionDeviceTypesResult { /** - *

                                                  [EC2-VPC] The ID of the subnet in which to launch the instance.

                                                  + *

                                                  List of customer gateway devices that have a sample configuration file available for + * use.

                                                  */ - SubnetId?: string; + VpnConnectionDeviceTypes?: VpnConnectionDeviceType[]; /** - *

                                                  The Base64-encoded user data to make available to the instance.

                                                  + *

                                                  The NextToken value to include in a future + * GetVpnConnectionDeviceTypes request. When the results of a + * GetVpnConnectionDeviceTypes request exceed MaxResults, + * this value can be used to retrieve the next page of results. This value is null when + * there are no more results to return.

                                                  */ - UserData?: UserData; + NextToken?: string; } -export namespace ImportInstanceLaunchSpecification { +export namespace GetVpnConnectionDeviceTypesResult { /** * @internal */ - export const filterSensitiveLog = (obj: ImportInstanceLaunchSpecification): any => ({ + export const filterSensitiveLog = (obj: GetVpnConnectionDeviceTypesResult): any => ({ ...obj, - ...(obj.UserData && { UserData: SENSITIVE_STRING }), }); } -export interface ImportInstanceRequest { - /** - *

                                                  A description for the instance being imported.

                                                  - */ - Description?: string; - - /** - *

                                                  The disk image.

                                                  - */ - DiskImages?: DiskImage[]; - +export interface ImportClientVpnClientCertificateRevocationListRequest { /** - *

                                                  Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                  + *

                                                  The ID of the Client VPN endpoint to which the client certificate revocation list applies.

                                                  */ - DryRun?: boolean; + ClientVpnEndpointId: string | undefined; /** - *

                                                  The launch specification.

                                                  + *

                                                  The client certificate revocation list file. For more information, see Generate a Client Certificate Revocation List in the + * Client VPN Administrator Guide.

                                                  */ - LaunchSpecification?: ImportInstanceLaunchSpecification; + CertificateRevocationList: string | undefined; /** - *

                                                  The instance operating system.

                                                  + *

                                                  Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                  */ - Platform: PlatformValues | string | undefined; + DryRun?: boolean; } -export namespace ImportInstanceRequest { +export namespace ImportClientVpnClientCertificateRevocationListRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ImportInstanceRequest): any => ({ + export const filterSensitiveLog = (obj: ImportClientVpnClientCertificateRevocationListRequest): any => ({ ...obj, - ...(obj.LaunchSpecification && { - LaunchSpecification: ImportInstanceLaunchSpecification.filterSensitiveLog(obj.LaunchSpecification), - }), }); } -export interface ImportInstanceResult { +export interface ImportClientVpnClientCertificateRevocationListResult { /** - *

                                                  Information about the conversion task.

                                                  + *

                                                  Returns true if the request succeeds; otherwise, it returns an error.

                                                  */ - ConversionTask?: ConversionTask; + Return?: boolean; } -export namespace ImportInstanceResult { +export namespace ImportClientVpnClientCertificateRevocationListResult { /** * @internal */ - export const filterSensitiveLog = (obj: ImportInstanceResult): any => ({ + export const filterSensitiveLog = (obj: ImportClientVpnClientCertificateRevocationListResult): any => ({ ...obj, }); } -export interface ImportKeyPairRequest { +/** + *

                                                  Describes the client-specific data.

                                                  + */ +export interface ClientData { /** - *

                                                  Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                  + *

                                                  A user-defined comment about the disk upload.

                                                  */ - DryRun?: boolean; + Comment?: string; /** - *

                                                  A unique name for the key pair.

                                                  + *

                                                  The time that the disk upload ends.

                                                  */ - KeyName: string | undefined; + UploadEnd?: Date; /** - *

                                                  The public key. For API calls, the text must be base64-encoded. For command line tools, base64 encoding is performed for you.

                                                  + *

                                                  The size of the uploaded disk image, in GiB.

                                                  */ - PublicKeyMaterial: Uint8Array | undefined; + UploadSize?: number; /** - *

                                                  The tags to apply to the imported key pair.

                                                  + *

                                                  The time that the disk upload starts.

                                                  */ - TagSpecifications?: TagSpecification[]; + UploadStart?: Date; } -export namespace ImportKeyPairRequest { +export namespace ClientData { /** * @internal */ - export const filterSensitiveLog = (obj: ImportKeyPairRequest): any => ({ + export const filterSensitiveLog = (obj: ClientData): any => ({ ...obj, }); } -export interface ImportKeyPairResult { - /** - *

                                                  The MD5 public key fingerprint as specified in section 4 of RFC 4716.

                                                  - */ - KeyFingerprint?: string; - - /** - *

                                                  The key pair name that you provided.

                                                  - */ - KeyName?: string; - +/** + *

                                                  Describes the Amazon S3 bucket for the disk image.

                                                  + */ +export interface UserBucket { /** - *

                                                  The ID of the resulting key pair.

                                                  + *

                                                  The name of the Amazon S3 bucket where the disk image is located.

                                                  */ - KeyPairId?: string; + S3Bucket?: string; /** - *

                                                  The tags applied to the imported key pair.

                                                  + *

                                                  The file name of the disk image.

                                                  */ - Tags?: Tag[]; + S3Key?: string; } -export namespace ImportKeyPairResult { +export namespace UserBucket { /** * @internal */ - export const filterSensitiveLog = (obj: ImportKeyPairResult): any => ({ + export const filterSensitiveLog = (obj: UserBucket): any => ({ ...obj, }); } /** - *

                                                  The disk container object for the import snapshot request.

                                                  + *

                                                  Describes the disk container object for an import image task.

                                                  */ -export interface SnapshotDiskContainer { +export interface ImageDiskContainer { /** - *

                                                  The description of the disk image being imported.

                                                  + *

                                                  The description of the disk image.

                                                  */ Description?: string; + /** + *

                                                  The block device mapping for the disk.

                                                  + */ + DeviceName?: string; + /** *

                                                  The format of the disk image being imported.

                                                  - *

                                                  Valid values: VHD | VMDK | RAW + *

                                                  Valid values: OVA | VHD | VHDX | VMDK | RAW *

                                                  */ Format?: string; /** - *

                                                  The URL to the Amazon S3-based disk image being imported. It can either be a https URL (https://..) or an Amazon - * S3 URL (s3://..).

                                                  + *

                                                  The ID of the EBS snapshot to be used for importing the snapshot.

                                                  + */ + SnapshotId?: string; + + /** + *

                                                  The URL to the Amazon S3-based disk image being imported. The URL can either be a https URL (https://..) or an + * Amazon S3 URL (s3://..)

                                                  */ Url?: string; /** - *

                                                  The Amazon S3 bucket for the disk image.

                                                  + *

                                                  The S3 bucket for the disk image.

                                                  */ UserBucket?: UserBucket; } -export namespace SnapshotDiskContainer { +export namespace ImageDiskContainer { /** * @internal */ - export const filterSensitiveLog = (obj: SnapshotDiskContainer): any => ({ + export const filterSensitiveLog = (obj: ImageDiskContainer): any => ({ ...obj, }); } -export interface ImportSnapshotRequest { +/** + *

                                                  The request information of license configurations.

                                                  + */ +export interface ImportImageLicenseConfigurationRequest { + /** + *

                                                  The ARN of a license configuration.

                                                  + */ + LicenseConfigurationArn?: string; +} + +export namespace ImportImageLicenseConfigurationRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ImportImageLicenseConfigurationRequest): any => ({ + ...obj, + }); +} + +export interface ImportImageRequest { + /** + *

                                                  The architecture of the virtual machine.

                                                  + *

                                                  Valid values: i386 | x86_64 | arm64 + *

                                                  + */ + Architecture?: string; + /** *

                                                  The client-specific data.

                                                  */ ClientData?: ClientData; /** - *

                                                  Token to enable idempotency for VM import requests.

                                                  + *

                                                  The token to enable idempotency for VM import requests.

                                                  */ ClientToken?: string; /** - *

                                                  The description string for the import snapshot task.

                                                  + *

                                                  A description string for the import image task.

                                                  */ Description?: string; /** - *

                                                  Information about the disk container.

                                                  + *

                                                  Information about the disk containers.

                                                  */ - DiskContainer?: SnapshotDiskContainer; + DiskContainers?: ImageDiskContainer[]; /** *

                                                  Checks whether you have the required permissions for the action, without actually making the request, @@ -6430,15 +6553,22 @@ export interface ImportSnapshotRequest { DryRun?: boolean; /** - *

                                                  Specifies whether the destination snapshot of the imported image should be encrypted. The default KMS key for EBS is - * used unless you specify a non-default KMS key using KmsKeyId. For more information, see Amazon EBS Encryption in the + *

                                                  Specifies whether the destination AMI of the imported image should be encrypted. The default KMS key for EBS is used + * unless you specify a non-default KMS key using KmsKeyId. For more information, see Amazon EBS Encryption in the * Amazon Elastic Compute Cloud User Guide.

                                                  */ Encrypted?: boolean; + /** + *

                                                  The target hypervisor platform.

                                                  + *

                                                  Valid values: xen + *

                                                  + */ + Hypervisor?: string; + /** *

                                                  An identifier for the symmetric KMS key to use when creating the - * encrypted snapshot. This parameter is only required if you want to use a non-default KMS key; if this + * encrypted AMI. This parameter is only required if you want to use a non-default KMS key; if this * parameter is not specified, the default KMS key for EBS is used. If a KmsKeyId is * specified, the Encrypted flag must also be set.

                                                  *

                                                  The KMS key identifier may be provided in any of the following formats:

                                                  @@ -6458,427 +6588,339 @@ export interface ImportSnapshotRequest { *
                                                *

                                                Amazon Web Services parses KmsKeyId asynchronously, meaning that the action you call may appear to complete even * though you provided an invalid identifier. This action will eventually report failure.

                                                - *

                                                The specified KMS key must exist in the Region that the snapshot is being copied to.

                                                + *

                                                The specified KMS key must exist in the Region that the AMI is being copied to.

                                                *

                                                Amazon EBS does not support asymmetric KMS keys.

                                                */ KmsKeyId?: string; /** - *

                                                The name of the role to use when not using the default role, 'vmimport'.

                                                + *

                                                The license type to be used for the Amazon Machine Image (AMI) after importing.

                                                + *

                                                By default, we detect the source-system operating system (OS) and apply the appropriate license. Specify + * AWS to replace the source-system license with an Amazon Web Services license, if appropriate. Specify BYOL + * to retain the source-system license, if appropriate.

                                                + *

                                                To use BYOL, you must have existing licenses with rights to use these licenses in a third party + * cloud, such as Amazon Web Services. For more information, see Prerequisites in the + * VM Import/Export User Guide.

                                                */ - RoleName?: string; + LicenseType?: string; /** - *

                                                The tags to apply to the import snapshot task during creation.

                                                + *

                                                The operating system of the virtual machine.

                                                + *

                                                Valid values: Windows | Linux + *

                                                */ - TagSpecifications?: TagSpecification[]; -} + Platform?: string; -export namespace ImportSnapshotRequest { /** - * @internal + *

                                                The name of the role to use when not using the default role, 'vmimport'.

                                                */ - export const filterSensitiveLog = (obj: ImportSnapshotRequest): any => ({ - ...obj, - }); -} + RoleName?: string; -export interface ImportSnapshotResult { /** - *

                                                A description of the import snapshot task.

                                                + *

                                                The ARNs of the license configurations.

                                                */ - Description?: string; + LicenseSpecifications?: ImportImageLicenseConfigurationRequest[]; /** - *

                                                The ID of the import snapshot task.

                                                + *

                                                The tags to apply to the import image task during creation.

                                                */ - ImportTaskId?: string; + TagSpecifications?: TagSpecification[]; /** - *

                                                Information about the import snapshot task.

                                                + *

                                                The usage operation value. For more information, see AMI billing information fields in the Amazon Elastic Compute Cloud User Guide.

                                                */ - SnapshotTaskDetail?: SnapshotTaskDetail; + UsageOperation?: string; /** - *

                                                Any tags assigned to the import snapshot task.

                                                + *

                                                The boot mode of the virtual machine.

                                                */ - Tags?: Tag[]; + BootMode?: BootModeValues | string; } -export namespace ImportSnapshotResult { +export namespace ImportImageRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ImportSnapshotResult): any => ({ + export const filterSensitiveLog = (obj: ImportImageRequest): any => ({ ...obj, }); } -export interface ImportVolumeRequest { +export interface ImportImageResult { /** - *

                                                The Availability Zone for the resulting EBS volume.

                                                + *

                                                The architecture of the virtual machine.

                                                */ - AvailabilityZone: string | undefined; + Architecture?: string; /** - *

                                                A description of the volume.

                                                + *

                                                A description of the import task.

                                                */ Description?: string; /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                - */ - DryRun?: boolean; - - /** - *

                                                The disk image.

                                                - */ - Image: DiskImageDetail | undefined; - - /** - *

                                                The volume size.

                                                - */ - Volume: VolumeDetail | undefined; -} - -export namespace ImportVolumeRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: ImportVolumeRequest): any => ({ - ...obj, - }); -} - -export interface ImportVolumeResult { - /** - *

                                                Information about the conversion task.

                                                - */ - ConversionTask?: ConversionTask; -} - -export namespace ImportVolumeResult { - /** - * @internal - */ - export const filterSensitiveLog = (obj: ImportVolumeResult): any => ({ - ...obj, - }); -} - -export interface ModifyAddressAttributeRequest { - /** - *

                                                [EC2-VPC] The allocation ID.

                                                + *

                                                Indicates whether the AMI is encrypted.

                                                */ - AllocationId: string | undefined; + Encrypted?: boolean; /** - *

                                                The domain name to modify for the IP address.

                                                + *

                                                The target hypervisor of the import task.

                                                */ - DomainName?: string; + Hypervisor?: string; /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + *

                                                The ID of the Amazon Machine Image (AMI) created by the import task.

                                                */ - DryRun?: boolean; -} + ImageId?: string; -export namespace ModifyAddressAttributeRequest { /** - * @internal + *

                                                The task ID of the import image task.

                                                */ - export const filterSensitiveLog = (obj: ModifyAddressAttributeRequest): any => ({ - ...obj, - }); -} + ImportTaskId?: string; -export interface ModifyAddressAttributeResult { /** - *

                                                Information about the Elastic IP address.

                                                + *

                                                The identifier for the symmetric KMS key that was used to create the encrypted AMI.

                                                */ - Address?: AddressAttribute; -} + KmsKeyId?: string; -export namespace ModifyAddressAttributeResult { /** - * @internal + *

                                                The license type of the virtual machine.

                                                */ - export const filterSensitiveLog = (obj: ModifyAddressAttributeResult): any => ({ - ...obj, - }); -} - -export type ModifyAvailabilityZoneOptInStatus = "not-opted-in" | "opted-in"; + LicenseType?: string; -export interface ModifyAvailabilityZoneGroupRequest { /** - *

                                                The name of the Availability Zone group, Local Zone group, or Wavelength Zone - * group.

                                                + *

                                                The operating system of the virtual machine.

                                                */ - GroupName: string | undefined; + Platform?: string; /** - *

                                                Indicates whether you are opted in to the Local Zone group or Wavelength Zone group. The - * only valid value is opted-in. You must contact AWS Support to opt out of a Local Zone group, or Wavelength Zone group.

                                                + *

                                                The progress of the task.

                                                */ - OptInStatus: ModifyAvailabilityZoneOptInStatus | string | undefined; + Progress?: string; /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + *

                                                Information about the snapshots.

                                                */ - DryRun?: boolean; -} + SnapshotDetails?: SnapshotDetail[]; -export namespace ModifyAvailabilityZoneGroupRequest { /** - * @internal + *

                                                A brief status of the task.

                                                */ - export const filterSensitiveLog = (obj: ModifyAvailabilityZoneGroupRequest): any => ({ - ...obj, - }); -} + Status?: string; -export interface ModifyAvailabilityZoneGroupResult { /** - *

                                                Is true if the request succeeds, and an error otherwise.

                                                + *

                                                A detailed status message of the import task.

                                                */ - Return?: boolean; -} + StatusMessage?: string; -export namespace ModifyAvailabilityZoneGroupResult { /** - * @internal + *

                                                The ARNs of the license configurations.

                                                */ - export const filterSensitiveLog = (obj: ModifyAvailabilityZoneGroupResult): any => ({ - ...obj, - }); -} + LicenseSpecifications?: ImportImageLicenseConfigurationResponse[]; -export interface ModifyCapacityReservationRequest { /** - *

                                                The ID of the Capacity Reservation.

                                                + *

                                                Any tags assigned to the import image task.

                                                */ - CapacityReservationId: string | undefined; + Tags?: Tag[]; /** - *

                                                The number of instances for which to reserve capacity. The number of instances can't be increased or - * decreased by more than 1000 in a single request.

                                                + *

                                                The usage operation value.

                                                */ - InstanceCount?: number; + UsageOperation?: string; +} +export namespace ImportImageResult { /** - *

                                                The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity - * is released and you can no longer launch instances into it. The Capacity Reservation's state changes to - * expired when it reaches its end date and time.

                                                - *

                                                The Capacity Reservation is cancelled within an hour from the specified time. For example, if you specify - * 5/31/2019, 13:30:55, the Capacity Reservation is guaranteed to end between 13:30:55 and 14:30:55 on 5/31/2019.

                                                - *

                                                You must provide an EndDate value if EndDateType is - * limited. Omit EndDate if EndDateType is - * unlimited.

                                                + * @internal */ - EndDate?: Date; + export const filterSensitiveLog = (obj: ImportImageResult): any => ({ + ...obj, + }); +} +/** + *

                                                Describes a disk image.

                                                + */ +export interface DiskImageDetail { /** - *

                                                Indicates the way in which the Capacity Reservation ends. A Capacity Reservation can have one of the following end - * types:

                                                - *
                                                  - *
                                                • - *

                                                  - * unlimited - The Capacity Reservation remains active until you explicitly cancel it. Do not - * provide an EndDate value if EndDateType is - * unlimited.

                                                  - *
                                                  • - *
                                                • - *

                                                  - * limited - The Capacity Reservation expires automatically at a specified date and time. You must - * provide an EndDate value if EndDateType is - * limited.

                                                  - *
                                                  • - *
                                                + *

                                                The size of the disk image, in GiB.

                                                */ - EndDateType?: EndDateType | string; + Bytes: number | undefined; /** - *

                                                Reserved. Capacity Reservations you have created are accepted by default.

                                                + *

                                                The disk image format.

                                                */ - Accept?: boolean; + Format: DiskImageFormat | string | undefined; /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                + *

                                                A presigned URL for the import manifest stored in Amazon S3 and presented here as an Amazon S3 presigned URL. + * For information about creating a presigned URL for an Amazon S3 object, read the "Query String Request Authentication + * Alternative" section of the Authenticating REST Requests topic in the Amazon Simple Storage Service Developer + * Guide.

                                                + *

                                                For information about the import manifest referenced by this API action, see VM Import Manifest.

                                                */ - DryRun?: boolean; + ImportManifestUrl: string | undefined; } -export namespace ModifyCapacityReservationRequest { +export namespace DiskImageDetail { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyCapacityReservationRequest): any => ({ + export const filterSensitiveLog = (obj: DiskImageDetail): any => ({ ...obj, }); } -export interface ModifyCapacityReservationResult { +/** + *

                                                Describes an EBS volume.

                                                + */ +export interface VolumeDetail { /** - *

                                                Returns true if the request succeeds; otherwise, it returns an error.

                                                + *

                                                The size of the volume, in GiB.

                                                */ - Return?: boolean; + Size: number | undefined; } -export namespace ModifyCapacityReservationResult { +export namespace VolumeDetail { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyCapacityReservationResult): any => ({ + export const filterSensitiveLog = (obj: VolumeDetail): any => ({ ...obj, }); } /** - *

                                                Information about the DNS server to be used.

                                                + *

                                                Describes a disk image.

                                                */ -export interface DnsServersOptionsModifyStructure { +export interface DiskImage { /** - *

                                                The IPv4 address range, in CIDR notation, of the DNS servers to be used. You can specify up to - * two DNS servers. Ensure that the DNS servers can be reached by the clients. The specified values - * overwrite the existing values.

                                                + *

                                                A description of the disk image.

                                                */ - CustomDnsServers?: string[]; + Description?: string; /** - *

                                                Indicates whether DNS servers should be used. Specify False to delete the existing DNS - * servers.

                                                + *

                                                Information about the disk image.

                                                */ - Enabled?: boolean; + Image?: DiskImageDetail; + + /** + *

                                                Information about the volume.

                                                + */ + Volume?: VolumeDetail; } -export namespace DnsServersOptionsModifyStructure { +export namespace DiskImage { /** * @internal */ - export const filterSensitiveLog = (obj: DnsServersOptionsModifyStructure): any => ({ + export const filterSensitiveLog = (obj: DiskImage): any => ({ ...obj, }); } -export interface ModifyClientVpnEndpointRequest { +/** + *

                                                Describes the user data for an instance.

                                                + */ +export interface UserData { /** - *

                                                The ID of the Client VPN endpoint to modify.

                                                + *

                                                The user data. If you are using an Amazon Web Services SDK or command line tool, Base64-encoding is performed for you, and you + * can load the text from a file. Otherwise, you must provide Base64-encoded text.

                                                */ - ClientVpnEndpointId: string | undefined; + Data?: string; +} +export namespace UserData { /** - *

                                                The ARN of the server certificate to be used. The server certificate must be provisioned in - * Certificate Manager (ACM).

                                                + * @internal */ - ServerCertificateArn?: string; + export const filterSensitiveLog = (obj: UserData): any => ({ + ...obj, + }); +} +/** + *

                                                Describes the launch specification for VM import.

                                                + */ +export interface ImportInstanceLaunchSpecification { /** - *

                                                Information about the client connection logging options.

                                                - *

                                                If you enable client connection logging, data about client connections is sent to a - * Cloudwatch Logs log stream. The following information is logged:

                                                - *
                                                  - *
                                                • - *

                                                  Client connection requests

                                                  - *
                                                  • - *
                                                • - *

                                                  Client connection results (successful and unsuccessful)

                                                  - *
                                                  • - *
                                                • - *

                                                  Reasons for unsuccessful client connection requests

                                                  - *
                                                  • - *
                                                • - *

                                                  Client connection termination time

                                                  - *
                                                  • - *
                                                + *

                                                Reserved.

                                                */ - ConnectionLogOptions?: ConnectionLogOptions; + AdditionalInfo?: string; /** - *

                                                Information about the DNS servers to be used by Client VPN connections. A Client VPN endpoint can have - * up to two DNS servers.

                                                + *

                                                The architecture of the instance.

                                                */ - DnsServers?: DnsServersOptionsModifyStructure; + Architecture?: ArchitectureValues | string; /** - *

                                                The port number to assign to the Client VPN endpoint for TCP and UDP traffic.

                                                - *

                                                Valid Values: 443 | 1194 - *

                                                - *

                                                Default Value: 443 - *

                                                + *

                                                The security group IDs.

                                                */ - VpnPort?: number; + GroupIds?: string[]; /** - *

                                                A brief description of the Client VPN endpoint.

                                                + *

                                                The security group names.

                                                */ - Description?: string; + GroupNames?: string[]; /** - *

                                                Indicates whether the VPN is split-tunnel.

                                                - *

                                                For information about split-tunnel VPN endpoints, see Split-tunnel Client VPN endpoint in the - * Client VPN Administrator Guide.

                                                + *

                                                Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the + * operating system command for system shutdown).

                                                */ - SplitTunnel?: boolean; + InstanceInitiatedShutdownBehavior?: ShutdownBehavior | string; /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                + *

                                                The instance type. For more information about the instance types that you can import, see Instance Types in the + * VM Import/Export User Guide.

                                                */ - DryRun?: boolean; + InstanceType?: _InstanceType | string; /** - *

                                                The IDs of one or more security groups to apply to the target network.

                                                + *

                                                Indicates whether monitoring is enabled.

                                                + */ + Monitoring?: boolean; + + /** + *

                                                The placement information for the instance.

                                                */ - SecurityGroupIds?: string[]; + Placement?: Placement; /** - *

                                                The ID of the VPC to associate with the Client VPN endpoint.

                                                + *

                                                [EC2-VPC] An available IP address from the IP address range of the subnet.

                                                */ - VpcId?: string; + PrivateIpAddress?: string; /** - *

                                                Specify whether to enable the self-service portal for the Client VPN endpoint.

                                                + *

                                                [EC2-VPC] The ID of the subnet in which to launch the instance.

                                                */ - SelfServicePortal?: SelfServicePortal | string; + SubnetId?: string; /** - *

                                                The options for managing connection authorization for new client connections.

                                                + *

                                                The Base64-encoded user data to make available to the instance.

                                                */ - ClientConnectOptions?: ClientConnectOptions; + UserData?: UserData; } -export namespace ModifyClientVpnEndpointRequest { +export namespace ImportInstanceLaunchSpecification { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyClientVpnEndpointRequest): any => ({ + export const filterSensitiveLog = (obj: ImportInstanceLaunchSpecification): any => ({ ...obj, + ...(obj.UserData && { UserData: SENSITIVE_STRING }), }); } -export interface ModifyClientVpnEndpointResult { +export interface ImportInstanceRequest { /** - *

                                                Returns true if the request succeeds; otherwise, it returns an error.

                                                + *

                                                A description for the instance being imported.

                                                */ - Return?: boolean; -} + Description?: string; -export namespace ModifyClientVpnEndpointResult { /** - * @internal + *

                                                The disk image.

                                                */ - export const filterSensitiveLog = (obj: ModifyClientVpnEndpointResult): any => ({ - ...obj, - }); -} + DiskImages?: DiskImage[]; -export interface ModifyDefaultCreditSpecificationRequest { /** *

                                                Checks whether you have the required permissions for the action, without actually making the request, * and provides an error response. If you have the required permissions, the error response is DryRunOperation. @@ -6887,213 +6929,166 @@ export interface ModifyDefaultCreditSpecificationRequest { DryRun?: boolean; /** - *

                                                The instance family.

                                                + *

                                                The launch specification.

                                                */ - InstanceFamily: UnlimitedSupportedInstanceFamily | string | undefined; + LaunchSpecification?: ImportInstanceLaunchSpecification; /** - *

                                                The credit option for CPU usage of the instance family.

                                                - *

                                                Valid Values: standard | unlimited - *

                                                + *

                                                The instance operating system.

                                                */ - CpuCredits: string | undefined; + Platform: PlatformValues | string | undefined; } -export namespace ModifyDefaultCreditSpecificationRequest { +export namespace ImportInstanceRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyDefaultCreditSpecificationRequest): any => ({ + export const filterSensitiveLog = (obj: ImportInstanceRequest): any => ({ ...obj, + ...(obj.LaunchSpecification && { + LaunchSpecification: ImportInstanceLaunchSpecification.filterSensitiveLog(obj.LaunchSpecification), + }), }); } -export interface ModifyDefaultCreditSpecificationResult { +export interface ImportInstanceResult { /** - *

                                                The default credit option for CPU usage of the instance family.

                                                + *

                                                Information about the conversion task.

                                                */ - InstanceFamilyCreditSpecification?: InstanceFamilyCreditSpecification; + ConversionTask?: ConversionTask; } -export namespace ModifyDefaultCreditSpecificationResult { +export namespace ImportInstanceResult { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyDefaultCreditSpecificationResult): any => ({ + export const filterSensitiveLog = (obj: ImportInstanceResult): any => ({ ...obj, }); } -export interface ModifyEbsDefaultKmsKeyIdRequest { - /** - *

                                                The identifier of the Key Management Service (KMS) KMS key to use for Amazon EBS encryption. - * If this parameter is not specified, your KMS key for Amazon EBS is used. If KmsKeyId is - * specified, the encrypted state must be true.

                                                - *

                                                You can specify the KMS key using any of the following:

                                                - *
                                                  - *
                                                • - *

                                                  Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.

                                                  - *
                                                  • - *
                                                • - *

                                                  Key alias. For example, alias/ExampleAlias.

                                                  - *
                                                  • - *
                                                • - *

                                                  Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab.

                                                  - *
                                                  • - *
                                                • - *

                                                  Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.

                                                  - *
                                                  • - *
                                                - *

                                                Amazon Web Services authenticates the KMS key asynchronously. Therefore, if you specify an ID, alias, or ARN that is not valid, - * the action can appear to complete, but eventually fails.

                                                - *

                                                Amazon EBS does not support asymmetric KMS keys.

                                                - */ - KmsKeyId: string | undefined; - +export interface ImportKeyPairRequest { /** *

                                                Checks whether you have the required permissions for the action, without actually making the request, * and provides an error response. If you have the required permissions, the error response is DryRunOperation. * Otherwise, it is UnauthorizedOperation.

                                                */ DryRun?: boolean; -} -export namespace ModifyEbsDefaultKmsKeyIdRequest { /** - * @internal + *

                                                A unique name for the key pair.

                                                */ - export const filterSensitiveLog = (obj: ModifyEbsDefaultKmsKeyIdRequest): any => ({ - ...obj, - }); -} + KeyName: string | undefined; -export interface ModifyEbsDefaultKmsKeyIdResult { /** - *

                                                The Amazon Resource Name (ARN) of the default KMS key for encryption by default.

                                                + *

                                                The public key. For API calls, the text must be base64-encoded. For command line tools, base64 encoding is performed for you.

                                                */ - KmsKeyId?: string; + PublicKeyMaterial: Uint8Array | undefined; + + /** + *

                                                The tags to apply to the imported key pair.

                                                + */ + TagSpecifications?: TagSpecification[]; } -export namespace ModifyEbsDefaultKmsKeyIdResult { +export namespace ImportKeyPairRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyEbsDefaultKmsKeyIdResult): any => ({ + export const filterSensitiveLog = (obj: ImportKeyPairRequest): any => ({ ...obj, }); } -export interface ModifyFleetRequest { - /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                - */ - DryRun?: boolean; - - /** - *

                                                Indicates whether running instances should be terminated if the total target capacity of - * the EC2 Fleet is decreased below the current size of the EC2 Fleet.

                                                - */ - ExcessCapacityTerminationPolicy?: FleetExcessCapacityTerminationPolicy | string; - +export interface ImportKeyPairResult { /** - *

                                                The launch template and overrides.

                                                + *

                                                The MD5 public key fingerprint as specified in section 4 of RFC 4716.

                                                */ - LaunchTemplateConfigs?: FleetLaunchTemplateConfigRequest[]; + KeyFingerprint?: string; /** - *

                                                The ID of the EC2 Fleet.

                                                + *

                                                The key pair name that you provided.

                                                */ - FleetId: string | undefined; + KeyName?: string; /** - *

                                                The size of the EC2 Fleet.

                                                + *

                                                The ID of the resulting key pair.

                                                */ - TargetCapacitySpecification?: TargetCapacitySpecificationRequest; + KeyPairId?: string; /** - *

                                                Reserved.

                                                + *

                                                The tags applied to the imported key pair.

                                                */ - Context?: string; + Tags?: Tag[]; } -export namespace ModifyFleetRequest { +export namespace ImportKeyPairResult { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyFleetRequest): any => ({ + export const filterSensitiveLog = (obj: ImportKeyPairResult): any => ({ ...obj, }); } -export interface ModifyFleetResult { +/** + *

                                                The disk container object for the import snapshot request.

                                                + */ +export interface SnapshotDiskContainer { /** - *

                                                Is true if the request succeeds, and an error otherwise.

                                                + *

                                                The description of the disk image being imported.

                                                */ - Return?: boolean; -} + Description?: string; -export namespace ModifyFleetResult { /** - * @internal + *

                                                The format of the disk image being imported.

                                                + *

                                                Valid values: VHD | VMDK | RAW + *

                                                */ - export const filterSensitiveLog = (obj: ModifyFleetResult): any => ({ - ...obj, - }); -} + Format?: string; -/** - *

                                                Describes a load permission.

                                                - */ -export interface LoadPermissionRequest { /** - *

                                                The name of the group.

                                                + *

                                                The URL to the Amazon S3-based disk image being imported. It can either be a https URL (https://..) or an Amazon + * S3 URL (s3://..).

                                                */ - Group?: PermissionGroup | string; + Url?: string; /** - *

                                                The AWS account ID.

                                                + *

                                                The Amazon S3 bucket for the disk image.

                                                */ - UserId?: string; + UserBucket?: UserBucket; } -export namespace LoadPermissionRequest { +export namespace SnapshotDiskContainer { /** * @internal */ - export const filterSensitiveLog = (obj: LoadPermissionRequest): any => ({ + export const filterSensitiveLog = (obj: SnapshotDiskContainer): any => ({ ...obj, }); } -/** - *

                                                Describes modifications to the load permissions of an Amazon FPGA image (AFI).

                                                - */ -export interface LoadPermissionModifications { +export interface ImportSnapshotRequest { /** - *

                                                The load permissions to add.

                                                + *

                                                The client-specific data.

                                                */ - Add?: LoadPermissionRequest[]; + ClientData?: ClientData; /** - *

                                                The load permissions to remove.

                                                + *

                                                Token to enable idempotency for VM import requests.

                                                */ - Remove?: LoadPermissionRequest[]; -} + ClientToken?: string; -export namespace LoadPermissionModifications { /** - * @internal + *

                                                The description string for the import snapshot task.

                                                */ - export const filterSensitiveLog = (obj: LoadPermissionModifications): any => ({ - ...obj, - }); -} + Description?: string; -export type OperationType = "add" | "remove"; + /** + *

                                                Information about the disk container.

                                                + */ + DiskContainer?: SnapshotDiskContainer; -export interface ModifyFpgaImageAttributeRequest { /** *

                                                Checks whether you have the required permissions for the action, without actually making the request, * and provides an error response. If you have the required permissions, the error response is DryRunOperation. @@ -7102,1126 +7097,1162 @@ export interface ModifyFpgaImageAttributeRequest { DryRun?: boolean; /** - *

                                                The ID of the AFI.

                                                - */ - FpgaImageId: string | undefined; - - /** - *

                                                The name of the attribute.

                                                - */ - Attribute?: FpgaImageAttributeName | string; - - /** - *

                                                The operation type.

                                                + *

                                                Specifies whether the destination snapshot of the imported image should be encrypted. The default KMS key for EBS is + * used unless you specify a non-default KMS key using KmsKeyId. For more information, see Amazon EBS Encryption in the + * Amazon Elastic Compute Cloud User Guide.

                                                */ - OperationType?: OperationType | string; + Encrypted?: boolean; /** - *

                                                The AWS account IDs. This parameter is valid only when modifying the loadPermission attribute.

                                                + *

                                                An identifier for the symmetric KMS key to use when creating the + * encrypted snapshot. This parameter is only required if you want to use a non-default KMS key; if this + * parameter is not specified, the default KMS key for EBS is used. If a KmsKeyId is + * specified, the Encrypted flag must also be set.

                                                + *

                                                The KMS key identifier may be provided in any of the following formats:

                                                + *
                                                  + *
                                                • + *

                                                  Key ID

                                                  + *
                                                  • + *
                                                • + *

                                                  Key alias. The alias ARN contains the arn:aws:kms namespace, followed by the Region of the key, the Amazon Web Services account ID of the key owner, the alias namespace, and then the key alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.

                                                  + *
                                                  • + *
                                                • + *

                                                  ARN using key ID. The ID ARN contains the arn:aws:kms namespace, followed by the Region of the key, the Amazon Web Services account ID of the key owner, the key namespace, and then the key ID. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef.

                                                  + *
                                                  • + *
                                                • + *

                                                  ARN using key alias. The alias ARN contains the arn:aws:kms namespace, followed by the Region of the key, the Amazon Web Services account ID of the key owner, the alias namespace, and then the key alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.

                                                  + *
                                                  • + *
                                                + *

                                                Amazon Web Services parses KmsKeyId asynchronously, meaning that the action you call may appear to complete even + * though you provided an invalid identifier. This action will eventually report failure.

                                                + *

                                                The specified KMS key must exist in the Region that the snapshot is being copied to.

                                                + *

                                                Amazon EBS does not support asymmetric KMS keys.

                                                */ - UserIds?: string[]; + KmsKeyId?: string; /** - *

                                                The user groups. This parameter is valid only when modifying the loadPermission attribute.

                                                + *

                                                The name of the role to use when not using the default role, 'vmimport'.

                                                */ - UserGroups?: string[]; + RoleName?: string; /** - *

                                                The product codes. After you add a product code to an AFI, it can't be removed. - * This parameter is valid only when modifying the productCodes attribute.

                                                + *

                                                The tags to apply to the import snapshot task during creation.

                                                */ - ProductCodes?: string[]; + TagSpecifications?: TagSpecification[]; +} +export namespace ImportSnapshotRequest { /** - *

                                                The load permission for the AFI.

                                                + * @internal */ - LoadPermission?: LoadPermissionModifications; + export const filterSensitiveLog = (obj: ImportSnapshotRequest): any => ({ + ...obj, + }); +} +export interface ImportSnapshotResult { /** - *

                                                A description for the AFI.

                                                + *

                                                A description of the import snapshot task.

                                                */ Description?: string; /** - *

                                                A name for the AFI.

                                                + *

                                                The ID of the import snapshot task.

                                                */ - Name?: string; -} + ImportTaskId?: string; -export namespace ModifyFpgaImageAttributeRequest { /** - * @internal + *

                                                Information about the import snapshot task.

                                                */ - export const filterSensitiveLog = (obj: ModifyFpgaImageAttributeRequest): any => ({ - ...obj, - }); -} + SnapshotTaskDetail?: SnapshotTaskDetail; -export interface ModifyFpgaImageAttributeResult { /** - *

                                                Information about the attribute.

                                                + *

                                                Any tags assigned to the import snapshot task.

                                                */ - FpgaImageAttribute?: FpgaImageAttribute; + Tags?: Tag[]; } -export namespace ModifyFpgaImageAttributeResult { +export namespace ImportSnapshotResult { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyFpgaImageAttributeResult): any => ({ + export const filterSensitiveLog = (obj: ImportSnapshotResult): any => ({ ...obj, }); } -export interface ModifyHostsRequest { +export interface ImportVolumeRequest { /** - *

                                                Specify whether to enable or disable auto-placement.

                                                + *

                                                The Availability Zone for the resulting EBS volume.

                                                */ - AutoPlacement?: AutoPlacement | string; + AvailabilityZone: string | undefined; /** - *

                                                The IDs of the Dedicated Hosts to modify.

                                                + *

                                                A description of the volume.

                                                */ - HostIds: string[] | undefined; + Description?: string; /** - *

                                                Indicates whether to enable or disable host recovery for the Dedicated Host. For more information, - * see - * Host recovery in the Amazon EC2 User Guide.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ - HostRecovery?: HostRecovery | string; + DryRun?: boolean; /** - *

                                                Specifies the instance type to be supported by the Dedicated Host. Specify this parameter to - * modify a Dedicated Host to support only a specific instance type.

                                                - * - *

                                                If you want to modify a Dedicated Host to support multiple instance types in its current instance - * family, omit this parameter and specify InstanceFamily - * instead. You cannot specify InstanceType and - * InstanceFamily in the same request.

                                                + *

                                                The disk image.

                                                */ - InstanceType?: string; + Image: DiskImageDetail | undefined; /** - *

                                                Specifies the instance family to be supported by the Dedicated Host. Specify this parameter - * to modify a Dedicated Host to support multiple instance types within its current - * instance family.

                                                - * - *

                                                If you want to modify a Dedicated Host to support a specific instance type only, omit this parameter - * and specify InstanceType instead. You cannot specify - * InstanceFamily and InstanceType - * in the same request.

                                                + *

                                                The volume size.

                                                */ - InstanceFamily?: string; + Volume: VolumeDetail | undefined; } -export namespace ModifyHostsRequest { +export namespace ImportVolumeRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyHostsRequest): any => ({ + export const filterSensitiveLog = (obj: ImportVolumeRequest): any => ({ ...obj, }); } -export interface ModifyHostsResult { - /** - *

                                                The IDs of the Dedicated Hosts that were successfully modified.

                                                - */ - Successful?: string[]; - +export interface ImportVolumeResult { /** - *

                                                The IDs of the Dedicated Hosts that could not be modified. Check whether the - * setting you requested can be used.

                                                + *

                                                Information about the conversion task.

                                                */ - Unsuccessful?: UnsuccessfulItem[]; + ConversionTask?: ConversionTask; } -export namespace ModifyHostsResult { +export namespace ImportVolumeResult { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyHostsResult): any => ({ + export const filterSensitiveLog = (obj: ImportVolumeResult): any => ({ ...obj, }); } -export interface ModifyIdentityIdFormatRequest { +export interface ModifyAddressAttributeRequest { /** - *

                                                The ARN of the principal, which can be an IAM user, IAM role, or the root user. Specify - * all to modify the ID format for all IAM users, IAM roles, and the root user of - * the account.

                                                + *

                                                [EC2-VPC] The allocation ID.

                                                */ - PrincipalArn: string | undefined; + AllocationId: string | undefined; /** - *

                                                The type of resource: bundle | conversion-task | customer-gateway | dhcp-options | - * elastic-ip-allocation | elastic-ip-association | - * export-task | flow-log | image | - * import-task | internet-gateway | network-acl - * | network-acl-association | network-interface | - * network-interface-attachment | prefix-list | - * route-table | route-table-association | - * security-group | subnet | - * subnet-cidr-block-association | vpc | - * vpc-cidr-block-association | vpc-endpoint | vpc-peering-connection | vpn-connection | vpn-gateway.

                                                - *

                                                Alternatively, use the all-current option to include all resource types that are - * currently within their opt-in period for longer IDs.

                                                + *

                                                The domain name to modify for the IP address.

                                                */ - Resource: string | undefined; + DomainName?: string; /** - *

                                                Indicates whether the resource should use longer IDs (17-character IDs)

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ - UseLongIds: boolean | undefined; + DryRun?: boolean; } -export namespace ModifyIdentityIdFormatRequest { +export namespace ModifyAddressAttributeRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyIdentityIdFormatRequest): any => ({ + export const filterSensitiveLog = (obj: ModifyAddressAttributeRequest): any => ({ ...obj, }); } -export interface ModifyIdFormatRequest { - /** - *

                                                The type of resource: bundle | conversion-task | customer-gateway | dhcp-options | - * elastic-ip-allocation | elastic-ip-association | - * export-task | flow-log | image | - * import-task | internet-gateway | network-acl - * | network-acl-association | network-interface | - * network-interface-attachment | prefix-list | - * route-table | route-table-association | - * security-group | subnet | - * subnet-cidr-block-association | vpc | - * vpc-cidr-block-association | vpc-endpoint | vpc-peering-connection | vpn-connection | vpn-gateway.

                                                - *

                                                Alternatively, use the all-current option to include all resource types that are - * currently within their opt-in period for longer IDs.

                                                - */ - Resource: string | undefined; - +export interface ModifyAddressAttributeResult { /** - *

                                                Indicate whether the resource should use longer IDs (17-character IDs).

                                                + *

                                                Information about the Elastic IP address.

                                                */ - UseLongIds: boolean | undefined; + Address?: AddressAttribute; } -export namespace ModifyIdFormatRequest { +export namespace ModifyAddressAttributeResult { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyIdFormatRequest): any => ({ + export const filterSensitiveLog = (obj: ModifyAddressAttributeResult): any => ({ ...obj, }); } -/** - *

                                                Describes a launch permission modification.

                                                - */ -export interface LaunchPermissionModifications { +export type ModifyAvailabilityZoneOptInStatus = "not-opted-in" | "opted-in"; + +export interface ModifyAvailabilityZoneGroupRequest { /** - *

                                                The Amazon Web Services account ID to add to the list of launch permissions for the AMI.

                                                + *

                                                The name of the Availability Zone group, Local Zone group, or Wavelength Zone + * group.

                                                */ - Add?: LaunchPermission[]; + GroupName: string | undefined; /** - *

                                                The Amazon Web Services account ID to remove from the list of launch permissions for the AMI.

                                                + *

                                                Indicates whether you are opted in to the Local Zone group or Wavelength Zone group. The + * only valid value is opted-in. You must contact AWS Support to opt out of a Local Zone group, or Wavelength Zone group.

                                                */ - Remove?: LaunchPermission[]; + OptInStatus: ModifyAvailabilityZoneOptInStatus | string | undefined; + + /** + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                + */ + DryRun?: boolean; } -export namespace LaunchPermissionModifications { +export namespace ModifyAvailabilityZoneGroupRequest { /** * @internal */ - export const filterSensitiveLog = (obj: LaunchPermissionModifications): any => ({ + export const filterSensitiveLog = (obj: ModifyAvailabilityZoneGroupRequest): any => ({ ...obj, }); } -/** - *

                                                Contains the parameters for ModifyImageAttribute.

                                                - */ -export interface ModifyImageAttributeRequest { - /** - *

                                                The name of the attribute to modify. - * The valid values are description and launchPermission.

                                                - */ - Attribute?: string; - - /** - *

                                                A new description for the AMI.

                                                - */ - Description?: AttributeValue; - +export interface ModifyAvailabilityZoneGroupResult { /** - *

                                                The ID of the AMI.

                                                + *

                                                Is true if the request succeeds, and an error otherwise.

                                                */ - ImageId: string | undefined; + Return?: boolean; +} +export namespace ModifyAvailabilityZoneGroupResult { /** - *

                                                A new launch permission for the AMI.

                                                + * @internal */ - LaunchPermission?: LaunchPermissionModifications; + export const filterSensitiveLog = (obj: ModifyAvailabilityZoneGroupResult): any => ({ + ...obj, + }); +} +export interface ModifyCapacityReservationRequest { /** - *

                                                The operation type. - * This parameter can be used only when the Attribute parameter is launchPermission.

                                                + *

                                                The ID of the Capacity Reservation.

                                                */ - OperationType?: OperationType | string; + CapacityReservationId: string | undefined; /** - *

                                                Not supported.

                                                + *

                                                The number of instances for which to reserve capacity. The number of instances can't be increased or + * decreased by more than 1000 in a single request.

                                                */ - ProductCodes?: string[]; + InstanceCount?: number; /** - *

                                                The user groups. - * This parameter can be used only when the Attribute parameter is launchPermission.

                                                + *

                                                The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity + * is released and you can no longer launch instances into it. The Capacity Reservation's state changes to + * expired when it reaches its end date and time.

                                                + *

                                                The Capacity Reservation is cancelled within an hour from the specified time. For example, if you specify + * 5/31/2019, 13:30:55, the Capacity Reservation is guaranteed to end between 13:30:55 and 14:30:55 on 5/31/2019.

                                                + *

                                                You must provide an EndDate value if EndDateType is + * limited. Omit EndDate if EndDateType is + * unlimited.

                                                */ - UserGroups?: string[]; + EndDate?: Date; /** - *

                                                The Amazon Web Services account IDs. - * This parameter can be used only when the Attribute parameter is launchPermission.

                                                + *

                                                Indicates the way in which the Capacity Reservation ends. A Capacity Reservation can have one of the following end + * types:

                                                + *
                                                  + *
                                                • + *

                                                  + * unlimited - The Capacity Reservation remains active until you explicitly cancel it. Do not + * provide an EndDate value if EndDateType is + * unlimited.

                                                  + *
                                                  • + *
                                                • + *

                                                  + * limited - The Capacity Reservation expires automatically at a specified date and time. You must + * provide an EndDate value if EndDateType is + * limited.

                                                  + *
                                                  • + *
                                                */ - UserIds?: string[]; + EndDateType?: EndDateType | string; /** - *

                                                The value of the attribute being modified. - * This parameter can be used only when the Attribute parameter is description.

                                                + *

                                                Reserved. Capacity Reservations you have created are accepted by default.

                                                */ - Value?: string; + Accept?: boolean; /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                */ DryRun?: boolean; } -export namespace ModifyImageAttributeRequest { +export namespace ModifyCapacityReservationRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyImageAttributeRequest): any => ({ + export const filterSensitiveLog = (obj: ModifyCapacityReservationRequest): any => ({ ...obj, }); } -/** - *

                                                Describes information used to set up an EBS volume specified in a block device - * mapping.

                                                - */ -export interface EbsInstanceBlockDeviceSpecification { - /** - *

                                                Indicates whether the volume is deleted on instance termination.

                                                - */ - DeleteOnTermination?: boolean; - +export interface ModifyCapacityReservationResult { /** - *

                                                The ID of the EBS volume.

                                                + *

                                                Returns true if the request succeeds; otherwise, it returns an error.

                                                */ - VolumeId?: string; + Return?: boolean; } -export namespace EbsInstanceBlockDeviceSpecification { +export namespace ModifyCapacityReservationResult { /** * @internal */ - export const filterSensitiveLog = (obj: EbsInstanceBlockDeviceSpecification): any => ({ + export const filterSensitiveLog = (obj: ModifyCapacityReservationResult): any => ({ ...obj, }); } -/** - *

                                                Describes a block device mapping entry.

                                                - */ -export interface InstanceBlockDeviceMappingSpecification { +export interface ModifyCapacityReservationFleetRequest { /** - *

                                                The device name (for example, /dev/sdh or xvdh).

                                                + *

                                                The ID of the Capacity Reservation Fleet to modify.

                                                */ - DeviceName?: string; + CapacityReservationFleetId: string | undefined; /** - *

                                                Parameters used to automatically set up EBS volumes when the instance is - * launched.

                                                + *

                                                The total number of capacity units to be reserved by the Capacity Reservation Fleet. This value, + * together with the instance type weights that you assign to each instance type used by the Fleet + * determine the number of instances for which the Fleet reserves capacity. Both values are based on + * units that make sense for your workload. For more information, see Total target capacity + * in the Amazon EC2 User Guide.

                                                */ - Ebs?: EbsInstanceBlockDeviceSpecification; + TotalTargetCapacity?: number; /** - *

                                                suppress the specified device included in the block device mapping.

                                                + *

                                                The date and time at which the Capacity Reservation Fleet expires. When the Capacity Reservation + * Fleet expires, its state changes to expired and all of the Capacity Reservations in the + * Fleet expire.

                                                + *

                                                The Capacity Reservation Fleet expires within an hour after the specified time. For example, if you + * specify 5/31/2019, 13:30:55, the Capacity Reservation Fleet is guaranteed + * to expire between 13:30:55 and 14:30:55 on 5/31/2019.

                                                + *

                                                You can't specify EndDate and + * RemoveEndDate in the same request.

                                                */ - NoDevice?: string; + EndDate?: Date; /** - *

                                                The virtual device name.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                */ - VirtualName?: string; + DryRun?: boolean; + + /** + *

                                                Indicates whether to remove the end date from the Capacity Reservation Fleet. If you remove the + * end date, the Capacity Reservation Fleet does not expire and it remains active until you explicitly + * cancel it using the CancelCapacityReservationFleet action.

                                                + *

                                                You can't specify RemoveEndDate and + * EndDate in the same request.

                                                + */ + RemoveEndDate?: boolean; } -export namespace InstanceBlockDeviceMappingSpecification { +export namespace ModifyCapacityReservationFleetRequest { /** * @internal */ - export const filterSensitiveLog = (obj: InstanceBlockDeviceMappingSpecification): any => ({ + export const filterSensitiveLog = (obj: ModifyCapacityReservationFleetRequest): any => ({ ...obj, }); } -export interface BlobAttributeValue { - Value?: Uint8Array; +export interface ModifyCapacityReservationFleetResult { + /** + *

                                                Returns true if the request succeeds; otherwise, it returns an error.

                                                + */ + Return?: boolean; } -export namespace BlobAttributeValue { +export namespace ModifyCapacityReservationFleetResult { /** * @internal */ - export const filterSensitiveLog = (obj: BlobAttributeValue): any => ({ + export const filterSensitiveLog = (obj: ModifyCapacityReservationFleetResult): any => ({ ...obj, }); } -export interface ModifyInstanceAttributeRequest { +/** + *

                                                Information about the DNS server to be used.

                                                + */ +export interface DnsServersOptionsModifyStructure { /** - *

                                                Enable or disable source/destination checks, which ensure that the instance - * is either the source or the destination of any traffic that it receives. - * If the value is true, source/destination checks are enabled; - * otherwise, they are disabled. The default value is true. - * You must disable source/destination checks if the instance runs services - * such as network address translation, routing, or firewalls.

                                                + *

                                                The IPv4 address range, in CIDR notation, of the DNS servers to be used. You can specify up to + * two DNS servers. Ensure that the DNS servers can be reached by the clients. The specified values + * overwrite the existing values.

                                                */ - SourceDestCheck?: AttributeBooleanValue; + CustomDnsServers?: string[]; /** - *

                                                The name of the attribute.

                                                + *

                                                Indicates whether DNS servers should be used. Specify False to delete the existing DNS + * servers.

                                                */ - Attribute?: InstanceAttributeName | string; + Enabled?: boolean; +} +export namespace DnsServersOptionsModifyStructure { /** - *

                                                Modifies the DeleteOnTermination attribute for volumes that are currently - * attached. The volume must be owned by the caller. If no value is specified for - * DeleteOnTermination, the default is true and the volume is - * deleted when the instance is terminated.

                                                - *

                                                To add instance store volumes to an Amazon EBS-backed instance, you must add them when - * you launch the instance. For more information, see Updating the block device mapping when launching an instance in the - * Amazon EC2 User Guide.

                                                + * @internal */ - BlockDeviceMappings?: InstanceBlockDeviceMappingSpecification[]; + export const filterSensitiveLog = (obj: DnsServersOptionsModifyStructure): any => ({ + ...obj, + }); +} +export interface ModifyClientVpnEndpointRequest { /** - *

                                                If the value is true, you can't terminate the instance using the Amazon - * EC2 console, CLI, or API; otherwise, you can. You cannot use this parameter for Spot - * Instances.

                                                + *

                                                The ID of the Client VPN endpoint to modify.

                                                */ - DisableApiTermination?: AttributeBooleanValue; + ClientVpnEndpointId: string | undefined; /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + *

                                                The ARN of the server certificate to be used. The server certificate must be provisioned in + * Certificate Manager (ACM).

                                                */ - DryRun?: boolean; + ServerCertificateArn?: string; /** - *

                                                Specifies whether the instance is optimized for Amazon EBS I/O. This optimization - * provides dedicated throughput to Amazon EBS and an optimized configuration stack to - * provide optimal EBS I/O performance. This optimization isn't available with all instance - * types. Additional usage charges apply when using an EBS Optimized instance.

                                                + *

                                                Information about the client connection logging options.

                                                + *

                                                If you enable client connection logging, data about client connections is sent to a + * Cloudwatch Logs log stream. The following information is logged:

                                                + *
                                                  + *
                                                • + *

                                                  Client connection requests

                                                  + *
                                                  • + *
                                                • + *

                                                  Client connection results (successful and unsuccessful)

                                                  + *
                                                  • + *
                                                • + *

                                                  Reasons for unsuccessful client connection requests

                                                  + *
                                                  • + *
                                                • + *

                                                  Client connection termination time

                                                  + *
                                                  • + *
                                                */ - EbsOptimized?: AttributeBooleanValue; + ConnectionLogOptions?: ConnectionLogOptions; /** - *

                                                Set to true to enable enhanced networking with ENA for the - * instance.

                                                - *

                                                This option is supported only for HVM instances. Specifying this option with a PV - * instance can make it unreachable.

                                                + *

                                                Information about the DNS servers to be used by Client VPN connections. A Client VPN endpoint can have + * up to two DNS servers.

                                                */ - EnaSupport?: AttributeBooleanValue; + DnsServers?: DnsServersOptionsModifyStructure; /** - *

                                                [EC2-VPC] Replaces the security groups of the instance with the specified security groups. - * You must specify at least one security group, even if it's just the default security group for the VPC. You must - * specify the security group ID, not the security group name.

                                                + *

                                                The port number to assign to the Client VPN endpoint for TCP and UDP traffic.

                                                + *

                                                Valid Values: 443 | 1194 + *

                                                + *

                                                Default Value: 443 + *

                                                */ - Groups?: string[]; + VpnPort?: number; /** - *

                                                The ID of the instance.

                                                + *

                                                A brief description of the Client VPN endpoint.

                                                */ - InstanceId: string | undefined; + Description?: string; /** - *

                                                Specifies whether an instance stops or terminates when you initiate shutdown from the - * instance (using the operating system command for system shutdown).

                                                + *

                                                Indicates whether the VPN is split-tunnel.

                                                + *

                                                For information about split-tunnel VPN endpoints, see Split-tunnel Client VPN endpoint in the + * Client VPN Administrator Guide.

                                                */ - InstanceInitiatedShutdownBehavior?: AttributeValue; + SplitTunnel?: boolean; /** - *

                                                Changes the instance type to the specified value. For more information, see Instance - * types in the Amazon EC2 User Guide. If the instance type is not valid, - * the error returned is InvalidInstanceAttributeValue.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                */ - InstanceType?: AttributeValue; + DryRun?: boolean; /** - *

                                                Changes the instance's kernel to the specified value. We recommend that you use - * PV-GRUB instead of kernels and RAM disks. For more information, see PV-GRUB.

                                                + *

                                                The IDs of one or more security groups to apply to the target network.

                                                */ - Kernel?: AttributeValue; + SecurityGroupIds?: string[]; /** - *

                                                Changes the instance's RAM disk to the specified value. We recommend that you use - * PV-GRUB instead of kernels and RAM disks. For more information, see PV-GRUB.

                                                + *

                                                The ID of the VPC to associate with the Client VPN endpoint.

                                                */ - Ramdisk?: AttributeValue; + VpcId?: string; /** - *

                                                Set to simple to enable enhanced networking with the Intel 82599 Virtual - * Function interface for the instance.

                                                - *

                                                There is no way to disable enhanced networking with the Intel 82599 Virtual Function - * interface at this time.

                                                - *

                                                This option is supported only for HVM instances. Specifying this option with a PV - * instance can make it unreachable.

                                                + *

                                                Specify whether to enable the self-service portal for the Client VPN endpoint.

                                                */ - SriovNetSupport?: AttributeValue; + SelfServicePortal?: SelfServicePortal | string; /** - *

                                                Changes the instance's user data to the specified value. If you are using an Amazon Web Services SDK - * or command line tool, base64-encoding is performed for you, and you can load the text - * from a file. Otherwise, you must provide base64-encoded text.

                                                + *

                                                The options for managing connection authorization for new client connections.

                                                */ - UserData?: BlobAttributeValue; + ClientConnectOptions?: ClientConnectOptions; +} +export namespace ModifyClientVpnEndpointRequest { /** - *

                                                A new value for the attribute. Use only with the kernel, - * ramdisk, userData, disableApiTermination, or - * instanceInitiatedShutdownBehavior attribute.

                                                + * @internal */ - Value?: string; + export const filterSensitiveLog = (obj: ModifyClientVpnEndpointRequest): any => ({ + ...obj, + }); } -export namespace ModifyInstanceAttributeRequest { +export interface ModifyClientVpnEndpointResult { + /** + *

                                                Returns true if the request succeeds; otherwise, it returns an error.

                                                + */ + Return?: boolean; +} + +export namespace ModifyClientVpnEndpointResult { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyInstanceAttributeRequest): any => ({ + export const filterSensitiveLog = (obj: ModifyClientVpnEndpointResult): any => ({ ...obj, }); } -/** - *

                                                Describes an instance's Capacity Reservation targeting option. You can specify only one parameter - * at a time. If you specify CapacityReservationPreference and - * CapacityReservationTarget, the request fails.

                                                - *

                                                Use the CapacityReservationPreference parameter to configure the instance - * to run as an On-Demand Instance or to run in any open Capacity Reservation that has - * matching attributes (instance type, platform, Availability Zone). Use the - * CapacityReservationTarget parameter to explicitly target a specific - * Capacity Reservation or a Capacity Reservation group.

                                                - */ -export interface CapacityReservationSpecification { +export interface ModifyDefaultCreditSpecificationRequest { /** - *

                                                Indicates the instance's Capacity Reservation preferences. Possible preferences include:

                                                - *
                                                  - *
                                                • - *

                                                  - * open - The instance can run in any open Capacity Reservation that has matching attributes - * (instance type, platform, Availability Zone).

                                                  - *
                                                  • - *
                                                • - *

                                                  - * none - The instance avoids running in a Capacity Reservation even if one is available. The - * instance runs as an On-Demand Instance.

                                                  - *
                                                  • - *
                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ - CapacityReservationPreference?: CapacityReservationPreference | string; + DryRun?: boolean; /** - *

                                                Information about the target Capacity Reservation or Capacity Reservation group.

                                                + *

                                                The instance family.

                                                + */ + InstanceFamily: UnlimitedSupportedInstanceFamily | string | undefined; + + /** + *

                                                The credit option for CPU usage of the instance family.

                                                + *

                                                Valid Values: standard | unlimited + *

                                                */ - CapacityReservationTarget?: CapacityReservationTarget; + CpuCredits: string | undefined; } -export namespace CapacityReservationSpecification { +export namespace ModifyDefaultCreditSpecificationRequest { /** * @internal */ - export const filterSensitiveLog = (obj: CapacityReservationSpecification): any => ({ + export const filterSensitiveLog = (obj: ModifyDefaultCreditSpecificationRequest): any => ({ ...obj, }); } -export interface ModifyInstanceCapacityReservationAttributesRequest { +export interface ModifyDefaultCreditSpecificationResult { /** - *

                                                The ID of the instance to be modified.

                                                + *

                                                The default credit option for CPU usage of the instance family.

                                                */ - InstanceId: string | undefined; + InstanceFamilyCreditSpecification?: InstanceFamilyCreditSpecification; +} +export namespace ModifyDefaultCreditSpecificationResult { /** - *

                                                Information about the Capacity Reservation targeting option.

                                                + * @internal */ - CapacityReservationSpecification: CapacityReservationSpecification | undefined; + export const filterSensitiveLog = (obj: ModifyDefaultCreditSpecificationResult): any => ({ + ...obj, + }); +} +export interface ModifyEbsDefaultKmsKeyIdRequest { /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                + *

                                                The identifier of the Key Management Service (KMS) KMS key to use for Amazon EBS encryption. + * If this parameter is not specified, your KMS key for Amazon EBS is used. If KmsKeyId is + * specified, the encrypted state must be true.

                                                + *

                                                You can specify the KMS key using any of the following:

                                                + *
                                                  + *
                                                • + *

                                                  Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.

                                                  + *
                                                  • + *
                                                • + *

                                                  Key alias. For example, alias/ExampleAlias.

                                                  + *
                                                  • + *
                                                • + *

                                                  Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab.

                                                  + *
                                                  • + *
                                                • + *

                                                  Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.

                                                  + *
                                                  • + *
                                                + *

                                                Amazon Web Services authenticates the KMS key asynchronously. Therefore, if you specify an ID, alias, or ARN that is not valid, + * the action can appear to complete, but eventually fails.

                                                + *

                                                Amazon EBS does not support asymmetric KMS keys.

                                                + */ + KmsKeyId: string | undefined; + + /** + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ DryRun?: boolean; } -export namespace ModifyInstanceCapacityReservationAttributesRequest { +export namespace ModifyEbsDefaultKmsKeyIdRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyInstanceCapacityReservationAttributesRequest): any => ({ + export const filterSensitiveLog = (obj: ModifyEbsDefaultKmsKeyIdRequest): any => ({ ...obj, }); } -export interface ModifyInstanceCapacityReservationAttributesResult { +export interface ModifyEbsDefaultKmsKeyIdResult { /** - *

                                                Returns true if the request succeeds; otherwise, it returns an error.

                                                + *

                                                The Amazon Resource Name (ARN) of the default KMS key for encryption by default.

                                                */ - Return?: boolean; + KmsKeyId?: string; } -export namespace ModifyInstanceCapacityReservationAttributesResult { +export namespace ModifyEbsDefaultKmsKeyIdResult { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyInstanceCapacityReservationAttributesResult): any => ({ + export const filterSensitiveLog = (obj: ModifyEbsDefaultKmsKeyIdResult): any => ({ ...obj, }); } -/** - *

                                                Describes the credit option for CPU usage of a burstable performance instance.

                                                - */ -export interface InstanceCreditSpecificationRequest { +export interface ModifyFleetRequest { /** - *

                                                The ID of the instance.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ - InstanceId?: string; + DryRun?: boolean; /** - *

                                                The credit option for CPU usage of the instance. Valid values are - * standard and unlimited.

                                                - *

                                                T3 instances with host tenancy do not support the unlimited - * CPU credit option.

                                                + *

                                                Indicates whether running instances should be terminated if the total target capacity of + * the EC2 Fleet is decreased below the current size of the EC2 Fleet.

                                                */ - CpuCredits?: string; -} + ExcessCapacityTerminationPolicy?: FleetExcessCapacityTerminationPolicy | string; -export namespace InstanceCreditSpecificationRequest { /** - * @internal + *

                                                The launch template and overrides.

                                                */ - export const filterSensitiveLog = (obj: InstanceCreditSpecificationRequest): any => ({ - ...obj, - }); -} + LaunchTemplateConfigs?: FleetLaunchTemplateConfigRequest[]; -export interface ModifyInstanceCreditSpecificationRequest { /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + *

                                                The ID of the EC2 Fleet.

                                                */ - DryRun?: boolean; + FleetId: string | undefined; /** - *

                                                A unique, case-sensitive token that you provide to ensure idempotency of your - * modification request. For more information, see Ensuring - * Idempotency.

                                                + *

                                                The size of the EC2 Fleet.

                                                */ - ClientToken?: string; + TargetCapacitySpecification?: TargetCapacitySpecificationRequest; /** - *

                                                Information about the credit option for CPU usage.

                                                + *

                                                Reserved.

                                                */ - InstanceCreditSpecifications: InstanceCreditSpecificationRequest[] | undefined; + Context?: string; } -export namespace ModifyInstanceCreditSpecificationRequest { +export namespace ModifyFleetRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyInstanceCreditSpecificationRequest): any => ({ + export const filterSensitiveLog = (obj: ModifyFleetRequest): any => ({ ...obj, }); } -/** - *

                                                Describes the burstable performance instance whose credit option for CPU usage was - * successfully modified.

                                                - */ -export interface SuccessfulInstanceCreditSpecificationItem { +export interface ModifyFleetResult { /** - *

                                                The ID of the instance.

                                                + *

                                                Is true if the request succeeds, and an error otherwise.

                                                */ - InstanceId?: string; + Return?: boolean; } -export namespace SuccessfulInstanceCreditSpecificationItem { +export namespace ModifyFleetResult { /** * @internal */ - export const filterSensitiveLog = (obj: SuccessfulInstanceCreditSpecificationItem): any => ({ + export const filterSensitiveLog = (obj: ModifyFleetResult): any => ({ ...obj, }); } -export enum UnsuccessfulInstanceCreditSpecificationErrorCode { - INCORRECT_INSTANCE_STATE = "IncorrectInstanceState", - INSTANCE_CREDIT_SPECIFICATION_NOT_SUPPORTED = "InstanceCreditSpecification.NotSupported", - INSTANCE_NOT_FOUND = "InvalidInstanceID.NotFound", - INVALID_INSTANCE_ID = "InvalidInstanceID.Malformed", -} - /** - *

                                                Information about the error for the burstable performance instance whose credit option - * for CPU usage was not modified.

                                                + *

                                                Describes a load permission.

                                                */ -export interface UnsuccessfulInstanceCreditSpecificationItemError { +export interface LoadPermissionRequest { /** - *

                                                The error code.

                                                + *

                                                The name of the group.

                                                */ - Code?: UnsuccessfulInstanceCreditSpecificationErrorCode | string; + Group?: PermissionGroup | string; /** - *

                                                The applicable error message.

                                                + *

                                                The AWS account ID.

                                                */ - Message?: string; + UserId?: string; } -export namespace UnsuccessfulInstanceCreditSpecificationItemError { +export namespace LoadPermissionRequest { /** * @internal */ - export const filterSensitiveLog = (obj: UnsuccessfulInstanceCreditSpecificationItemError): any => ({ + export const filterSensitiveLog = (obj: LoadPermissionRequest): any => ({ ...obj, }); } /** - *

                                                Describes the burstable performance instance whose credit option for CPU usage was not - * modified.

                                                + *

                                                Describes modifications to the load permissions of an Amazon FPGA image (AFI).

                                                */ -export interface UnsuccessfulInstanceCreditSpecificationItem { +export interface LoadPermissionModifications { /** - *

                                                The ID of the instance.

                                                + *

                                                The load permissions to add.

                                                */ - InstanceId?: string; + Add?: LoadPermissionRequest[]; /** - *

                                                The applicable error for the burstable performance instance whose credit option for - * CPU usage was not modified.

                                                + *

                                                The load permissions to remove.

                                                */ - Error?: UnsuccessfulInstanceCreditSpecificationItemError; + Remove?: LoadPermissionRequest[]; } -export namespace UnsuccessfulInstanceCreditSpecificationItem { +export namespace LoadPermissionModifications { /** * @internal */ - export const filterSensitiveLog = (obj: UnsuccessfulInstanceCreditSpecificationItem): any => ({ + export const filterSensitiveLog = (obj: LoadPermissionModifications): any => ({ ...obj, }); } -export interface ModifyInstanceCreditSpecificationResult { +export type OperationType = "add" | "remove"; + +export interface ModifyFpgaImageAttributeRequest { /** - *

                                                Information about the instances whose credit option for CPU usage was successfully - * modified.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ - SuccessfulInstanceCreditSpecifications?: SuccessfulInstanceCreditSpecificationItem[]; + DryRun?: boolean; /** - *

                                                Information about the instances whose credit option for CPU usage was not - * modified.

                                                + *

                                                The ID of the AFI.

                                                */ - UnsuccessfulInstanceCreditSpecifications?: UnsuccessfulInstanceCreditSpecificationItem[]; -} + FpgaImageId: string | undefined; -export namespace ModifyInstanceCreditSpecificationResult { /** - * @internal + *

                                                The name of the attribute.

                                                */ - export const filterSensitiveLog = (obj: ModifyInstanceCreditSpecificationResult): any => ({ - ...obj, - }); -} + Attribute?: FpgaImageAttributeName | string; -export interface ModifyInstanceEventStartTimeRequest { /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + *

                                                The operation type.

                                                */ - DryRun?: boolean; + OperationType?: OperationType | string; /** - *

                                                The ID of the instance with the scheduled event.

                                                + *

                                                The AWS account IDs. This parameter is valid only when modifying the loadPermission attribute.

                                                */ - InstanceId: string | undefined; + UserIds?: string[]; /** - *

                                                The ID of the event whose date and time you are modifying.

                                                + *

                                                The user groups. This parameter is valid only when modifying the loadPermission attribute.

                                                */ - InstanceEventId: string | undefined; + UserGroups?: string[]; /** - *

                                                The new date and time when the event will take place.

                                                + *

                                                The product codes. After you add a product code to an AFI, it can't be removed. + * This parameter is valid only when modifying the productCodes attribute.

                                                */ - NotBefore: Date | undefined; + ProductCodes?: string[]; + + /** + *

                                                The load permission for the AFI.

                                                + */ + LoadPermission?: LoadPermissionModifications; + + /** + *

                                                A description for the AFI.

                                                + */ + Description?: string; + + /** + *

                                                A name for the AFI.

                                                + */ + Name?: string; } -export namespace ModifyInstanceEventStartTimeRequest { +export namespace ModifyFpgaImageAttributeRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyInstanceEventStartTimeRequest): any => ({ + export const filterSensitiveLog = (obj: ModifyFpgaImageAttributeRequest): any => ({ ...obj, }); } -export interface ModifyInstanceEventStartTimeResult { +export interface ModifyFpgaImageAttributeResult { /** - *

                                                Describes a scheduled event for an instance.

                                                + *

                                                Information about the attribute.

                                                */ - Event?: InstanceStatusEvent; + FpgaImageAttribute?: FpgaImageAttribute; } -export namespace ModifyInstanceEventStartTimeResult { +export namespace ModifyFpgaImageAttributeResult { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyInstanceEventStartTimeResult): any => ({ + export const filterSensitiveLog = (obj: ModifyFpgaImageAttributeResult): any => ({ ...obj, }); } -export interface ModifyInstanceEventWindowRequest { +export interface ModifyHostsRequest { /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + *

                                                Specify whether to enable or disable auto-placement.

                                                */ - DryRun?: boolean; + AutoPlacement?: AutoPlacement | string; /** - *

                                                The name of the event window.

                                                + *

                                                The IDs of the Dedicated Hosts to modify.

                                                */ - Name?: string; + HostIds: string[] | undefined; /** - *

                                                The ID of the event window.

                                                + *

                                                Indicates whether to enable or disable host recovery for the Dedicated Host. For more information, + * see + * Host recovery in the Amazon EC2 User Guide.

                                                */ - InstanceEventWindowId: string | undefined; + HostRecovery?: HostRecovery | string; /** - *

                                                The time ranges of the event window.

                                                + *

                                                Specifies the instance type to be supported by the Dedicated Host. Specify this parameter to + * modify a Dedicated Host to support only a specific instance type.

                                                + * + *

                                                If you want to modify a Dedicated Host to support multiple instance types in its current instance + * family, omit this parameter and specify InstanceFamily + * instead. You cannot specify InstanceType and + * InstanceFamily in the same request.

                                                */ - TimeRanges?: InstanceEventWindowTimeRangeRequest[]; + InstanceType?: string; /** - *

                                                The cron expression of the event window, for example, * 0-4,20-23 * * 1,5.

                                                - *

                                                Constraints:

                                                - *
                                                  - *
                                                • - *

                                                  Only hour and day of the week values are supported.

                                                  - *
                                                  • - *
                                                • - *

                                                  For day of the week values, you can specify either integers 0 through - * 6, or alternative single values SUN through - * SAT.

                                                  - *
                                                  • - *
                                                • - *

                                                  The minute, month, and year must be specified by *.

                                                  - *
                                                  • - *
                                                • - *

                                                  The hour value must be one or a multiple range, for example, 0-4 or - * 0-4,20-23.

                                                  - *
                                                  • - *
                                                • - *

                                                  Each hour range must be >= 2 hours, for example, 0-2 or - * 20-23.

                                                  - *
                                                  • - *
                                                • - *

                                                  The event window must be >= 4 hours. The combined total time ranges in the event - * window must be >= 4 hours.

                                                  - *
                                                  • - *
                                                - *

                                                For more information about cron expressions, see cron on the Wikipedia - * website.

                                                + *

                                                Specifies the instance family to be supported by the Dedicated Host. Specify this parameter + * to modify a Dedicated Host to support multiple instance types within its current + * instance family.

                                                + * + *

                                                If you want to modify a Dedicated Host to support a specific instance type only, omit this parameter + * and specify InstanceType instead. You cannot specify + * InstanceFamily and InstanceType + * in the same request.

                                                */ - CronExpression?: string; + InstanceFamily?: string; } -export namespace ModifyInstanceEventWindowRequest { +export namespace ModifyHostsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyInstanceEventWindowRequest): any => ({ + export const filterSensitiveLog = (obj: ModifyHostsRequest): any => ({ ...obj, }); } -export interface ModifyInstanceEventWindowResult { +export interface ModifyHostsResult { /** - *

                                                Information about the event window.

                                                + *

                                                The IDs of the Dedicated Hosts that were successfully modified.

                                                */ - InstanceEventWindow?: InstanceEventWindow; + Successful?: string[]; + + /** + *

                                                The IDs of the Dedicated Hosts that could not be modified. Check whether the + * setting you requested can be used.

                                                + */ + Unsuccessful?: UnsuccessfulItem[]; } -export namespace ModifyInstanceEventWindowResult { +export namespace ModifyHostsResult { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyInstanceEventWindowResult): any => ({ + export const filterSensitiveLog = (obj: ModifyHostsResult): any => ({ ...obj, }); } -export interface ModifyInstanceMetadataOptionsRequest { +export interface ModifyIdentityIdFormatRequest { /** - *

                                                The ID of the instance.

                                                + *

                                                The ARN of the principal, which can be an IAM user, IAM role, or the root user. Specify + * all to modify the ID format for all IAM users, IAM roles, and the root user of + * the account.

                                                */ - InstanceId: string | undefined; + PrincipalArn: string | undefined; /** - *

                                                The state of token usage for your instance metadata requests. If the parameter is not - * specified in the request, the default state is optional.

                                                - *

                                                If the state is optional, you can choose to retrieve instance metadata - * with or without a signed token header on your request. If you retrieve the IAM role - * credentials without a token, the version 1.0 role credentials are returned. If you - * retrieve the IAM role credentials using a valid signed token, the version 2.0 role - * credentials are returned.

                                                - *

                                                If the state is required, you must send a signed token header with any - * instance metadata retrieval requests. In this state, retrieving the IAM role credential - * always returns the version 2.0 credentials; the version 1.0 credentials are not - * available.

                                                + *

                                                The type of resource: bundle | conversion-task | customer-gateway | dhcp-options | + * elastic-ip-allocation | elastic-ip-association | + * export-task | flow-log | image | + * import-task | internet-gateway | network-acl + * | network-acl-association | network-interface | + * network-interface-attachment | prefix-list | + * route-table | route-table-association | + * security-group | subnet | + * subnet-cidr-block-association | vpc | + * vpc-cidr-block-association | vpc-endpoint | vpc-peering-connection | vpn-connection | vpn-gateway.

                                                + *

                                                Alternatively, use the all-current option to include all resource types that are + * currently within their opt-in period for longer IDs.

                                                */ - HttpTokens?: HttpTokensState | string; + Resource: string | undefined; /** - *

                                                The desired HTTP PUT response hop limit for instance metadata requests. The larger the - * number, the further instance metadata requests can travel. If no parameter is specified, the existing state is maintained.

                                                - *

                                                Possible values: Integers from 1 to 64

                                                + *

                                                Indicates whether the resource should use longer IDs (17-character IDs)

                                                */ - HttpPutResponseHopLimit?: number; + UseLongIds: boolean | undefined; +} +export namespace ModifyIdentityIdFormatRequest { /** - *

                                                This parameter enables or disables the HTTP metadata endpoint on your instances. If - * the parameter is not specified, the existing state is maintained.

                                                - * - *

                                                If you specify a value of disabled, you will not be able to access your - * instance metadata.

                                                - *                                                 + * @internal */ - HttpEndpoint?: InstanceMetadataEndpointState | string; + export const filterSensitiveLog = (obj: ModifyIdentityIdFormatRequest): any => ({ + ...obj, + }); +} +export interface ModifyIdFormatRequest { /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                + *

                                                The type of resource: bundle | conversion-task | customer-gateway | dhcp-options | + * elastic-ip-allocation | elastic-ip-association | + * export-task | flow-log | image | + * import-task | internet-gateway | network-acl + * | network-acl-association | network-interface | + * network-interface-attachment | prefix-list | + * route-table | route-table-association | + * security-group | subnet | + * subnet-cidr-block-association | vpc | + * vpc-cidr-block-association | vpc-endpoint | vpc-peering-connection | vpn-connection | vpn-gateway.

                                                + *

                                                Alternatively, use the all-current option to include all resource types that are + * currently within their opt-in period for longer IDs.

                                                */ - DryRun?: boolean; + Resource: string | undefined; /** - *

                                                Enables or disables the IPv6 endpoint for the instance metadata service.

                                                + *

                                                Indicate whether the resource should use longer IDs (17-character IDs).

                                                */ - HttpProtocolIpv6?: InstanceMetadataProtocolState | string; + UseLongIds: boolean | undefined; } -export namespace ModifyInstanceMetadataOptionsRequest { +export namespace ModifyIdFormatRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyInstanceMetadataOptionsRequest): any => ({ + export const filterSensitiveLog = (obj: ModifyIdFormatRequest): any => ({ ...obj, }); } -export interface ModifyInstanceMetadataOptionsResult { +/** + *

                                                Describes a launch permission modification.

                                                + */ +export interface LaunchPermissionModifications { /** - *

                                                The ID of the instance.

                                                + *

                                                The Amazon Web Services account ID to add to the list of launch permissions for the AMI.

                                                */ - InstanceId?: string; + Add?: LaunchPermission[]; /** - *

                                                The metadata options for the instance.

                                                + *

                                                The Amazon Web Services account ID to remove from the list of launch permissions for the AMI.

                                                */ - InstanceMetadataOptions?: InstanceMetadataOptionsResponse; + Remove?: LaunchPermission[]; } -export namespace ModifyInstanceMetadataOptionsResult { +export namespace LaunchPermissionModifications { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyInstanceMetadataOptionsResult): any => ({ + export const filterSensitiveLog = (obj: LaunchPermissionModifications): any => ({ ...obj, }); } -export type HostTenancy = "dedicated" | "host"; +/** + *

                                                Contains the parameters for ModifyImageAttribute.

                                                + */ +export interface ModifyImageAttributeRequest { + /** + *

                                                The name of the attribute to modify. + * The valid values are description and launchPermission.

                                                + */ + Attribute?: string; -export interface ModifyInstancePlacementRequest { /** - *

                                                The affinity setting for the instance.

                                                + *

                                                A new description for the AMI.

                                                */ - Affinity?: Affinity | string; + Description?: AttributeValue; /** - *

                                                The name of the placement group in which to place the instance. For spread placement - * groups, the instance must have a tenancy of default. For cluster and - * partition placement groups, the instance must have a tenancy of default or - * dedicated.

                                                - *

                                                To remove an instance from a placement group, specify an empty string - * ("").

                                                + *

                                                The ID of the AMI.

                                                */ - GroupName?: string; + ImageId: string | undefined; /** - *

                                                The ID of the Dedicated Host with which to associate the instance.

                                                + *

                                                A new launch permission for the AMI.

                                                */ - HostId?: string; + LaunchPermission?: LaunchPermissionModifications; /** - *

                                                The ID of the instance that you are modifying.

                                                + *

                                                The operation type. + * This parameter can be used only when the Attribute parameter is launchPermission.

                                                */ - InstanceId: string | undefined; + OperationType?: OperationType | string; /** - *

                                                The tenancy for the instance.

                                                - * - * - *

                                                For T3 instances, you can't change the tenancy from dedicated - * to host, or from host to dedicated. - * Attempting to make one of these unsupported tenancy changes results in the - * InvalidTenancy error code.

                                                - *                                                 + *

                                                Not supported.

                                                */ - Tenancy?: HostTenancy | string; + ProductCodes?: string[]; /** - *

                                                Reserved for future use.

                                                + *

                                                The user groups. + * This parameter can be used only when the Attribute parameter is launchPermission.

                                                */ - PartitionNumber?: number; + UserGroups?: string[]; /** - *

                                                The ARN of the host resource group in which to place the instance.

                                                + *

                                                The Amazon Web Services account IDs. + * This parameter can be used only when the Attribute parameter is launchPermission.

                                                */ - HostResourceGroupArn?: string; + UserIds?: string[]; + + /** + *

                                                The value of the attribute being modified. + * This parameter can be used only when the Attribute parameter is description.

                                                + */ + Value?: string; + + /** + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                + */ + DryRun?: boolean; } -export namespace ModifyInstancePlacementRequest { +export namespace ModifyImageAttributeRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyInstancePlacementRequest): any => ({ + export const filterSensitiveLog = (obj: ModifyImageAttributeRequest): any => ({ ...obj, }); } -export interface ModifyInstancePlacementResult { +/** + *

                                                Describes information used to set up an EBS volume specified in a block device + * mapping.

                                                + */ +export interface EbsInstanceBlockDeviceSpecification { /** - *

                                                Is true if the request succeeds, and an error otherwise.

                                                + *

                                                Indicates whether the volume is deleted on instance termination.

                                                */ - Return?: boolean; + DeleteOnTermination?: boolean; + + /** + *

                                                The ID of the EBS volume.

                                                + */ + VolumeId?: string; } -export namespace ModifyInstancePlacementResult { +export namespace EbsInstanceBlockDeviceSpecification { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyInstancePlacementResult): any => ({ + export const filterSensitiveLog = (obj: EbsInstanceBlockDeviceSpecification): any => ({ ...obj, }); } -export interface ModifyLaunchTemplateRequest { - /** - *

                                                Checks whether you have the required permissions for the action, without actually - * making the request, and provides an error response. If you have the required - * permissions, the error response is DryRunOperation. Otherwise, it is - * UnauthorizedOperation.

                                                - */ - DryRun?: boolean; - +/** + *

                                                Describes a block device mapping entry.

                                                + */ +export interface InstanceBlockDeviceMappingSpecification { /** - *

                                                Unique, case-sensitive identifier you provide to ensure the idempotency of the - * request. For more information, see Ensuring - * Idempotency.

                                                - *

                                                Constraint: Maximum 128 ASCII characters.

                                                + *

                                                The device name (for example, /dev/sdh or xvdh).

                                                */ - ClientToken?: string; + DeviceName?: string; /** - *

                                                The ID of the launch template. You must specify either the launch template ID or - * launch template name in the request.

                                                + *

                                                Parameters used to automatically set up EBS volumes when the instance is + * launched.

                                                */ - LaunchTemplateId?: string; + Ebs?: EbsInstanceBlockDeviceSpecification; /** - *

                                                The name of the launch template. You must specify either the launch template ID or - * launch template name in the request.

                                                + *

                                                suppress the specified device included in the block device mapping.

                                                */ - LaunchTemplateName?: string; + NoDevice?: string; /** - *

                                                The version number of the launch template to set as the default version.

                                                + *

                                                The virtual device name.

                                                */ - DefaultVersion?: string; + VirtualName?: string; } -export namespace ModifyLaunchTemplateRequest { +export namespace InstanceBlockDeviceMappingSpecification { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyLaunchTemplateRequest): any => ({ + export const filterSensitiveLog = (obj: InstanceBlockDeviceMappingSpecification): any => ({ ...obj, }); } -export interface ModifyLaunchTemplateResult { - /** - *

                                                Information about the launch template.

                                                - */ - LaunchTemplate?: LaunchTemplate; +export interface BlobAttributeValue { + Value?: Uint8Array; } -export namespace ModifyLaunchTemplateResult { +export namespace BlobAttributeValue { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyLaunchTemplateResult): any => ({ + export const filterSensitiveLog = (obj: BlobAttributeValue): any => ({ ...obj, }); } -/** - *

                                                An entry for a prefix list.

                                                - */ -export interface RemovePrefixListEntry { +export interface ModifyInstanceAttributeRequest { /** - *

                                                The CIDR block.

                                                + *

                                                Enable or disable source/destination checks, which ensure that the instance + * is either the source or the destination of any traffic that it receives. + * If the value is true, source/destination checks are enabled; + * otherwise, they are disabled. The default value is true. + * You must disable source/destination checks if the instance runs services + * such as network address translation, routing, or firewalls.

                                                */ - Cidr: string | undefined; -} + SourceDestCheck?: AttributeBooleanValue; -export namespace RemovePrefixListEntry { /** - * @internal + *

                                                The name of the attribute.

                                                */ - export const filterSensitiveLog = (obj: RemovePrefixListEntry): any => ({ - ...obj, - }); -} + Attribute?: InstanceAttributeName | string; + + /** + *

                                                Modifies the DeleteOnTermination attribute for volumes that are currently + * attached. The volume must be owned by the caller. If no value is specified for + * DeleteOnTermination, the default is true and the volume is + * deleted when the instance is terminated.

                                                + *

                                                To add instance store volumes to an Amazon EBS-backed instance, you must add them when + * you launch the instance. For more information, see Updating the block device mapping when launching an instance in the + * Amazon EC2 User Guide.

                                                + */ + BlockDeviceMappings?: InstanceBlockDeviceMappingSpecification[]; + + /** + *

                                                If the value is true, you can't terminate the instance using the Amazon + * EC2 console, CLI, or API; otherwise, you can. You cannot use this parameter for Spot + * Instances.

                                                + */ + DisableApiTermination?: AttributeBooleanValue; -export interface ModifyManagedPrefixListRequest { /** *

                                                Checks whether you have the required permissions for the action, without actually making the request, * and provides an error response. If you have the required permissions, the error response is DryRunOperation. @@ -8230,810 +8261,1000 @@ export interface ModifyManagedPrefixListRequest { DryRun?: boolean; /** - *

                                                The ID of the prefix list.

                                                + *

                                                Specifies whether the instance is optimized for Amazon EBS I/O. This optimization + * provides dedicated throughput to Amazon EBS and an optimized configuration stack to + * provide optimal EBS I/O performance. This optimization isn't available with all instance + * types. Additional usage charges apply when using an EBS Optimized instance.

                                                */ - PrefixListId: string | undefined; + EbsOptimized?: AttributeBooleanValue; /** - *

                                                The current version of the prefix list.

                                                + *

                                                Set to true to enable enhanced networking with ENA for the + * instance.

                                                + *

                                                This option is supported only for HVM instances. Specifying this option with a PV + * instance can make it unreachable.

                                                */ - CurrentVersion?: number; + EnaSupport?: AttributeBooleanValue; /** - *

                                                A name for the prefix list.

                                                + *

                                                [EC2-VPC] Replaces the security groups of the instance with the specified security groups. + * You must specify at least one security group, even if it's just the default security group for the VPC. You must + * specify the security group ID, not the security group name.

                                                */ - PrefixListName?: string; + Groups?: string[]; /** - *

                                                One or more entries to add to the prefix list.

                                                + *

                                                The ID of the instance.

                                                */ - AddEntries?: AddPrefixListEntry[]; + InstanceId: string | undefined; /** - *

                                                One or more entries to remove from the prefix list.

                                                + *

                                                Specifies whether an instance stops or terminates when you initiate shutdown from the + * instance (using the operating system command for system shutdown).

                                                */ - RemoveEntries?: RemovePrefixListEntry[]; + InstanceInitiatedShutdownBehavior?: AttributeValue; /** - *

                                                The maximum number of entries for the prefix list. You cannot modify the entries - * of a prefix list and modify the size of a prefix list at the same time.

                                                - *

                                                If any of the resources that reference the prefix list cannot support the new - * maximum size, the modify operation fails. Check the state message for the IDs of - * the first ten resources that do not support the new maximum size.

                                                + *

                                                Changes the instance type to the specified value. For more information, see Instance + * types in the Amazon EC2 User Guide. If the instance type is not valid, + * the error returned is InvalidInstanceAttributeValue.

                                                */ - MaxEntries?: number; -} + InstanceType?: AttributeValue; -export namespace ModifyManagedPrefixListRequest { /** - * @internal + *

                                                Changes the instance's kernel to the specified value. We recommend that you use + * PV-GRUB instead of kernels and RAM disks. For more information, see PV-GRUB.

                                                */ - export const filterSensitiveLog = (obj: ModifyManagedPrefixListRequest): any => ({ - ...obj, - }); -} + Kernel?: AttributeValue; -export interface ModifyManagedPrefixListResult { /** - *

                                                Information about the prefix list.

                                                + *

                                                Changes the instance's RAM disk to the specified value. We recommend that you use + * PV-GRUB instead of kernels and RAM disks. For more information, see PV-GRUB.

                                                */ - PrefixList?: ManagedPrefixList; + Ramdisk?: AttributeValue; + + /** + *

                                                Set to simple to enable enhanced networking with the Intel 82599 Virtual + * Function interface for the instance.

                                                + *

                                                There is no way to disable enhanced networking with the Intel 82599 Virtual Function + * interface at this time.

                                                + *

                                                This option is supported only for HVM instances. Specifying this option with a PV + * instance can make it unreachable.

                                                + */ + SriovNetSupport?: AttributeValue; + + /** + *

                                                Changes the instance's user data to the specified value. If you are using an Amazon Web Services SDK + * or command line tool, base64-encoding is performed for you, and you can load the text + * from a file. Otherwise, you must provide base64-encoded text.

                                                + */ + UserData?: BlobAttributeValue; + + /** + *

                                                A new value for the attribute. Use only with the kernel, + * ramdisk, userData, disableApiTermination, or + * instanceInitiatedShutdownBehavior attribute.

                                                + */ + Value?: string; } -export namespace ModifyManagedPrefixListResult { +export namespace ModifyInstanceAttributeRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyManagedPrefixListResult): any => ({ + export const filterSensitiveLog = (obj: ModifyInstanceAttributeRequest): any => ({ ...obj, }); } /** - *

                                                Describes an attachment change.

                                                + *

                                                Describes an instance's Capacity Reservation targeting option. You can specify only one parameter + * at a time. If you specify CapacityReservationPreference and + * CapacityReservationTarget, the request fails.

                                                + *

                                                Use the CapacityReservationPreference parameter to configure the instance + * to run as an On-Demand Instance or to run in any open Capacity Reservation that has + * matching attributes (instance type, platform, Availability Zone). Use the + * CapacityReservationTarget parameter to explicitly target a specific + * Capacity Reservation or a Capacity Reservation group.

                                                */ -export interface NetworkInterfaceAttachmentChanges { +export interface CapacityReservationSpecification { /** - *

                                                The ID of the network interface attachment.

                                                + *

                                                Indicates the instance's Capacity Reservation preferences. Possible preferences include:

                                                + *
                                                  + *
                                                • + *

                                                  + * open - The instance can run in any open Capacity Reservation that has matching attributes + * (instance type, platform, Availability Zone).

                                                  + *
                                                  • + *
                                                • + *

                                                  + * none - The instance avoids running in a Capacity Reservation even if one is available. The + * instance runs as an On-Demand Instance.

                                                  + *
                                                  • + *
                                                */ - AttachmentId?: string; + CapacityReservationPreference?: CapacityReservationPreference | string; /** - *

                                                Indicates whether the network interface is deleted when the instance is terminated.

                                                + *

                                                Information about the target Capacity Reservation or Capacity Reservation group.

                                                */ - DeleteOnTermination?: boolean; + CapacityReservationTarget?: CapacityReservationTarget; } -export namespace NetworkInterfaceAttachmentChanges { +export namespace CapacityReservationSpecification { /** * @internal */ - export const filterSensitiveLog = (obj: NetworkInterfaceAttachmentChanges): any => ({ + export const filterSensitiveLog = (obj: CapacityReservationSpecification): any => ({ ...obj, }); } -/** - *

                                                Contains the parameters for ModifyNetworkInterfaceAttribute.

                                                - */ -export interface ModifyNetworkInterfaceAttributeRequest { +export interface ModifyInstanceCapacityReservationAttributesRequest { /** - *

                                                Information about the interface attachment. If modifying the 'delete on termination' attribute, you must specify the ID of the interface attachment.

                                                + *

                                                The ID of the instance to be modified.

                                                */ - Attachment?: NetworkInterfaceAttachmentChanges; + InstanceId: string | undefined; /** - *

                                                A description for the network interface.

                                                + *

                                                Information about the Capacity Reservation targeting option.

                                                */ - Description?: AttributeValue; + CapacityReservationSpecification: CapacityReservationSpecification | undefined; /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                */ DryRun?: boolean; +} +export namespace ModifyInstanceCapacityReservationAttributesRequest { /** - *

                                                Changes the security groups for the network interface. The new set of groups you specify replaces the current set. You must specify at least one group, even if it's just the default security group in the VPC. You must specify the ID of the security group, not the name.

                                                + * @internal */ - Groups?: string[]; + export const filterSensitiveLog = (obj: ModifyInstanceCapacityReservationAttributesRequest): any => ({ + ...obj, + }); +} + +export interface ModifyInstanceCapacityReservationAttributesResult { + /** + *

                                                Returns true if the request succeeds; otherwise, it returns an error.

                                                + */ + Return?: boolean; +} + +export namespace ModifyInstanceCapacityReservationAttributesResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ModifyInstanceCapacityReservationAttributesResult): any => ({ + ...obj, + }); +} +/** + *

                                                Describes the credit option for CPU usage of a burstable performance instance.

                                                + */ +export interface InstanceCreditSpecificationRequest { /** - *

                                                The ID of the network interface.

                                                + *

                                                The ID of the instance.

                                                */ - NetworkInterfaceId: string | undefined; + InstanceId?: string; /** - *

                                                Enable or disable source/destination checks, which ensure that the instance - * is either the source or the destination of any traffic that it receives. - * If the value is true, source/destination checks are enabled; - * otherwise, they are disabled. The default value is true. - * You must disable source/destination checks if the instance runs services - * such as network address translation, routing, or firewalls.

                                                + *

                                                The credit option for CPU usage of the instance. Valid values are + * standard and unlimited.

                                                + *

                                                T3 instances with host tenancy do not support the unlimited + * CPU credit option.

                                                */ - SourceDestCheck?: AttributeBooleanValue; + CpuCredits?: string; } -export namespace ModifyNetworkInterfaceAttributeRequest { +export namespace InstanceCreditSpecificationRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyNetworkInterfaceAttributeRequest): any => ({ + export const filterSensitiveLog = (obj: InstanceCreditSpecificationRequest): any => ({ ...obj, }); } -/** - *

                                                Contains the parameters for ModifyReservedInstances.

                                                - */ -export interface ModifyReservedInstancesRequest { +export interface ModifyInstanceCreditSpecificationRequest { /** - *

                                                The IDs of the Reserved Instances to modify.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ - ReservedInstancesIds: string[] | undefined; + DryRun?: boolean; /** - *

                                                A unique, case-sensitive token you provide to ensure idempotency of your modification request. For more information, see - * Ensuring Idempotency.

                                                + *

                                                A unique, case-sensitive token that you provide to ensure idempotency of your + * modification request. For more information, see Ensuring + * Idempotency.

                                                */ ClientToken?: string; /** - *

                                                The configuration settings for the Reserved Instances to modify.

                                                + *

                                                Information about the credit option for CPU usage.

                                                */ - TargetConfigurations: ReservedInstancesConfiguration[] | undefined; + InstanceCreditSpecifications: InstanceCreditSpecificationRequest[] | undefined; } -export namespace ModifyReservedInstancesRequest { +export namespace ModifyInstanceCreditSpecificationRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyReservedInstancesRequest): any => ({ + export const filterSensitiveLog = (obj: ModifyInstanceCreditSpecificationRequest): any => ({ ...obj, }); } /** - *

                                                Contains the output of ModifyReservedInstances.

                                                + *

                                                Describes the burstable performance instance whose credit option for CPU usage was + * successfully modified.

                                                */ -export interface ModifyReservedInstancesResult { +export interface SuccessfulInstanceCreditSpecificationItem { /** - *

                                                The ID for the modification.

                                                + *

                                                The ID of the instance.

                                                */ - ReservedInstancesModificationId?: string; + InstanceId?: string; } -export namespace ModifyReservedInstancesResult { +export namespace SuccessfulInstanceCreditSpecificationItem { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyReservedInstancesResult): any => ({ + export const filterSensitiveLog = (obj: SuccessfulInstanceCreditSpecificationItem): any => ({ ...obj, }); } +export enum UnsuccessfulInstanceCreditSpecificationErrorCode { + INCORRECT_INSTANCE_STATE = "IncorrectInstanceState", + INSTANCE_CREDIT_SPECIFICATION_NOT_SUPPORTED = "InstanceCreditSpecification.NotSupported", + INSTANCE_NOT_FOUND = "InvalidInstanceID.NotFound", + INVALID_INSTANCE_ID = "InvalidInstanceID.Malformed", +} + /** - *

                                                Describes a security group rule.

                                                - *

                                                You must specify exactly one of the following parameters, based on the rule type:

                                                - *
                                                  - *
                                                • - *

                                                  CidrIpv4

                                                  - *
                                                  • - *
                                                • - *

                                                  CidrIpv6

                                                  - *
                                                  • - *
                                                • - *

                                                  PrefixListId

                                                  - *
                                                  • - *
                                                • - *

                                                  ReferencedGroupId

                                                  - *
                                                  • - *
                                                - *

                                                When you modify a rule, you cannot change the rule type. For example, if the rule - * uses an IPv4 address range, you must use CidrIpv4 to specify a new IPv4 - * address range.

                                                + *

                                                Information about the error for the burstable performance instance whose credit option + * for CPU usage was not modified.

                                                */ -export interface SecurityGroupRuleRequest { +export interface UnsuccessfulInstanceCreditSpecificationItemError { /** - *

                                                The IP protocol name (tcp, udp, icmp, - * icmpv6) or number (see Protocol Numbers).

                                                - *

                                                Use -1 to specify all protocols.

                                                + *

                                                The error code.

                                                */ - IpProtocol?: string; + Code?: UnsuccessfulInstanceCreditSpecificationErrorCode | string; /** - *

                                                The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.

                                                + *

                                                The applicable error message.

                                                */ - FromPort?: number; + Message?: string; +} +export namespace UnsuccessfulInstanceCreditSpecificationItemError { /** - *

                                                The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.

                                                + * @internal */ - ToPort?: number; + export const filterSensitiveLog = (obj: UnsuccessfulInstanceCreditSpecificationItemError): any => ({ + ...obj, + }); +} +/** + *

                                                Describes the burstable performance instance whose credit option for CPU usage was not + * modified.

                                                + */ +export interface UnsuccessfulInstanceCreditSpecificationItem { /** - *

                                                The IPv4 CIDR range. To specify a single IPv4 address, use the /32 prefix length.

                                                + *

                                                The ID of the instance.

                                                */ - CidrIpv4?: string; + InstanceId?: string; /** - *

                                                The IPv6 CIDR range. To specify a single IPv6 address, use the /128 prefix length.

                                                + *

                                                The applicable error for the burstable performance instance whose credit option for + * CPU usage was not modified.

                                                */ - CidrIpv6?: string; + Error?: UnsuccessfulInstanceCreditSpecificationItemError; +} +export namespace UnsuccessfulInstanceCreditSpecificationItem { /** - *

                                                The ID of the prefix list.

                                                + * @internal */ - PrefixListId?: string; + export const filterSensitiveLog = (obj: UnsuccessfulInstanceCreditSpecificationItem): any => ({ + ...obj, + }); +} +export interface ModifyInstanceCreditSpecificationResult { /** - *

                                                The ID of the security group that is referenced in the security group rule.

                                                + *

                                                Information about the instances whose credit option for CPU usage was successfully + * modified.

                                                */ - ReferencedGroupId?: string; + SuccessfulInstanceCreditSpecifications?: SuccessfulInstanceCreditSpecificationItem[]; /** - *

                                                The description of the security group rule.

                                                + *

                                                Information about the instances whose credit option for CPU usage was not + * modified.

                                                */ - Description?: string; + UnsuccessfulInstanceCreditSpecifications?: UnsuccessfulInstanceCreditSpecificationItem[]; } -export namespace SecurityGroupRuleRequest { +export namespace ModifyInstanceCreditSpecificationResult { /** * @internal */ - export const filterSensitiveLog = (obj: SecurityGroupRuleRequest): any => ({ + export const filterSensitiveLog = (obj: ModifyInstanceCreditSpecificationResult): any => ({ ...obj, }); } -/** - *

                                                Describes an update to a security group rule.

                                                - */ -export interface SecurityGroupRuleUpdate { +export interface ModifyInstanceEventStartTimeRequest { /** - *

                                                The ID of the security group rule.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ - SecurityGroupRuleId?: string; + DryRun?: boolean; /** - *

                                                Information about the security group rule.

                                                + *

                                                The ID of the instance with the scheduled event.

                                                */ - SecurityGroupRule?: SecurityGroupRuleRequest; + InstanceId: string | undefined; + + /** + *

                                                The ID of the event whose date and time you are modifying.

                                                + */ + InstanceEventId: string | undefined; + + /** + *

                                                The new date and time when the event will take place.

                                                + */ + NotBefore: Date | undefined; } -export namespace SecurityGroupRuleUpdate { +export namespace ModifyInstanceEventStartTimeRequest { /** * @internal */ - export const filterSensitiveLog = (obj: SecurityGroupRuleUpdate): any => ({ + export const filterSensitiveLog = (obj: ModifyInstanceEventStartTimeRequest): any => ({ ...obj, }); } -export interface ModifySecurityGroupRulesRequest { +export interface ModifyInstanceEventStartTimeResult { /** - *

                                                The ID of the security group.

                                                + *

                                                Describes a scheduled event for an instance.

                                                */ - GroupId: string | undefined; + Event?: InstanceStatusEvent; +} +export namespace ModifyInstanceEventStartTimeResult { /** - *

                                                Information about the security group properties to update.

                                                + * @internal */ - SecurityGroupRules: SecurityGroupRuleUpdate[] | undefined; + export const filterSensitiveLog = (obj: ModifyInstanceEventStartTimeResult): any => ({ + ...obj, + }); +} +export interface ModifyInstanceEventWindowRequest { /** *

                                                Checks whether you have the required permissions for the action, without actually making the request, * and provides an error response. If you have the required permissions, the error response is DryRunOperation. * Otherwise, it is UnauthorizedOperation.

                                                */ DryRun?: boolean; -} -export namespace ModifySecurityGroupRulesRequest { /** - * @internal + *

                                                The name of the event window.

                                                */ - export const filterSensitiveLog = (obj: ModifySecurityGroupRulesRequest): any => ({ - ...obj, - }); -} + Name?: string; -export interface ModifySecurityGroupRulesResult { /** - *

                                                Returns true if the request succeeds; otherwise, returns an error.

                                                + *

                                                The ID of the event window.

                                                */ - Return?: boolean; -} + InstanceEventWindowId: string | undefined; -export namespace ModifySecurityGroupRulesResult { /** - * @internal + *

                                                The time ranges of the event window.

                                                */ - export const filterSensitiveLog = (obj: ModifySecurityGroupRulesResult): any => ({ - ...obj, - }); + TimeRanges?: InstanceEventWindowTimeRangeRequest[]; + + /** + *

                                                The cron expression of the event window, for example, * 0-4,20-23 * * 1,5.

                                                + *

                                                Constraints:

                                                + *
                                                  + *
                                                • + *

                                                  Only hour and day of the week values are supported.

                                                  + *
                                                  • + *
                                                • + *

                                                  For day of the week values, you can specify either integers 0 through + * 6, or alternative single values SUN through + * SAT.

                                                  + *
                                                  • + *
                                                • + *

                                                  The minute, month, and year must be specified by *.

                                                  + *
                                                  • + *
                                                • + *

                                                  The hour value must be one or a multiple range, for example, 0-4 or + * 0-4,20-23.

                                                  + *
                                                  • + *
                                                • + *

                                                  Each hour range must be >= 2 hours, for example, 0-2 or + * 20-23.

                                                  + *
                                                  • + *
                                                • + *

                                                  The event window must be >= 4 hours. The combined total time ranges in the event + * window must be >= 4 hours.

                                                  + *
                                                  • + *
                                                + *

                                                For more information about cron expressions, see cron on the Wikipedia + * website.

                                                + */ + CronExpression?: string; } -/** - *

                                                Describes modifications to the list of create volume permissions for a volume.

                                                - */ -export interface CreateVolumePermissionModifications { +export namespace ModifyInstanceEventWindowRequest { /** - *

                                                Adds the specified Amazon Web Services account ID or group to the list.

                                                + * @internal */ - Add?: CreateVolumePermission[]; + export const filterSensitiveLog = (obj: ModifyInstanceEventWindowRequest): any => ({ + ...obj, + }); +} +export interface ModifyInstanceEventWindowResult { /** - *

                                                Removes the specified Amazon Web Services account ID or group from the list.

                                                + *

                                                Information about the event window.

                                                */ - Remove?: CreateVolumePermission[]; + InstanceEventWindow?: InstanceEventWindow; } -export namespace CreateVolumePermissionModifications { +export namespace ModifyInstanceEventWindowResult { /** * @internal */ - export const filterSensitiveLog = (obj: CreateVolumePermissionModifications): any => ({ + export const filterSensitiveLog = (obj: ModifyInstanceEventWindowResult): any => ({ ...obj, }); } -export interface ModifySnapshotAttributeRequest { +export interface ModifyInstanceMetadataOptionsRequest { /** - *

                                                The snapshot attribute to modify. Only volume creation permissions can be modified.

                                                + *

                                                The ID of the instance.

                                                */ - Attribute?: SnapshotAttributeName | string; + InstanceId: string | undefined; /** - *

                                                A JSON representation of the snapshot attribute modification.

                                                + *

                                                The state of token usage for your instance metadata requests. If the parameter is not + * specified in the request, the default state is optional.

                                                + *

                                                If the state is optional, you can choose to retrieve instance metadata + * with or without a signed token header on your request. If you retrieve the IAM role + * credentials without a token, the version 1.0 role credentials are returned. If you + * retrieve the IAM role credentials using a valid signed token, the version 2.0 role + * credentials are returned.

                                                + *

                                                If the state is required, you must send a signed token header with any + * instance metadata retrieval requests. In this state, retrieving the IAM role credential + * always returns the version 2.0 credentials; the version 1.0 credentials are not + * available.

                                                */ - CreateVolumePermission?: CreateVolumePermissionModifications; + HttpTokens?: HttpTokensState | string; /** - *

                                                The group to modify for the snapshot.

                                                + *

                                                The desired HTTP PUT response hop limit for instance metadata requests. The larger the + * number, the further instance metadata requests can travel. If no parameter is specified, the existing state is maintained.

                                                + *

                                                Possible values: Integers from 1 to 64

                                                */ - GroupNames?: string[]; + HttpPutResponseHopLimit?: number; /** - *

                                                The type of operation to perform to the attribute.

                                                + *

                                                This parameter enables or disables the HTTP metadata endpoint on your instances. If + * the parameter is not specified, the existing state is maintained.

                                                + * + *

                                                If you specify a value of disabled, you will not be able to access your + * instance metadata.

                                                + *                                                 */ - OperationType?: OperationType | string; + HttpEndpoint?: InstanceMetadataEndpointState | string; /** - *

                                                The ID of the snapshot.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                */ - SnapshotId: string | undefined; + DryRun?: boolean; /** - *

                                                The account ID to modify for the snapshot.

                                                + *

                                                Enables or disables the IPv6 endpoint for the instance metadata service.

                                                */ - UserIds?: string[]; + HttpProtocolIpv6?: InstanceMetadataProtocolState | string; +} +export namespace ModifyInstanceMetadataOptionsRequest { /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + * @internal */ - DryRun?: boolean; + export const filterSensitiveLog = (obj: ModifyInstanceMetadataOptionsRequest): any => ({ + ...obj, + }); } -export namespace ModifySnapshotAttributeRequest { +export interface ModifyInstanceMetadataOptionsResult { + /** + *

                                                The ID of the instance.

                                                + */ + InstanceId?: string; + + /** + *

                                                The metadata options for the instance.

                                                + */ + InstanceMetadataOptions?: InstanceMetadataOptionsResponse; +} + +export namespace ModifyInstanceMetadataOptionsResult { /** * @internal */ - export const filterSensitiveLog = (obj: ModifySnapshotAttributeRequest): any => ({ + export const filterSensitiveLog = (obj: ModifyInstanceMetadataOptionsResult): any => ({ ...obj, }); } -/** - *

                                                Contains the parameters for ModifySpotFleetRequest.

                                                - */ -export interface ModifySpotFleetRequestRequest { +export type HostTenancy = "dedicated" | "host"; + +export interface ModifyInstancePlacementRequest { /** - *

                                                Indicates whether running Spot Instances should be terminated if the target capacity - * of the Spot Fleet request is decreased below the current size of the Spot Fleet.

                                                + *

                                                The affinity setting for the instance.

                                                */ - ExcessCapacityTerminationPolicy?: ExcessCapacityTerminationPolicy | string; + Affinity?: Affinity | string; /** - *

                                                The launch template and overrides. You can only use this parameter if you specified a - * launch template (LaunchTemplateConfigs) in your Spot Fleet request. If you - * specified LaunchSpecifications in your Spot Fleet request, then omit this - * parameter.

                                                + *

                                                The name of the placement group in which to place the instance. For spread placement + * groups, the instance must have a tenancy of default. For cluster and + * partition placement groups, the instance must have a tenancy of default or + * dedicated.

                                                + *

                                                To remove an instance from a placement group, specify an empty string + * ("").

                                                */ - LaunchTemplateConfigs?: LaunchTemplateConfig[]; + GroupName?: string; /** - *

                                                The ID of the Spot Fleet request.

                                                + *

                                                The ID of the Dedicated Host with which to associate the instance.

                                                */ - SpotFleetRequestId: string | undefined; + HostId?: string; /** - *

                                                The size of the fleet.

                                                + *

                                                The ID of the instance that you are modifying.

                                                */ - TargetCapacity?: number; + InstanceId: string | undefined; /** - *

                                                The number of On-Demand Instances in the fleet.

                                                + *

                                                The tenancy for the instance.

                                                + * + * + *

                                                For T3 instances, you can't change the tenancy from dedicated + * to host, or from host to dedicated. + * Attempting to make one of these unsupported tenancy changes results in the + * InvalidTenancy error code.

                                                + *                                                 */ - OnDemandTargetCapacity?: number; + Tenancy?: HostTenancy | string; /** - *

                                                Reserved.

                                                + *

                                                Reserved for future use.

                                                */ - Context?: string; + PartitionNumber?: number; + + /** + *

                                                The ARN of the host resource group in which to place the instance.

                                                + */ + HostResourceGroupArn?: string; } -export namespace ModifySpotFleetRequestRequest { +export namespace ModifyInstancePlacementRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifySpotFleetRequestRequest): any => ({ + export const filterSensitiveLog = (obj: ModifyInstancePlacementRequest): any => ({ ...obj, }); } -/** - *

                                                Contains the output of ModifySpotFleetRequest.

                                                - */ -export interface ModifySpotFleetRequestResponse { +export interface ModifyInstancePlacementResult { /** *

                                                Is true if the request succeeds, and an error otherwise.

                                                */ Return?: boolean; } -export namespace ModifySpotFleetRequestResponse { +export namespace ModifyInstancePlacementResult { /** * @internal */ - export const filterSensitiveLog = (obj: ModifySpotFleetRequestResponse): any => ({ + export const filterSensitiveLog = (obj: ModifyInstancePlacementResult): any => ({ ...obj, }); } -export interface ModifySubnetAttributeRequest { +export interface ModifyLaunchTemplateRequest { /** - *

                                                Specify true to indicate that network interfaces created in the - * specified subnet should be assigned an IPv6 address. This includes a network interface - * that's created when launching an instance into the subnet (the instance therefore - * receives an IPv6 address).

                                                - *

                                                If you enable the IPv6 addressing feature for your subnet, your network interface - * or instance only receives an IPv6 address if it's created using version - * 2016-11-15 or later of the Amazon EC2 API.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually + * making the request, and provides an error response. If you have the required + * permissions, the error response is DryRunOperation. Otherwise, it is + * UnauthorizedOperation.

                                                */ - AssignIpv6AddressOnCreation?: AttributeBooleanValue; + DryRun?: boolean; /** - *

                                                Specify true to indicate that network interfaces attached to instances created in the - * specified subnet should be assigned a public IPv4 address.

                                                + *

                                                Unique, case-sensitive identifier you provide to ensure the idempotency of the + * request. For more information, see Ensuring + * Idempotency.

                                                + *

                                                Constraint: Maximum 128 ASCII characters.

                                                */ - MapPublicIpOnLaunch?: AttributeBooleanValue; + ClientToken?: string; /** - *

                                                The ID of the subnet.

                                                + *

                                                The ID of the launch template. You must specify either the launch template ID or + * launch template name in the request.

                                                */ - SubnetId: string | undefined; + LaunchTemplateId?: string; /** - *

                                                Specify true to indicate that network interfaces attached to instances created in the - * specified subnet should be assigned a customer-owned IPv4 address.

                                                - *

                                                When this value is true, you must specify the customer-owned IP pool using CustomerOwnedIpv4Pool.

                                                + *

                                                The name of the launch template. You must specify either the launch template ID or + * launch template name in the request.

                                                */ - MapCustomerOwnedIpOnLaunch?: AttributeBooleanValue; + LaunchTemplateName?: string; /** - *

                                                The customer-owned IPv4 address pool associated with the subnet.

                                                - *

                                                You must set this value when you specify true for MapCustomerOwnedIpOnLaunch.

                                                + *

                                                The version number of the launch template to set as the default version.

                                                */ - CustomerOwnedIpv4Pool?: string; + DefaultVersion?: string; } -export namespace ModifySubnetAttributeRequest { +export namespace ModifyLaunchTemplateRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifySubnetAttributeRequest): any => ({ + export const filterSensitiveLog = (obj: ModifyLaunchTemplateRequest): any => ({ ...obj, }); } -export interface ModifyTrafficMirrorFilterNetworkServicesRequest { - /** - *

                                                The ID of the Traffic Mirror filter.

                                                - */ - TrafficMirrorFilterId: string | undefined; - - /** - *

                                                The network service, for example Amazon DNS, that you want to mirror.

                                                - */ - AddNetworkServices?: (TrafficMirrorNetworkService | string)[]; - - /** - *

                                                The network service, for example Amazon DNS, that you no longer want to mirror.

                                                - */ - RemoveNetworkServices?: (TrafficMirrorNetworkService | string)[]; - +export interface ModifyLaunchTemplateResult { /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + *

                                                Information about the launch template.

                                                */ - DryRun?: boolean; + LaunchTemplate?: LaunchTemplate; } -export namespace ModifyTrafficMirrorFilterNetworkServicesRequest { +export namespace ModifyLaunchTemplateResult { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyTrafficMirrorFilterNetworkServicesRequest): any => ({ + export const filterSensitiveLog = (obj: ModifyLaunchTemplateResult): any => ({ ...obj, }); } -export interface ModifyTrafficMirrorFilterNetworkServicesResult { +/** + *

                                                An entry for a prefix list.

                                                + */ +export interface RemovePrefixListEntry { /** - *

                                                The Traffic Mirror filter that the network service is associated with.

                                                + *

                                                The CIDR block.

                                                */ - TrafficMirrorFilter?: TrafficMirrorFilter; + Cidr: string | undefined; } -export namespace ModifyTrafficMirrorFilterNetworkServicesResult { +export namespace RemovePrefixListEntry { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyTrafficMirrorFilterNetworkServicesResult): any => ({ + export const filterSensitiveLog = (obj: RemovePrefixListEntry): any => ({ ...obj, }); } -export type TrafficMirrorFilterRuleField = "description" | "destination-port-range" | "protocol" | "source-port-range"; - -export interface ModifyTrafficMirrorFilterRuleRequest { - /** - *

                                                The ID of the Traffic Mirror rule.

                                                - */ - TrafficMirrorFilterRuleId: string | undefined; - - /** - *

                                                The type of traffic (ingress | egress) to assign to the rule.

                                                - */ - TrafficDirection?: TrafficDirection | string; - - /** - *

                                                The number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given - * direction. The rules are processed in ascending order by rule number.

                                                - */ - RuleNumber?: number; - +export interface ModifyManagedPrefixListRequest { /** - *

                                                The action to assign to the rule.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ - RuleAction?: TrafficMirrorRuleAction | string; + DryRun?: boolean; /** - *

                                                The destination ports that are associated with the Traffic Mirror rule.

                                                + *

                                                The ID of the prefix list.

                                                */ - DestinationPortRange?: TrafficMirrorPortRangeRequest; + PrefixListId: string | undefined; /** - *

                                                The port range to assign to the Traffic Mirror rule.

                                                + *

                                                The current version of the prefix list.

                                                */ - SourcePortRange?: TrafficMirrorPortRangeRequest; + CurrentVersion?: number; /** - *

                                                The protocol, for example TCP, to assign to the Traffic Mirror rule.

                                                + *

                                                A name for the prefix list.

                                                */ - Protocol?: number; + PrefixListName?: string; /** - *

                                                The destination CIDR block to assign to the Traffic Mirror rule.

                                                + *

                                                One or more entries to add to the prefix list.

                                                */ - DestinationCidrBlock?: string; + AddEntries?: AddPrefixListEntry[]; /** - *

                                                The source CIDR block to assign to the Traffic Mirror rule.

                                                + *

                                                One or more entries to remove from the prefix list.

                                                */ - SourceCidrBlock?: string; + RemoveEntries?: RemovePrefixListEntry[]; /** - *

                                                The description to assign to the Traffic Mirror rule.

                                                + *

                                                The maximum number of entries for the prefix list. You cannot modify the entries + * of a prefix list and modify the size of a prefix list at the same time.

                                                + *

                                                If any of the resources that reference the prefix list cannot support the new + * maximum size, the modify operation fails. Check the state message for the IDs of + * the first ten resources that do not support the new maximum size.

                                                */ - Description?: string; + MaxEntries?: number; +} +export namespace ModifyManagedPrefixListRequest { /** - *

                                                The properties that you want to remove from the Traffic Mirror filter rule.

                                                - *

                                                When you remove a property from a Traffic Mirror filter rule, the property is set to the default.

                                                + * @internal */ - RemoveFields?: (TrafficMirrorFilterRuleField | string)[]; + export const filterSensitiveLog = (obj: ModifyManagedPrefixListRequest): any => ({ + ...obj, + }); +} +export interface ModifyManagedPrefixListResult { /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + *

                                                Information about the prefix list.

                                                */ - DryRun?: boolean; + PrefixList?: ManagedPrefixList; } -export namespace ModifyTrafficMirrorFilterRuleRequest { +export namespace ModifyManagedPrefixListResult { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyTrafficMirrorFilterRuleRequest): any => ({ + export const filterSensitiveLog = (obj: ModifyManagedPrefixListResult): any => ({ ...obj, }); } -export interface ModifyTrafficMirrorFilterRuleResult { +/** + *

                                                Describes an attachment change.

                                                + */ +export interface NetworkInterfaceAttachmentChanges { /** - *

                                                Modifies a Traffic Mirror rule.

                                                + *

                                                The ID of the network interface attachment.

                                                */ - TrafficMirrorFilterRule?: TrafficMirrorFilterRule; + AttachmentId?: string; + + /** + *

                                                Indicates whether the network interface is deleted when the instance is terminated.

                                                + */ + DeleteOnTermination?: boolean; } -export namespace ModifyTrafficMirrorFilterRuleResult { +export namespace NetworkInterfaceAttachmentChanges { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyTrafficMirrorFilterRuleResult): any => ({ + export const filterSensitiveLog = (obj: NetworkInterfaceAttachmentChanges): any => ({ ...obj, }); } -export type TrafficMirrorSessionField = "description" | "packet-length" | "virtual-network-id"; +/** + *

                                                Contains the parameters for ModifyNetworkInterfaceAttribute.

                                                + */ +export interface ModifyNetworkInterfaceAttributeRequest { + /** + *

                                                Information about the interface attachment. If modifying the 'delete on termination' attribute, you must specify the ID of the interface attachment.

                                                + */ + Attachment?: NetworkInterfaceAttachmentChanges; -export interface ModifyTrafficMirrorSessionRequest { /** - *

                                                The ID of the Traffic Mirror session.

                                                + *

                                                A description for the network interface.

                                                */ - TrafficMirrorSessionId: string | undefined; + Description?: AttributeValue; /** - *

                                                The Traffic Mirror target. The target must be in the same VPC as the source, or have a VPC peering connection with the source.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ - TrafficMirrorTargetId?: string; + DryRun?: boolean; /** - *

                                                The ID of the Traffic Mirror filter.

                                                + *

                                                Changes the security groups for the network interface. The new set of groups you specify replaces the current set. You must specify at least one group, even if it's just the default security group in the VPC. You must specify the ID of the security group, not the name.

                                                */ - TrafficMirrorFilterId?: string; + Groups?: string[]; /** - *

                                                The number of bytes in each packet to mirror. These are bytes after the VXLAN header. To mirror a subset, set this to the length (in bytes) to mirror. For example, if you set this value to 100, then the first 100 bytes that meet the filter criteria are copied to the target. Do not specify this parameter when you want to mirror the entire packet.

                                                + *

                                                The ID of the network interface.

                                                */ - PacketLength?: number; + NetworkInterfaceId: string | undefined; /** - *

                                                The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.

                                                - *

                                                Valid values are 1-32766.

                                                + *

                                                Enable or disable source/destination checks, which ensure that the instance + * is either the source or the destination of any traffic that it receives. + * If the value is true, source/destination checks are enabled; + * otherwise, they are disabled. The default value is true. + * You must disable source/destination checks if the instance runs services + * such as network address translation, routing, or firewalls.

                                                */ - SessionNumber?: number; + SourceDestCheck?: AttributeBooleanValue; +} +export namespace ModifyNetworkInterfaceAttributeRequest { /** - *

                                                The virtual network ID of the Traffic Mirror session.

                                                + * @internal */ - VirtualNetworkId?: number; + export const filterSensitiveLog = (obj: ModifyNetworkInterfaceAttributeRequest): any => ({ + ...obj, + }); +} +/** + *

                                                Contains the parameters for ModifyReservedInstances.

                                                + */ +export interface ModifyReservedInstancesRequest { /** - *

                                                The description to assign to the Traffic Mirror session.

                                                + *

                                                The IDs of the Reserved Instances to modify.

                                                */ - Description?: string; + ReservedInstancesIds: string[] | undefined; /** - *

                                                The properties that you want to remove from the Traffic Mirror session.

                                                - *

                                                When you remove a property from a Traffic Mirror session, the property is set to the default.

                                                + *

                                                A unique, case-sensitive token you provide to ensure idempotency of your modification request. For more information, see + * Ensuring Idempotency.

                                                */ - RemoveFields?: (TrafficMirrorSessionField | string)[]; + ClientToken?: string; /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + *

                                                The configuration settings for the Reserved Instances to modify.

                                                */ - DryRun?: boolean; + TargetConfigurations: ReservedInstancesConfiguration[] | undefined; } -export namespace ModifyTrafficMirrorSessionRequest { +export namespace ModifyReservedInstancesRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyTrafficMirrorSessionRequest): any => ({ + export const filterSensitiveLog = (obj: ModifyReservedInstancesRequest): any => ({ ...obj, }); } -export interface ModifyTrafficMirrorSessionResult { +/** + *

                                                Contains the output of ModifyReservedInstances.

                                                + */ +export interface ModifyReservedInstancesResult { /** - *

                                                Information about the Traffic Mirror session.

                                                + *

                                                The ID for the modification.

                                                */ - TrafficMirrorSession?: TrafficMirrorSession; + ReservedInstancesModificationId?: string; } -export namespace ModifyTrafficMirrorSessionResult { +export namespace ModifyReservedInstancesResult { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyTrafficMirrorSessionResult): any => ({ + export const filterSensitiveLog = (obj: ModifyReservedInstancesResult): any => ({ ...obj, }); } /** - *

                                                The transit gateway options.

                                                + *

                                                Describes a security group rule.

                                                + *

                                                You must specify exactly one of the following parameters, based on the rule type:

                                                + *
                                                  + *
                                                • + *

                                                  CidrIpv4

                                                  + *
                                                  • + *
                                                • + *

                                                  CidrIpv6

                                                  + *
                                                  • + *
                                                • + *

                                                  PrefixListId

                                                  + *
                                                  • + *
                                                • + *

                                                  ReferencedGroupId

                                                  + *
                                                  • + *
                                                + *

                                                When you modify a rule, you cannot change the rule type. For example, if the rule + * uses an IPv4 address range, you must use CidrIpv4 to specify a new IPv4 + * address range.

                                                */ -export interface ModifyTransitGatewayOptions { - /** - *

                                                Adds IPv4 or IPv6 CIDR blocks for the transit gateway. Must be a size /24 CIDR block or larger for IPv4, or a size /64 CIDR block or larger for IPv6.

                                                - */ - AddTransitGatewayCidrBlocks?: string[]; - +export interface SecurityGroupRuleRequest { /** - *

                                                Removes CIDR blocks for the transit gateway.

                                                + *

                                                The IP protocol name (tcp, udp, icmp, + * icmpv6) or number (see Protocol Numbers).

                                                + *

                                                Use -1 to specify all protocols.

                                                */ - RemoveTransitGatewayCidrBlocks?: string[]; + IpProtocol?: string; /** - *

                                                Enable or disable Equal Cost Multipath Protocol support.

                                                + *

                                                The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.

                                                */ - VpnEcmpSupport?: VpnEcmpSupportValue | string; + FromPort?: number; /** - *

                                                Enable or disable DNS support.

                                                + *

                                                The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.

                                                */ - DnsSupport?: DnsSupportValue | string; + ToPort?: number; /** - *

                                                Enable or disable automatic acceptance of attachment requests.

                                                + *

                                                The IPv4 CIDR range. To specify a single IPv4 address, use the /32 prefix length.

                                                */ - AutoAcceptSharedAttachments?: AutoAcceptSharedAttachmentsValue | string; + CidrIpv4?: string; /** - *

                                                Enable or disable automatic association with the default association route table.

                                                + *

                                                The IPv6 CIDR range. To specify a single IPv6 address, use the /128 prefix length.

                                                */ - DefaultRouteTableAssociation?: DefaultRouteTableAssociationValue | string; + CidrIpv6?: string; /** - *

                                                The ID of the default association route table.

                                                + *

                                                The ID of the prefix list.

                                                */ - AssociationDefaultRouteTableId?: string; + PrefixListId?: string; /** - *

                                                Enable or disable automatic propagation of routes to the default propagation route table.

                                                + *

                                                The ID of the security group that is referenced in the security group rule.

                                                */ - DefaultRouteTablePropagation?: DefaultRouteTablePropagationValue | string; + ReferencedGroupId?: string; /** - *

                                                The ID of the default propagation route table.

                                                + *

                                                The description of the security group rule.

                                                */ - PropagationDefaultRouteTableId?: string; + Description?: string; } -export namespace ModifyTransitGatewayOptions { +export namespace SecurityGroupRuleRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyTransitGatewayOptions): any => ({ + export const filterSensitiveLog = (obj: SecurityGroupRuleRequest): any => ({ ...obj, }); } -export interface ModifyTransitGatewayRequest { +/** + *

                                                Describes an update to a security group rule.

                                                + */ +export interface SecurityGroupRuleUpdate { + /** + *

                                                The ID of the security group rule.

                                                + */ + SecurityGroupRuleId?: string; + + /** + *

                                                Information about the security group rule.

                                                + */ + SecurityGroupRule?: SecurityGroupRuleRequest; +} + +export namespace SecurityGroupRuleUpdate { /** - *

                                                The ID of the transit gateway.

                                                + * @internal */ - TransitGatewayId: string | undefined; + export const filterSensitiveLog = (obj: SecurityGroupRuleUpdate): any => ({ + ...obj, + }); +} +export interface ModifySecurityGroupRulesRequest { /** - *

                                                The description for the transit gateway.

                                                + *

                                                The ID of the security group.

                                                */ - Description?: string; + GroupId: string | undefined; /** - *

                                                The options to modify.

                                                + *

                                                Information about the security group properties to update.

                                                */ - Options?: ModifyTransitGatewayOptions; + SecurityGroupRules: SecurityGroupRuleUpdate[] | undefined; /** *

                                                Checks whether you have the required permissions for the action, without actually making the request, @@ -9043,290 +9264,231 @@ export interface ModifyTransitGatewayRequest { DryRun?: boolean; } -export namespace ModifyTransitGatewayRequest { +export namespace ModifySecurityGroupRulesRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyTransitGatewayRequest): any => ({ + export const filterSensitiveLog = (obj: ModifySecurityGroupRulesRequest): any => ({ ...obj, }); } -export interface ModifyTransitGatewayResult { +export interface ModifySecurityGroupRulesResult { /** - *

                                                Describes a transit gateway.

                                                + *

                                                Returns true if the request succeeds; otherwise, returns an error.

                                                */ - TransitGateway?: TransitGateway; + Return?: boolean; } -export namespace ModifyTransitGatewayResult { +export namespace ModifySecurityGroupRulesResult { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyTransitGatewayResult): any => ({ + export const filterSensitiveLog = (obj: ModifySecurityGroupRulesResult): any => ({ ...obj, }); } -export interface ModifyTransitGatewayPrefixListReferenceRequest { - /** - *

                                                The ID of the transit gateway route table.

                                                - */ - TransitGatewayRouteTableId: string | undefined; - +/** + *

                                                Describes modifications to the list of create volume permissions for a volume.

                                                + */ +export interface CreateVolumePermissionModifications { /** - *

                                                The ID of the prefix list.

                                                + *

                                                Adds the specified Amazon Web Services account ID or group to the list.

                                                */ - PrefixListId: string | undefined; + Add?: CreateVolumePermission[]; /** - *

                                                The ID of the attachment to which traffic is routed.

                                                + *

                                                Removes the specified Amazon Web Services account ID or group from the list.

                                                */ - TransitGatewayAttachmentId?: string; + Remove?: CreateVolumePermission[]; +} +export namespace CreateVolumePermissionModifications { /** - *

                                                Indicates whether to drop traffic that matches this route.

                                                + * @internal */ - Blackhole?: boolean; + export const filterSensitiveLog = (obj: CreateVolumePermissionModifications): any => ({ + ...obj, + }); +} +export interface ModifySnapshotAttributeRequest { /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + *

                                                The snapshot attribute to modify. Only volume creation permissions can be modified.

                                                */ - DryRun?: boolean; -} + Attribute?: SnapshotAttributeName | string; -export namespace ModifyTransitGatewayPrefixListReferenceRequest { /** - * @internal + *

                                                A JSON representation of the snapshot attribute modification.

                                                */ - export const filterSensitiveLog = (obj: ModifyTransitGatewayPrefixListReferenceRequest): any => ({ - ...obj, - }); -} + CreateVolumePermission?: CreateVolumePermissionModifications; -export interface ModifyTransitGatewayPrefixListReferenceResult { /** - *

                                                Information about the prefix list reference.

                                                + *

                                                The group to modify for the snapshot.

                                                */ - TransitGatewayPrefixListReference?: TransitGatewayPrefixListReference; -} + GroupNames?: string[]; -export namespace ModifyTransitGatewayPrefixListReferenceResult { /** - * @internal + *

                                                The type of operation to perform to the attribute.

                                                */ - export const filterSensitiveLog = (obj: ModifyTransitGatewayPrefixListReferenceResult): any => ({ - ...obj, - }); -} + OperationType?: OperationType | string; -/** - *

                                                Describes the options for a VPC attachment.

                                                - */ -export interface ModifyTransitGatewayVpcAttachmentRequestOptions { /** - *

                                                Enable or disable DNS support. The default is enable.

                                                + *

                                                The ID of the snapshot.

                                                */ - DnsSupport?: DnsSupportValue | string; + SnapshotId: string | undefined; /** - *

                                                Enable or disable IPv6 support. The default is enable.

                                                + *

                                                The account ID to modify for the snapshot.

                                                */ - Ipv6Support?: Ipv6SupportValue | string; + UserIds?: string[]; /** - *

                                                Enable or disable support for appliance mode. If enabled, a traffic flow between a source and destination uses the same Availability Zone for the VPC attachment for the lifetime of that flow. The default is disable.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ - ApplianceModeSupport?: ApplianceModeSupportValue | string; + DryRun?: boolean; } -export namespace ModifyTransitGatewayVpcAttachmentRequestOptions { +export namespace ModifySnapshotAttributeRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyTransitGatewayVpcAttachmentRequestOptions): any => ({ + export const filterSensitiveLog = (obj: ModifySnapshotAttributeRequest): any => ({ ...obj, }); } -export interface ModifyTransitGatewayVpcAttachmentRequest { +/** + *

                                                Contains the parameters for ModifySpotFleetRequest.

                                                + */ +export interface ModifySpotFleetRequestRequest { /** - *

                                                The ID of the attachment.

                                                + *

                                                Indicates whether running Spot Instances should be terminated if the target capacity + * of the Spot Fleet request is decreased below the current size of the Spot Fleet.

                                                */ - TransitGatewayAttachmentId: string | undefined; + ExcessCapacityTerminationPolicy?: ExcessCapacityTerminationPolicy | string; /** - *

                                                The IDs of one or more subnets to add. You can specify at most one subnet per Availability Zone.

                                                + *

                                                The launch template and overrides. You can only use this parameter if you specified a + * launch template (LaunchTemplateConfigs) in your Spot Fleet request. If you + * specified LaunchSpecifications in your Spot Fleet request, then omit this + * parameter.

                                                */ - AddSubnetIds?: string[]; + LaunchTemplateConfigs?: LaunchTemplateConfig[]; /** - *

                                                The IDs of one or more subnets to remove.

                                                + *

                                                The ID of the Spot Fleet request.

                                                */ - RemoveSubnetIds?: string[]; + SpotFleetRequestId: string | undefined; /** - *

                                                The new VPC attachment options.

                                                + *

                                                The size of the fleet.

                                                */ - Options?: ModifyTransitGatewayVpcAttachmentRequestOptions; + TargetCapacity?: number; /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + *

                                                The number of On-Demand Instances in the fleet.

                                                */ - DryRun?: boolean; + OnDemandTargetCapacity?: number; + + /** + *

                                                Reserved.

                                                + */ + Context?: string; } -export namespace ModifyTransitGatewayVpcAttachmentRequest { +export namespace ModifySpotFleetRequestRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyTransitGatewayVpcAttachmentRequest): any => ({ + export const filterSensitiveLog = (obj: ModifySpotFleetRequestRequest): any => ({ ...obj, }); } -export interface ModifyTransitGatewayVpcAttachmentResult { +/** + *

                                                Contains the output of ModifySpotFleetRequest.

                                                + */ +export interface ModifySpotFleetRequestResponse { /** - *

                                                Information about the modified attachment.

                                                + *

                                                Is true if the request succeeds, and an error otherwise.

                                                */ - TransitGatewayVpcAttachment?: TransitGatewayVpcAttachment; + Return?: boolean; } -export namespace ModifyTransitGatewayVpcAttachmentResult { +export namespace ModifySpotFleetRequestResponse { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyTransitGatewayVpcAttachmentResult): any => ({ + export const filterSensitiveLog = (obj: ModifySpotFleetRequestResponse): any => ({ ...obj, }); } -export interface ModifyVolumeRequest { - /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                - */ - DryRun?: boolean; - - /** - *

                                                The ID of the volume.

                                                - */ - VolumeId: string | undefined; - +export interface ModifySubnetAttributeRequest { /** - *

                                                The target size of the volume, in GiB. The target volume size must be greater than or - * equal to the existing size of the volume.

                                                - *

                                                The following are the supported volumes sizes for each volume type:

                                                - *
                                                  - *
                                                • - *

                                                  - * gp2 and gp3: 1-16,384

                                                  - *
                                                  • - *
                                                • - *

                                                  - * io1 and io2: 4-16,384

                                                  - *
                                                  • - *
                                                • - *

                                                  - * st1 and sc1: 125-16,384

                                                  - *
                                                  • - *
                                                • - *

                                                  - * standard: 1-1,024

                                                  - *
                                                  • - *
                                                - *

                                                Default: The existing size is retained.

                                                + *

                                                Specify true to indicate that network interfaces created in the + * specified subnet should be assigned an IPv6 address. This includes a network interface + * that's created when launching an instance into the subnet (the instance therefore + * receives an IPv6 address).

                                                + *

                                                If you enable the IPv6 addressing feature for your subnet, your network interface + * or instance only receives an IPv6 address if it's created using version + * 2016-11-15 or later of the Amazon EC2 API.

                                                */ - Size?: number; + AssignIpv6AddressOnCreation?: AttributeBooleanValue; /** - *

                                                The target EBS volume type of the volume. For more information, see Amazon EBS volume types in the Amazon Elastic Compute Cloud User Guide.

                                                - *

                                                Default: The existing type is retained.

                                                + *

                                                Specify true to indicate that network interfaces attached to instances created in the + * specified subnet should be assigned a public IPv4 address.

                                                */ - VolumeType?: VolumeType | string; + MapPublicIpOnLaunch?: AttributeBooleanValue; /** - *

                                                The target IOPS rate of the volume. This parameter is valid only for gp3, io1, and io2 volumes.

                                                - *

                                                The following are the supported values for each volume type:

                                                - *
                                                  - *
                                                • - *

                                                  - * gp3: 3,000-16,000 IOPS

                                                  - *
                                                  • - *
                                                • - *

                                                  - * io1: 100-64,000 IOPS

                                                  - *
                                                  • - *
                                                • - *

                                                  - * io2: 100-64,000 IOPS

                                                  - *
                                                  • - *
                                                - *

                                                Default: The existing value is retained if you keep the same volume type. If you change - * the volume type to io1, io2, or gp3, the default is 3,000.

                                                + *

                                                The ID of the subnet.

                                                */ - Iops?: number; + SubnetId: string | undefined; /** - *

                                                The target throughput of the volume, in MiB/s. This parameter is valid only for gp3 volumes. - * The maximum value is 1,000.

                                                - *

                                                Default: The existing value is retained if the source and target volume type is gp3. - * Otherwise, the default value is 125.

                                                - *

                                                Valid Range: Minimum value of 125. Maximum value of 1000.

                                                + *

                                                Specify true to indicate that network interfaces attached to instances created in the + * specified subnet should be assigned a customer-owned IPv4 address.

                                                + *

                                                When this value is true, you must specify the customer-owned IP pool using CustomerOwnedIpv4Pool.

                                                */ - Throughput?: number; + MapCustomerOwnedIpOnLaunch?: AttributeBooleanValue; /** - *

                                                Specifies whether to enable Amazon EBS Multi-Attach. If you enable Multi-Attach, you can attach the - * volume to up to 16 - * Nitro-based instances in the same Availability Zone. This parameter is - * supported with io1 and io2 volumes only. For more information, see - * - * Amazon EBS Multi-Attach in the Amazon Elastic Compute Cloud User Guide.

                                                + *

                                                The customer-owned IPv4 address pool associated with the subnet.

                                                + *

                                                You must set this value when you specify true for MapCustomerOwnedIpOnLaunch.

                                                */ - MultiAttachEnabled?: boolean; + CustomerOwnedIpv4Pool?: string; } -export namespace ModifyVolumeRequest { +export namespace ModifySubnetAttributeRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyVolumeRequest): any => ({ + export const filterSensitiveLog = (obj: ModifySubnetAttributeRequest): any => ({ ...obj, }); } -export interface ModifyVolumeResult { - /** - *

                                                Information about the volume modification.

                                                - */ - VolumeModification?: VolumeModification; -} - -export namespace ModifyVolumeResult { +export interface ModifyTrafficMirrorFilterNetworkServicesRequest { /** - * @internal + *

                                                The ID of the Traffic Mirror filter.

                                                */ - export const filterSensitiveLog = (obj: ModifyVolumeResult): any => ({ - ...obj, - }); -} + TrafficMirrorFilterId: string | undefined; -export interface ModifyVolumeAttributeRequest { /** - *

                                                Indicates whether the volume should be auto-enabled for I/O operations.

                                                + *

                                                The network service, for example Amazon DNS, that you want to mirror.

                                                */ - AutoEnableIO?: AttributeBooleanValue; + AddNetworkServices?: (TrafficMirrorNetworkService | string)[]; /** - *

                                                The ID of the volume.

                                                + *

                                                The network service, for example Amazon DNS, that you no longer want to mirror.

                                                */ - VolumeId: string | undefined; + RemoveNetworkServices?: (TrafficMirrorNetworkService | string)[]; /** *

                                                Checks whether you have the required permissions for the action, without actually making the request, @@ -9336,183 +9498,182 @@ export interface ModifyVolumeAttributeRequest { DryRun?: boolean; } -export namespace ModifyVolumeAttributeRequest { +export namespace ModifyTrafficMirrorFilterNetworkServicesRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyVolumeAttributeRequest): any => ({ + export const filterSensitiveLog = (obj: ModifyTrafficMirrorFilterNetworkServicesRequest): any => ({ ...obj, }); } -export interface ModifyVpcAttributeRequest { - /** - *

                                                Indicates whether the instances launched in the VPC get DNS hostnames. If enabled, instances in the VPC get DNS hostnames; otherwise, they do not.

                                                - *

                                                You cannot modify the DNS resolution and DNS hostnames attributes in the same request. Use separate requests for each attribute. You can only enable DNS hostnames if you've enabled DNS support.

                                                - */ - EnableDnsHostnames?: AttributeBooleanValue; - - /** - *

                                                Indicates whether the DNS resolution is supported for the VPC. If enabled, queries to - * the Amazon provided DNS server at the 169.254.169.253 IP address, or the reserved IP - * address at the base of the VPC network range "plus two" succeed. If disabled, the Amazon - * provided DNS service in the VPC that resolves public DNS hostnames to IP addresses is - * not enabled.

                                                - *

                                                You cannot modify the DNS resolution and DNS hostnames attributes in the same request. Use separate requests for each attribute.

                                                - */ - EnableDnsSupport?: AttributeBooleanValue; - +export interface ModifyTrafficMirrorFilterNetworkServicesResult { /** - *

                                                The ID of the VPC.

                                                + *

                                                The Traffic Mirror filter that the network service is associated with.

                                                */ - VpcId: string | undefined; + TrafficMirrorFilter?: TrafficMirrorFilter; } -export namespace ModifyVpcAttributeRequest { +export namespace ModifyTrafficMirrorFilterNetworkServicesResult { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyVpcAttributeRequest): any => ({ + export const filterSensitiveLog = (obj: ModifyTrafficMirrorFilterNetworkServicesResult): any => ({ ...obj, }); } -/** - *

                                                Contains the parameters for ModifyVpcEndpoint.

                                                - */ -export interface ModifyVpcEndpointRequest { +export type TrafficMirrorFilterRuleField = "description" | "destination-port-range" | "protocol" | "source-port-range"; + +export interface ModifyTrafficMirrorFilterRuleRequest { /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + *

                                                The ID of the Traffic Mirror rule.

                                                */ - DryRun?: boolean; + TrafficMirrorFilterRuleId: string | undefined; + + /** + *

                                                The type of traffic (ingress | egress) to assign to the rule.

                                                + */ + TrafficDirection?: TrafficDirection | string; /** - *

                                                The ID of the endpoint.

                                                + *

                                                The number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given + * direction. The rules are processed in ascending order by rule number.

                                                */ - VpcEndpointId: string | undefined; + RuleNumber?: number; /** - *

                                                (Gateway endpoint) Specify true to reset the policy document to the - * default policy. The default policy allows full access to the service.

                                                + *

                                                The action to assign to the rule.

                                                */ - ResetPolicy?: boolean; + RuleAction?: TrafficMirrorRuleAction | string; /** - *

                                                (Interface and gateway endpoints) A policy to attach to the endpoint that controls access to the service. The policy must - * be in valid JSON format.

                                                + *

                                                The destination ports that are associated with the Traffic Mirror rule.

                                                */ - PolicyDocument?: string; + DestinationPortRange?: TrafficMirrorPortRangeRequest; /** - *

                                                (Gateway endpoint) One or more route tables IDs to associate with the endpoint.

                                                + *

                                                The port range to assign to the Traffic Mirror rule.

                                                */ - AddRouteTableIds?: string[]; + SourcePortRange?: TrafficMirrorPortRangeRequest; /** - *

                                                (Gateway endpoint) One or more route table IDs to disassociate from the endpoint.

                                                + *

                                                The protocol, for example TCP, to assign to the Traffic Mirror rule.

                                                */ - RemoveRouteTableIds?: string[]; + Protocol?: number; /** - *

                                                (Interface and Gateway Load Balancer endpoints) One or more subnet IDs in which to serve the endpoint. For a Gateway Load Balancer endpoint, you can specify only one subnet.

                                                + *

                                                The destination CIDR block to assign to the Traffic Mirror rule.

                                                */ - AddSubnetIds?: string[]; + DestinationCidrBlock?: string; /** - *

                                                (Interface endpoint) One or more subnets IDs in which to remove the endpoint.

                                                + *

                                                The source CIDR block to assign to the Traffic Mirror rule.

                                                */ - RemoveSubnetIds?: string[]; + SourceCidrBlock?: string; /** - *

                                                (Interface endpoint) One or more security group IDs to associate with the network interface.

                                                + *

                                                The description to assign to the Traffic Mirror rule.

                                                */ - AddSecurityGroupIds?: string[]; + Description?: string; /** - *

                                                (Interface endpoint) One or more security group IDs to disassociate from the network interface.

                                                + *

                                                The properties that you want to remove from the Traffic Mirror filter rule.

                                                + *

                                                When you remove a property from a Traffic Mirror filter rule, the property is set to the default.

                                                */ - RemoveSecurityGroupIds?: string[]; + RemoveFields?: (TrafficMirrorFilterRuleField | string)[]; /** - *

                                                (Interface endpoint) Indicates whether a private hosted zone is associated with the - * VPC.

                                                + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                */ - PrivateDnsEnabled?: boolean; + DryRun?: boolean; } -export namespace ModifyVpcEndpointRequest { +export namespace ModifyTrafficMirrorFilterRuleRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyVpcEndpointRequest): any => ({ + export const filterSensitiveLog = (obj: ModifyTrafficMirrorFilterRuleRequest): any => ({ ...obj, }); } -export interface ModifyVpcEndpointResult { +export interface ModifyTrafficMirrorFilterRuleResult { /** - *

                                                Returns true if the request succeeds; otherwise, it returns an error.

                                                + *

                                                Modifies a Traffic Mirror rule.

                                                */ - Return?: boolean; + TrafficMirrorFilterRule?: TrafficMirrorFilterRule; } -export namespace ModifyVpcEndpointResult { +export namespace ModifyTrafficMirrorFilterRuleResult { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyVpcEndpointResult): any => ({ + export const filterSensitiveLog = (obj: ModifyTrafficMirrorFilterRuleResult): any => ({ ...obj, }); } -export interface ModifyVpcEndpointConnectionNotificationRequest { +export type TrafficMirrorSessionField = "description" | "packet-length" | "virtual-network-id"; + +export interface ModifyTrafficMirrorSessionRequest { /** - *

                                                Checks whether you have the required permissions for the action, without actually making the request, - * and provides an error response. If you have the required permissions, the error response is DryRunOperation. - * Otherwise, it is UnauthorizedOperation.

                                                + *

                                                The ID of the Traffic Mirror session.

                                                */ - DryRun?: boolean; + TrafficMirrorSessionId: string | undefined; /** - *

                                                The ID of the notification.

                                                + *

                                                The Traffic Mirror target. The target must be in the same VPC as the source, or have a VPC peering connection with the source.

                                                + */ + TrafficMirrorTargetId?: string; + + /** + *

                                                The ID of the Traffic Mirror filter.

                                                */ - ConnectionNotificationId: string | undefined; + TrafficMirrorFilterId?: string; /** - *

                                                The ARN for the SNS topic for the notification.

                                                + *

                                                The number of bytes in each packet to mirror. These are bytes after the VXLAN header. To mirror a subset, set this to the length (in bytes) to mirror. For example, if you set this value to 100, then the first 100 bytes that meet the filter criteria are copied to the target. Do not specify this parameter when you want to mirror the entire packet.

                                                */ - ConnectionNotificationArn?: string; + PacketLength?: number; /** - *

                                                One or more events for the endpoint. Valid values are Accept, - * Connect, Delete, and Reject.

                                                + *

                                                The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.

                                                + *

                                                Valid values are 1-32766.

                                                */ - ConnectionEvents?: string[]; -} + SessionNumber?: number; -export namespace ModifyVpcEndpointConnectionNotificationRequest { /** - * @internal + *

                                                The virtual network ID of the Traffic Mirror session.

                                                */ - export const filterSensitiveLog = (obj: ModifyVpcEndpointConnectionNotificationRequest): any => ({ - ...obj, - }); -} + VirtualNetworkId?: number; -export interface ModifyVpcEndpointConnectionNotificationResult { /** - *

                                                Returns true if the request succeeds; otherwise, it returns an error.

                                                + *

                                                The description to assign to the Traffic Mirror session.

                                                */ - ReturnValue?: boolean; + Description?: string; + + /** + *

                                                The properties that you want to remove from the Traffic Mirror session.

                                                + *

                                                When you remove a property from a Traffic Mirror session, the property is set to the default.

                                                + */ + RemoveFields?: (TrafficMirrorSessionField | string)[]; + + /** + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                + */ + DryRun?: boolean; } -export namespace ModifyVpcEndpointConnectionNotificationResult { +export namespace ModifyTrafficMirrorSessionRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ModifyVpcEndpointConnectionNotificationResult): any => ({ + export const filterSensitiveLog = (obj: ModifyTrafficMirrorSessionRequest): any => ({ ...obj, }); } diff --git a/clients/client-ec2/src/models/models_5.ts b/clients/client-ec2/src/models/models_5.ts index deb426343d87..dd36a9019e5a 100644 --- a/clients/client-ec2/src/models/models_5.ts +++ b/clients/client-ec2/src/models/models_5.ts @@ -2,13 +2,16 @@ import { _InstanceType, AddressAttribute, AddressAttributeName, + ApplianceModeSupportValue, BlockDeviceMapping, ByoipCidr, ClientVpnAuthorizationRuleStatus, CurrencyCodeValues, + DnsSupportValue, IamInstanceProfileAssociation, IamInstanceProfileSpecification, IpPermission, + Ipv6SupportValue, Placement, RouteTableAssociationState, TagSpecification, @@ -17,9 +20,13 @@ import { TransitGatewayPeeringAttachment, TransitGatewayVpcAttachment, UnsuccessfulItem, + VolumeType, } from "./models_0"; import { + AutoAcceptSharedAttachmentsValue, CreditSpecificationRequest, + DefaultRouteTableAssociationValue, + DefaultRouteTablePropagationValue, ElasticGpuSpecification, IcmpTypeCode, IKEVersionsRequestListValue, @@ -38,19 +45,24 @@ import { RuleAction, ShutdownBehavior, SpotInstanceType, + TrafficMirrorSession, + TransitGateway, + TransitGatewayPrefixListReference, TransitGatewayRoute, - VpnConnection, + VpnEcmpSupportValue, } from "./models_1"; import { ArchitectureValues, BootModeValues, ClientVpnConnectionStatus, Filter, - InstanceAttributeName, InstanceTagNotificationAttribute, + VpnConnection, } from "./models_2"; import { + AttributeBooleanValue, HttpTokensState, + InstanceAttributeName, InstanceMetadataEndpointState, InstanceMetadataProtocolState, InstanceNetworkInterfaceSpecification, @@ -64,7 +76,580 @@ import { SpotInstanceRequest, SpotPlacement, } from "./models_3"; -import { CapacityReservationSpecification, Purchase } from "./models_4"; +import { CapacityReservationSpecification, Purchase, VolumeModification } from "./models_4"; + +export interface ModifyTrafficMirrorSessionResult { + /** + *

                                                Information about the Traffic Mirror session.

                                                + */ + TrafficMirrorSession?: TrafficMirrorSession; +} + +export namespace ModifyTrafficMirrorSessionResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ModifyTrafficMirrorSessionResult): any => ({ + ...obj, + }); +} + +/** + *

                                                The transit gateway options.

                                                + */ +export interface ModifyTransitGatewayOptions { + /** + *

                                                Adds IPv4 or IPv6 CIDR blocks for the transit gateway. Must be a size /24 CIDR block or larger for IPv4, or a size /64 CIDR block or larger for IPv6.

                                                + */ + AddTransitGatewayCidrBlocks?: string[]; + + /** + *

                                                Removes CIDR blocks for the transit gateway.

                                                + */ + RemoveTransitGatewayCidrBlocks?: string[]; + + /** + *

                                                Enable or disable Equal Cost Multipath Protocol support.

                                                + */ + VpnEcmpSupport?: VpnEcmpSupportValue | string; + + /** + *

                                                Enable or disable DNS support.

                                                + */ + DnsSupport?: DnsSupportValue | string; + + /** + *

                                                Enable or disable automatic acceptance of attachment requests.

                                                + */ + AutoAcceptSharedAttachments?: AutoAcceptSharedAttachmentsValue | string; + + /** + *

                                                Enable or disable automatic association with the default association route table.

                                                + */ + DefaultRouteTableAssociation?: DefaultRouteTableAssociationValue | string; + + /** + *

                                                The ID of the default association route table.

                                                + */ + AssociationDefaultRouteTableId?: string; + + /** + *

                                                Enable or disable automatic propagation of routes to the default propagation route table.

                                                + */ + DefaultRouteTablePropagation?: DefaultRouteTablePropagationValue | string; + + /** + *

                                                The ID of the default propagation route table.

                                                + */ + PropagationDefaultRouteTableId?: string; +} + +export namespace ModifyTransitGatewayOptions { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ModifyTransitGatewayOptions): any => ({ + ...obj, + }); +} + +export interface ModifyTransitGatewayRequest { + /** + *

                                                The ID of the transit gateway.

                                                + */ + TransitGatewayId: string | undefined; + + /** + *

                                                The description for the transit gateway.

                                                + */ + Description?: string; + + /** + *

                                                The options to modify.

                                                + */ + Options?: ModifyTransitGatewayOptions; + + /** + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                + */ + DryRun?: boolean; +} + +export namespace ModifyTransitGatewayRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ModifyTransitGatewayRequest): any => ({ + ...obj, + }); +} + +export interface ModifyTransitGatewayResult { + /** + *

                                                Describes a transit gateway.

                                                + */ + TransitGateway?: TransitGateway; +} + +export namespace ModifyTransitGatewayResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ModifyTransitGatewayResult): any => ({ + ...obj, + }); +} + +export interface ModifyTransitGatewayPrefixListReferenceRequest { + /** + *

                                                The ID of the transit gateway route table.

                                                + */ + TransitGatewayRouteTableId: string | undefined; + + /** + *

                                                The ID of the prefix list.

                                                + */ + PrefixListId: string | undefined; + + /** + *

                                                The ID of the attachment to which traffic is routed.

                                                + */ + TransitGatewayAttachmentId?: string; + + /** + *

                                                Indicates whether to drop traffic that matches this route.

                                                + */ + Blackhole?: boolean; + + /** + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                + */ + DryRun?: boolean; +} + +export namespace ModifyTransitGatewayPrefixListReferenceRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ModifyTransitGatewayPrefixListReferenceRequest): any => ({ + ...obj, + }); +} + +export interface ModifyTransitGatewayPrefixListReferenceResult { + /** + *

                                                Information about the prefix list reference.

                                                + */ + TransitGatewayPrefixListReference?: TransitGatewayPrefixListReference; +} + +export namespace ModifyTransitGatewayPrefixListReferenceResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ModifyTransitGatewayPrefixListReferenceResult): any => ({ + ...obj, + }); +} + +/** + *

                                                Describes the options for a VPC attachment.

                                                + */ +export interface ModifyTransitGatewayVpcAttachmentRequestOptions { + /** + *

                                                Enable or disable DNS support. The default is enable.

                                                + */ + DnsSupport?: DnsSupportValue | string; + + /** + *

                                                Enable or disable IPv6 support. The default is enable.

                                                + */ + Ipv6Support?: Ipv6SupportValue | string; + + /** + *

                                                Enable or disable support for appliance mode. If enabled, a traffic flow between a source and destination uses the same Availability Zone for the VPC attachment for the lifetime of that flow. The default is disable.

                                                + */ + ApplianceModeSupport?: ApplianceModeSupportValue | string; +} + +export namespace ModifyTransitGatewayVpcAttachmentRequestOptions { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ModifyTransitGatewayVpcAttachmentRequestOptions): any => ({ + ...obj, + }); +} + +export interface ModifyTransitGatewayVpcAttachmentRequest { + /** + *

                                                The ID of the attachment.

                                                + */ + TransitGatewayAttachmentId: string | undefined; + + /** + *

                                                The IDs of one or more subnets to add. You can specify at most one subnet per Availability Zone.

                                                + */ + AddSubnetIds?: string[]; + + /** + *

                                                The IDs of one or more subnets to remove.

                                                + */ + RemoveSubnetIds?: string[]; + + /** + *

                                                The new VPC attachment options.

                                                + */ + Options?: ModifyTransitGatewayVpcAttachmentRequestOptions; + + /** + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                + */ + DryRun?: boolean; +} + +export namespace ModifyTransitGatewayVpcAttachmentRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ModifyTransitGatewayVpcAttachmentRequest): any => ({ + ...obj, + }); +} + +export interface ModifyTransitGatewayVpcAttachmentResult { + /** + *

                                                Information about the modified attachment.

                                                + */ + TransitGatewayVpcAttachment?: TransitGatewayVpcAttachment; +} + +export namespace ModifyTransitGatewayVpcAttachmentResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ModifyTransitGatewayVpcAttachmentResult): any => ({ + ...obj, + }); +} + +export interface ModifyVolumeRequest { + /** + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                + */ + DryRun?: boolean; + + /** + *

                                                The ID of the volume.

                                                + */ + VolumeId: string | undefined; + + /** + *

                                                The target size of the volume, in GiB. The target volume size must be greater than or + * equal to the existing size of the volume.

                                                + *

                                                The following are the supported volumes sizes for each volume type:

                                                + *
                                                  + *
                                                • + *

                                                  + * gp2 and gp3: 1-16,384

                                                  + *
                                                  • + *
                                                • + *

                                                  + * io1 and io2: 4-16,384

                                                  + *
                                                  • + *
                                                • + *

                                                  + * st1 and sc1: 125-16,384

                                                  + *
                                                  • + *
                                                • + *

                                                  + * standard: 1-1,024

                                                  + *
                                                  • + *
                                                + *

                                                Default: The existing size is retained.

                                                + */ + Size?: number; + + /** + *

                                                The target EBS volume type of the volume. For more information, see Amazon EBS volume types in the Amazon Elastic Compute Cloud User Guide.

                                                + *

                                                Default: The existing type is retained.

                                                + */ + VolumeType?: VolumeType | string; + + /** + *

                                                The target IOPS rate of the volume. This parameter is valid only for gp3, io1, and io2 volumes.

                                                + *

                                                The following are the supported values for each volume type:

                                                + *
                                                  + *
                                                • + *

                                                  + * gp3: 3,000-16,000 IOPS

                                                  + *
                                                  • + *
                                                • + *

                                                  + * io1: 100-64,000 IOPS

                                                  + *
                                                  • + *
                                                • + *

                                                  + * io2: 100-64,000 IOPS

                                                  + *
                                                  • + *
                                                + *

                                                Default: The existing value is retained if you keep the same volume type. If you change + * the volume type to io1, io2, or gp3, the default is 3,000.

                                                + */ + Iops?: number; + + /** + *

                                                The target throughput of the volume, in MiB/s. This parameter is valid only for gp3 volumes. + * The maximum value is 1,000.

                                                + *

                                                Default: The existing value is retained if the source and target volume type is gp3. + * Otherwise, the default value is 125.

                                                + *

                                                Valid Range: Minimum value of 125. Maximum value of 1000.

                                                + */ + Throughput?: number; + + /** + *

                                                Specifies whether to enable Amazon EBS Multi-Attach. If you enable Multi-Attach, you can attach the + * volume to up to 16 + * Nitro-based instances in the same Availability Zone. This parameter is + * supported with io1 and io2 volumes only. For more information, see + * + * Amazon EBS Multi-Attach in the Amazon Elastic Compute Cloud User Guide.

                                                + */ + MultiAttachEnabled?: boolean; +} + +export namespace ModifyVolumeRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ModifyVolumeRequest): any => ({ + ...obj, + }); +} + +export interface ModifyVolumeResult { + /** + *

                                                Information about the volume modification.

                                                + */ + VolumeModification?: VolumeModification; +} + +export namespace ModifyVolumeResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ModifyVolumeResult): any => ({ + ...obj, + }); +} + +export interface ModifyVolumeAttributeRequest { + /** + *

                                                Indicates whether the volume should be auto-enabled for I/O operations.

                                                + */ + AutoEnableIO?: AttributeBooleanValue; + + /** + *

                                                The ID of the volume.

                                                + */ + VolumeId: string | undefined; + + /** + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                + */ + DryRun?: boolean; +} + +export namespace ModifyVolumeAttributeRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ModifyVolumeAttributeRequest): any => ({ + ...obj, + }); +} + +export interface ModifyVpcAttributeRequest { + /** + *

                                                Indicates whether the instances launched in the VPC get DNS hostnames. If enabled, instances in the VPC get DNS hostnames; otherwise, they do not.

                                                + *

                                                You cannot modify the DNS resolution and DNS hostnames attributes in the same request. Use separate requests for each attribute. You can only enable DNS hostnames if you've enabled DNS support.

                                                + */ + EnableDnsHostnames?: AttributeBooleanValue; + + /** + *

                                                Indicates whether the DNS resolution is supported for the VPC. If enabled, queries to + * the Amazon provided DNS server at the 169.254.169.253 IP address, or the reserved IP + * address at the base of the VPC network range "plus two" succeed. If disabled, the Amazon + * provided DNS service in the VPC that resolves public DNS hostnames to IP addresses is + * not enabled.

                                                + *

                                                You cannot modify the DNS resolution and DNS hostnames attributes in the same request. Use separate requests for each attribute.

                                                + */ + EnableDnsSupport?: AttributeBooleanValue; + + /** + *

                                                The ID of the VPC.

                                                + */ + VpcId: string | undefined; +} + +export namespace ModifyVpcAttributeRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ModifyVpcAttributeRequest): any => ({ + ...obj, + }); +} + +/** + *

                                                Contains the parameters for ModifyVpcEndpoint.

                                                + */ +export interface ModifyVpcEndpointRequest { + /** + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                + */ + DryRun?: boolean; + + /** + *

                                                The ID of the endpoint.

                                                + */ + VpcEndpointId: string | undefined; + + /** + *

                                                (Gateway endpoint) Specify true to reset the policy document to the + * default policy. The default policy allows full access to the service.

                                                + */ + ResetPolicy?: boolean; + + /** + *

                                                (Interface and gateway endpoints) A policy to attach to the endpoint that controls access to the service. The policy must + * be in valid JSON format.

                                                + */ + PolicyDocument?: string; + + /** + *

                                                (Gateway endpoint) One or more route tables IDs to associate with the endpoint.

                                                + */ + AddRouteTableIds?: string[]; + + /** + *

                                                (Gateway endpoint) One or more route table IDs to disassociate from the endpoint.

                                                + */ + RemoveRouteTableIds?: string[]; + + /** + *

                                                (Interface and Gateway Load Balancer endpoints) One or more subnet IDs in which to serve the endpoint. For a Gateway Load Balancer endpoint, you can specify only one subnet.

                                                + */ + AddSubnetIds?: string[]; + + /** + *

                                                (Interface endpoint) One or more subnets IDs in which to remove the endpoint.

                                                + */ + RemoveSubnetIds?: string[]; + + /** + *

                                                (Interface endpoint) One or more security group IDs to associate with the network interface.

                                                + */ + AddSecurityGroupIds?: string[]; + + /** + *

                                                (Interface endpoint) One or more security group IDs to disassociate from the network interface.

                                                + */ + RemoveSecurityGroupIds?: string[]; + + /** + *

                                                (Interface endpoint) Indicates whether a private hosted zone is associated with the + * VPC.

                                                + */ + PrivateDnsEnabled?: boolean; +} + +export namespace ModifyVpcEndpointRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ModifyVpcEndpointRequest): any => ({ + ...obj, + }); +} + +export interface ModifyVpcEndpointResult { + /** + *

                                                Returns true if the request succeeds; otherwise, it returns an error.

                                                + */ + Return?: boolean; +} + +export namespace ModifyVpcEndpointResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ModifyVpcEndpointResult): any => ({ + ...obj, + }); +} + +export interface ModifyVpcEndpointConnectionNotificationRequest { + /** + *

                                                Checks whether you have the required permissions for the action, without actually making the request, + * and provides an error response. If you have the required permissions, the error response is DryRunOperation. + * Otherwise, it is UnauthorizedOperation.

                                                + */ + DryRun?: boolean; + + /** + *

                                                The ID of the notification.

                                                + */ + ConnectionNotificationId: string | undefined; + + /** + *

                                                The ARN for the SNS topic for the notification.

                                                + */ + ConnectionNotificationArn?: string; + + /** + *

                                                One or more events for the endpoint. Valid values are Accept, + * Connect, Delete, and Reject.

                                                + */ + ConnectionEvents?: string[]; +} + +export namespace ModifyVpcEndpointConnectionNotificationRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ModifyVpcEndpointConnectionNotificationRequest): any => ({ + ...obj, + }); +} + +export interface ModifyVpcEndpointConnectionNotificationResult { + /** + *

                                                Returns true if the request succeeds; otherwise, it returns an error.

                                                + */ + ReturnValue?: boolean; +} + +export namespace ModifyVpcEndpointConnectionNotificationResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ModifyVpcEndpointConnectionNotificationResult): any => ({ + ...obj, + }); +} export interface ModifyVpcEndpointServiceConfigurationRequest { /** diff --git a/clients/client-ec2/src/pagination/DescribeCapacityReservationFleetsPaginator.ts b/clients/client-ec2/src/pagination/DescribeCapacityReservationFleetsPaginator.ts new file mode 100644 index 000000000000..a1b84e9dfbe6 --- /dev/null +++ b/clients/client-ec2/src/pagination/DescribeCapacityReservationFleetsPaginator.ts @@ -0,0 +1,59 @@ +import { Paginator } from "@aws-sdk/types"; + +import { + DescribeCapacityReservationFleetsCommand, + DescribeCapacityReservationFleetsCommandInput, + DescribeCapacityReservationFleetsCommandOutput, +} from "../commands/DescribeCapacityReservationFleetsCommand"; +import { EC2 } from "../EC2"; +import { EC2Client } from "../EC2Client"; +import { EC2PaginationConfiguration } from "./Interfaces"; + +/** + * @private + */ +const makePagedClientRequest = async ( + client: EC2Client, + input: DescribeCapacityReservationFleetsCommandInput, + ...args: any +): Promise => { + // @ts-ignore + return await client.send(new DescribeCapacityReservationFleetsCommand(input), ...args); +}; +/** + * @private + */ +const makePagedRequest = async ( + client: EC2, + input: DescribeCapacityReservationFleetsCommandInput, + ...args: any +): Promise => { + // @ts-ignore + return await client.describeCapacityReservationFleets(input, ...args); +}; +export async function* paginateDescribeCapacityReservationFleets( + config: EC2PaginationConfiguration, + input: DescribeCapacityReservationFleetsCommandInput, + ...additionalArguments: any +): Paginator { + // ToDo: replace with actual type instead of typeof input.NextToken + let token: typeof input.NextToken | undefined = config.startingToken || undefined; + let hasNext = true; + let page: DescribeCapacityReservationFleetsCommandOutput; + while (hasNext) { + input.NextToken = token; + input["MaxResults"] = config.pageSize; + if (config.client instanceof EC2) { + page = await makePagedRequest(config.client, input, ...additionalArguments); + } else if (config.client instanceof EC2Client) { + page = await makePagedClientRequest(config.client, input, ...additionalArguments); + } else { + throw new Error("Invalid client, expected EC2 | EC2Client"); + } + yield page; + token = page.NextToken; + hasNext = !!token; + } + // @ts-ignore + return undefined; +} diff --git a/clients/client-ec2/src/protocols/Aws_ec2.ts b/clients/client-ec2/src/protocols/Aws_ec2.ts index aa631a1113b4..97e0f0c5e13c 100644 --- a/clients/client-ec2/src/protocols/Aws_ec2.ts +++ b/clients/client-ec2/src/protocols/Aws_ec2.ts @@ -140,6 +140,10 @@ import { CancelCapacityReservationCommandInput, CancelCapacityReservationCommandOutput, } from "../commands/CancelCapacityReservationCommand"; +import { + CancelCapacityReservationFleetsCommandInput, + CancelCapacityReservationFleetsCommandOutput, +} from "../commands/CancelCapacityReservationFleetsCommand"; import { CancelConversionTaskCommandInput, CancelConversionTaskCommandOutput, @@ -169,6 +173,10 @@ import { CreateCapacityReservationCommandInput, CreateCapacityReservationCommandOutput, } from "../commands/CreateCapacityReservationCommand"; +import { + CreateCapacityReservationFleetCommandInput, + CreateCapacityReservationFleetCommandOutput, +} from "../commands/CreateCapacityReservationFleetCommand"; import { CreateCarrierGatewayCommandInput, CreateCarrierGatewayCommandOutput, @@ -579,6 +587,10 @@ import { DescribeBundleTasksCommandOutput, } from "../commands/DescribeBundleTasksCommand"; import { DescribeByoipCidrsCommandInput, DescribeByoipCidrsCommandOutput } from "../commands/DescribeByoipCidrsCommand"; +import { + DescribeCapacityReservationFleetsCommandInput, + DescribeCapacityReservationFleetsCommandOutput, +} from "../commands/DescribeCapacityReservationFleetsCommand"; import { DescribeCapacityReservationsCommandInput, DescribeCapacityReservationsCommandOutput, @@ -1255,6 +1267,10 @@ import { ModifyCapacityReservationCommandInput, ModifyCapacityReservationCommandOutput, } from "../commands/ModifyCapacityReservationCommand"; +import { + ModifyCapacityReservationFleetCommandInput, + ModifyCapacityReservationFleetCommandOutput, +} from "../commands/ModifyCapacityReservationFleetCommand"; import { ModifyClientVpnEndpointCommandInput, ModifyClientVpnEndpointCommandOutput, @@ -1672,6 +1688,9 @@ import { ByoipCidr, CancelBundleTaskRequest, CancelBundleTaskResult, + CancelCapacityReservationFleetError, + CancelCapacityReservationFleetsRequest, + CancelCapacityReservationFleetsResult, CancelCapacityReservationRequest, CancelCapacityReservationResult, CancelConversionRequest, @@ -1689,6 +1708,7 @@ import { CancelSpotInstanceRequestsRequest, CancelSpotInstanceRequestsResult, CapacityReservation, + CapacityReservationFleetCancellationState, CapacityReservationOptionsRequest, CarrierGateway, CertificateAuthenticationRequest, @@ -1707,6 +1727,8 @@ import { CopyImageResult, CopySnapshotRequest, CopySnapshotResult, + CreateCapacityReservationFleetRequest, + CreateCapacityReservationFleetResult, CreateCapacityReservationRequest, CreateCapacityReservationResult, CreateCarrierGatewayRequest, @@ -1736,20 +1758,15 @@ import { CreateImageRequest, CreateImageResult, CreateInstanceEventWindowRequest, - CreateInstanceEventWindowResult, - CreateInstanceExportTaskRequest, - CreateInstanceExportTaskResult, - CreateInternetGatewayRequest, CustomerGateway, DhcpConfiguration, DhcpOptions, DirectoryServiceAuthenticationRequest, EbsBlockDevice, EgressOnlyInternetGateway, - ExportTask, - ExportToS3Task, - ExportToS3TaskSpecification, + FailedCapacityReservationFleetCancellationResult, FederatedAuthenticationRequest, + FleetCapacityReservation, FleetLaunchTemplateConfigRequest, FleetLaunchTemplateOverrides, FleetLaunchTemplateOverridesRequest, @@ -1766,7 +1783,6 @@ import { InstanceEventWindowAssociationTarget, InstanceEventWindowTimeRange, InstanceEventWindowTimeRangeRequest, - InstanceExportDetails, InternetGatewayAttachment, IpPermission, IpRange, @@ -1784,6 +1800,7 @@ import { PriceSchedule, PtrUpdateStatus, ReferencedSecurityGroup, + ReservationFleetInstanceSpecification, ReservedInstancesListing, RouteTableAssociationState, S3Storage, @@ -1823,6 +1840,10 @@ import { CapacityReservationTarget, CapacityReservationTargetResponse, ConnectionNotification, + CreateInstanceEventWindowResult, + CreateInstanceExportTaskRequest, + CreateInstanceExportTaskResult, + CreateInternetGatewayRequest, CreateInternetGatewayResult, CreateKeyPairRequest, CreateLaunchTemplateRequest, @@ -1913,20 +1934,19 @@ import { CreateVpcRequest, CreateVpcResult, CreateVpnConnectionRequest, - CreateVpnConnectionResult, - CreateVpnConnectionRouteRequest, - CreateVpnGatewayRequest, - CreateVpnGatewayResult, CreditSpecification, CreditSpecificationRequest, - DeleteCarrierGatewayRequest, DnsEntry, ElasticGpuSpecification, ElasticGpuSpecificationResponse, + ExportTask, + ExportToS3Task, + ExportToS3TaskSpecification, GroupIdentifier, IcmpTypeCode, IKEVersionsListValue, IKEVersionsRequestListValue, + InstanceExportDetails, InstanceIpv6Address, InstanceIpv6AddressRequest, InstanceSpecification, @@ -2048,23 +2068,19 @@ import { TunnelOption, ValidationError, ValidationWarning, - VgwTelemetry, Volume, VpcEndpoint, - VpnConnection, VpnConnectionOptions, VpnConnectionOptionsSpecification, - VpnGateway, - VpnStaticRoute, VpnTunnelOptionsSpecification, } from "../models/models_1"; import { AssociatedTargetNetwork, - AttributeBooleanValue, AuthorizationRule, AvailabilityZone, AvailabilityZoneMessage, AvailableCapacity, + CapacityReservationFleet, CapacityReservationOptions, CertificateAuthentication, ClassicLinkInstance, @@ -2078,6 +2094,11 @@ import { CoipPool, ConnectionLogResponseOptions, ConversionTask, + CreateVpnConnectionResult, + CreateVpnConnectionRouteRequest, + CreateVpnGatewayRequest, + CreateVpnGatewayResult, + DeleteCarrierGatewayRequest, DeleteCarrierGatewayResult, DeleteClientVpnEndpointRequest, DeleteClientVpnEndpointResult, @@ -2199,6 +2220,8 @@ import { DescribeBundleTasksResult, DescribeByoipCidrsRequest, DescribeByoipCidrsResult, + DescribeCapacityReservationFleetsRequest, + DescribeCapacityReservationFleetsResult, DescribeCapacityReservationsRequest, DescribeCapacityReservationsResult, DescribeCarrierGatewaysRequest, @@ -2264,19 +2287,11 @@ import { DescribeImagesRequest, DescribeImagesResult, DescribeImportImageTasksRequest, - DescribeImportImageTasksResult, - DescribeImportSnapshotTasksRequest, - DescribeImportSnapshotTasksResult, - DescribeInstanceAttributeRequest, - DescribeInstanceCreditSpecificationsRequest, - DescribeInstanceCreditSpecificationsResult, DirectoryServiceAuthentication, DiskImageDescription, DiskImageVolumeDescription, - EbsInstanceBlockDevice, ElasticGpuHealth, ElasticGpus, - EnclaveOptions, EventInformation, ExportImageTask, ExportTaskS3Location, @@ -2304,12 +2319,8 @@ import { ImportImageTask, ImportInstanceTaskDetails, ImportInstanceVolumeDetailItem, - ImportSnapshotTask, ImportVolumeTaskDetails, - InstanceAttribute, - InstanceBlockDeviceMapping, InstanceCapacity, - InstanceCreditSpecification, InstanceEventWindowStateChange, InstanceTagNotificationAttribute, LaunchPermission, @@ -2319,7 +2330,6 @@ import { ProductCode, ResponseError, SnapshotDetail, - SnapshotTaskDetail, SpotOptions, StateReason, SuccessfulQueuedPurchaseDeletion, @@ -2328,7 +2338,11 @@ import { TransitGatewayMulticastDeregisteredGroupMembers, TransitGatewayMulticastDeregisteredGroupSources, UserBucketDetails, + VgwTelemetry, VirtualizationType, + VpnConnection, + VpnGateway, + VpnStaticRoute, } from "../models/models_2"; import { AnalysisAclRule, @@ -2339,12 +2353,19 @@ import { AnalysisRouteTableRoute, AnalysisSecurityGroupRule, ArchitectureType, + AttributeBooleanValue, BootModeType, CapacityReservationSpecificationResponse, ClassicLoadBalancer, ClassicLoadBalancersConfig, CpuOptions, CreateVolumePermission, + DescribeImportImageTasksResult, + DescribeImportSnapshotTasksRequest, + DescribeImportSnapshotTasksResult, + DescribeInstanceAttributeRequest, + DescribeInstanceCreditSpecificationsRequest, + DescribeInstanceCreditSpecificationsResult, DescribeInstanceEventNotificationAttributesRequest, DescribeInstanceEventNotificationAttributesResult, DescribeInstanceEventWindowsRequest, @@ -2479,17 +2500,14 @@ import { DescribeTrunkInterfaceAssociationsResult, DescribeVolumeAttributeRequest, DescribeVolumeAttributeResult, - DescribeVolumesModificationsRequest, - DescribeVolumesModificationsResult, - DescribeVolumesRequest, - DescribeVolumesResult, - DescribeVolumeStatusRequest, DiskInfo, EbsInfo, + EbsInstanceBlockDevice, EbsOptimizedInfo, EfaInfo, ElasticGpuAssociation, ElasticInferenceAcceleratorAssociation, + EnclaveOptions, Explanation, FpgaDeviceInfo, FpgaDeviceMemoryInfo, @@ -2499,9 +2517,13 @@ import { GpuInfo, HibernationOptions, HistoryRecord, + ImportSnapshotTask, InferenceAcceleratorInfo, InferenceDeviceInfo, Instance, + InstanceAttribute, + InstanceBlockDeviceMapping, + InstanceCreditSpecification, InstanceIpv4Prefix, InstanceIpv6Prefix, InstanceMetadataOptionsResponse, @@ -2565,6 +2587,7 @@ import { SecurityGroupReference, SlotDateTimeRangeRequest, SlotStartTimeRangeRequest, + SnapshotTaskDetail, SpotCapacityRebalance, SpotFleetLaunchSpecification, SpotFleetMonitoring, @@ -2586,13 +2609,6 @@ import { TransitGatewayAttachmentAssociation, UsageClassType, VCpuInfo, - VolumeModification, - VolumeStatusAction, - VolumeStatusAttachmentStatus, - VolumeStatusDetails, - VolumeStatusEvent, - VolumeStatusInfo, - VolumeStatusItem, } from "../models/models_3"; import { AssociatedRole, @@ -2605,6 +2621,11 @@ import { ClientData, CoipAddressUsage, CreateVolumePermissionModifications, + DescribeVolumesModificationsRequest, + DescribeVolumesModificationsResult, + DescribeVolumesRequest, + DescribeVolumesResult, + DescribeVolumeStatusRequest, DescribeVolumeStatusResult, DescribeVpcAttributeRequest, DescribeVpcAttributeResult, @@ -2791,6 +2812,8 @@ import { ModifyAddressAttributeResult, ModifyAvailabilityZoneGroupRequest, ModifyAvailabilityZoneGroupResult, + ModifyCapacityReservationFleetRequest, + ModifyCapacityReservationFleetResult, ModifyCapacityReservationRequest, ModifyCapacityReservationResult, ModifyClientVpnEndpointRequest, @@ -2839,23 +2862,6 @@ import { ModifyTrafficMirrorFilterRuleRequest, ModifyTrafficMirrorFilterRuleResult, ModifyTrafficMirrorSessionRequest, - ModifyTrafficMirrorSessionResult, - ModifyTransitGatewayOptions, - ModifyTransitGatewayPrefixListReferenceRequest, - ModifyTransitGatewayPrefixListReferenceResult, - ModifyTransitGatewayRequest, - ModifyTransitGatewayResult, - ModifyTransitGatewayVpcAttachmentRequest, - ModifyTransitGatewayVpcAttachmentRequestOptions, - ModifyTransitGatewayVpcAttachmentResult, - ModifyVolumeAttributeRequest, - ModifyVolumeRequest, - ModifyVolumeResult, - ModifyVpcAttributeRequest, - ModifyVpcEndpointConnectionNotificationRequest, - ModifyVpcEndpointConnectionNotificationResult, - ModifyVpcEndpointRequest, - ModifyVpcEndpointResult, NetworkInterfaceAttachmentChanges, PrefixListAssociation, PrefixListEntry, @@ -2883,6 +2889,13 @@ import { UserBucket, UserData, VolumeDetail, + VolumeModification, + VolumeStatusAction, + VolumeStatusAttachmentStatus, + VolumeStatusDetails, + VolumeStatusEvent, + VolumeStatusInfo, + VolumeStatusItem, VpcClassicLink, VpcEndpointConnection, VpnConnectionDeviceType, @@ -2899,6 +2912,23 @@ import { InstanceStateChange, LaunchTemplateSpecification, LicenseConfigurationRequest, + ModifyTrafficMirrorSessionResult, + ModifyTransitGatewayOptions, + ModifyTransitGatewayPrefixListReferenceRequest, + ModifyTransitGatewayPrefixListReferenceResult, + ModifyTransitGatewayRequest, + ModifyTransitGatewayResult, + ModifyTransitGatewayVpcAttachmentRequest, + ModifyTransitGatewayVpcAttachmentRequestOptions, + ModifyTransitGatewayVpcAttachmentResult, + ModifyVolumeAttributeRequest, + ModifyVolumeRequest, + ModifyVolumeResult, + ModifyVpcAttributeRequest, + ModifyVpcEndpointConnectionNotificationRequest, + ModifyVpcEndpointConnectionNotificationResult, + ModifyVpcEndpointRequest, + ModifyVpcEndpointResult, ModifyVpcEndpointServiceConfigurationRequest, ModifyVpcEndpointServiceConfigurationResult, ModifyVpcEndpointServicePermissionsRequest, @@ -3602,6 +3632,22 @@ export const serializeAws_ec2CancelCapacityReservationCommand = async ( return buildHttpRpcRequest(context, headers, "/", undefined, body); }; +export const serializeAws_ec2CancelCapacityReservationFleetsCommand = async ( + input: CancelCapacityReservationFleetsCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const headers: __HeaderBag = { + "content-type": "application/x-www-form-urlencoded", + }; + let body: any; + body = buildFormUrlencodedString({ + ...serializeAws_ec2CancelCapacityReservationFleetsRequest(input, context), + Action: "CancelCapacityReservationFleets", + Version: "2016-11-15", + }); + return buildHttpRpcRequest(context, headers, "/", undefined, body); +}; + export const serializeAws_ec2CancelConversionTaskCommand = async ( input: CancelConversionTaskCommandInput, context: __SerdeContext @@ -3778,6 +3824,22 @@ export const serializeAws_ec2CreateCapacityReservationCommand = async ( return buildHttpRpcRequest(context, headers, "/", undefined, body); }; +export const serializeAws_ec2CreateCapacityReservationFleetCommand = async ( + input: CreateCapacityReservationFleetCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const headers: __HeaderBag = { + "content-type": "application/x-www-form-urlencoded", + }; + let body: any; + body = buildFormUrlencodedString({ + ...serializeAws_ec2CreateCapacityReservationFleetRequest(input, context), + Action: "CreateCapacityReservationFleet", + Version: "2016-11-15", + }); + return buildHttpRpcRequest(context, headers, "/", undefined, body); +}; + export const serializeAws_ec2CreateCarrierGatewayCommand = async ( input: CreateCarrierGatewayCommandInput, context: __SerdeContext @@ -5874,6 +5936,22 @@ export const serializeAws_ec2DescribeByoipCidrsCommand = async ( return buildHttpRpcRequest(context, headers, "/", undefined, body); }; +export const serializeAws_ec2DescribeCapacityReservationFleetsCommand = async ( + input: DescribeCapacityReservationFleetsCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const headers: __HeaderBag = { + "content-type": "application/x-www-form-urlencoded", + }; + let body: any; + body = buildFormUrlencodedString({ + ...serializeAws_ec2DescribeCapacityReservationFleetsRequest(input, context), + Action: "DescribeCapacityReservationFleets", + Version: "2016-11-15", + }); + return buildHttpRpcRequest(context, headers, "/", undefined, body); +}; + export const serializeAws_ec2DescribeCapacityReservationsCommand = async ( input: DescribeCapacityReservationsCommandInput, context: __SerdeContext @@ -8914,6 +8992,22 @@ export const serializeAws_ec2ModifyCapacityReservationCommand = async ( return buildHttpRpcRequest(context, headers, "/", undefined, body); }; +export const serializeAws_ec2ModifyCapacityReservationFleetCommand = async ( + input: ModifyCapacityReservationFleetCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const headers: __HeaderBag = { + "content-type": "application/x-www-form-urlencoded", + }; + let body: any; + body = buildFormUrlencodedString({ + ...serializeAws_ec2ModifyCapacityReservationFleetRequest(input, context), + Action: "ModifyCapacityReservationFleet", + Version: "2016-11-15", + }); + return buildHttpRpcRequest(context, headers, "/", undefined, body); +}; + export const serializeAws_ec2ModifyClientVpnEndpointCommand = async ( input: ModifyClientVpnEndpointCommandInput, context: __SerdeContext @@ -12118,6 +12212,52 @@ const deserializeAws_ec2CancelCapacityReservationCommandError = async ( return Promise.reject(Object.assign(new Error(message), response)); }; +export const deserializeAws_ec2CancelCapacityReservationFleetsCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode >= 300) { + return deserializeAws_ec2CancelCapacityReservationFleetsCommandError(output, context); + } + const data: any = await parseBody(output.body, context); + let contents: any = {}; + contents = deserializeAws_ec2CancelCapacityReservationFleetsResult(data, context); + const response: CancelCapacityReservationFleetsCommandOutput = { + $metadata: deserializeMetadata(output), + ...contents, + }; + return Promise.resolve(response); +}; + +const deserializeAws_ec2CancelCapacityReservationFleetsCommandError = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + const parsedOutput: any = { + ...output, + body: await parseBody(output.body, context), + }; + let response: __SmithyException & __MetadataBearer & { [key: string]: any }; + let errorCode = "UnknownError"; + errorCode = loadEc2ErrorCode(output, parsedOutput.body); + switch (errorCode) { + default: + const parsedBody = parsedOutput.body; + errorCode = parsedBody.Errors.Error.code || parsedBody.Errors.Error.Code || errorCode; + response = { + ...parsedBody.Errors.Error, + name: `${errorCode}`, + message: parsedBody.Errors.Error.message || parsedBody.Errors.Error.Message || errorCode, + $fault: "client", + $metadata: deserializeMetadata(output), + } as any; + } + const message = response.message || response.Message || errorCode; + response.message = message; + delete response.Message; + return Promise.reject(Object.assign(new Error(message), response)); +}; + export const deserializeAws_ec2CancelConversionTaskCommand = async ( output: __HttpResponse, context: __SerdeContext @@ -12618,6 +12758,52 @@ const deserializeAws_ec2CreateCapacityReservationCommandError = async ( return Promise.reject(Object.assign(new Error(message), response)); }; +export const deserializeAws_ec2CreateCapacityReservationFleetCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode >= 300) { + return deserializeAws_ec2CreateCapacityReservationFleetCommandError(output, context); + } + const data: any = await parseBody(output.body, context); + let contents: any = {}; + contents = deserializeAws_ec2CreateCapacityReservationFleetResult(data, context); + const response: CreateCapacityReservationFleetCommandOutput = { + $metadata: deserializeMetadata(output), + ...contents, + }; + return Promise.resolve(response); +}; + +const deserializeAws_ec2CreateCapacityReservationFleetCommandError = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + const parsedOutput: any = { + ...output, + body: await parseBody(output.body, context), + }; + let response: __SmithyException & __MetadataBearer & { [key: string]: any }; + let errorCode = "UnknownError"; + errorCode = loadEc2ErrorCode(output, parsedOutput.body); + switch (errorCode) { + default: + const parsedBody = parsedOutput.body; + errorCode = parsedBody.Errors.Error.code || parsedBody.Errors.Error.Code || errorCode; + response = { + ...parsedBody.Errors.Error, + name: `${errorCode}`, + message: parsedBody.Errors.Error.message || parsedBody.Errors.Error.Message || errorCode, + $fault: "client", + $metadata: deserializeMetadata(output), + } as any; + } + const message = response.message || response.Message || errorCode; + response.message = message; + delete response.Message; + return Promise.reject(Object.assign(new Error(message), response)); +}; + export const deserializeAws_ec2CreateCarrierGatewayCommand = async ( output: __HttpResponse, context: __SerdeContext @@ -18572,27 +18758,73 @@ const deserializeAws_ec2DescribeByoipCidrsCommandError = async ( return Promise.reject(Object.assign(new Error(message), response)); }; -export const deserializeAws_ec2DescribeCapacityReservationsCommand = async ( +export const deserializeAws_ec2DescribeCapacityReservationFleetsCommand = async ( output: __HttpResponse, context: __SerdeContext -): Promise => { +): Promise => { if (output.statusCode >= 300) { - return deserializeAws_ec2DescribeCapacityReservationsCommandError(output, context); + return deserializeAws_ec2DescribeCapacityReservationFleetsCommandError(output, context); } const data: any = await parseBody(output.body, context); let contents: any = {}; - contents = deserializeAws_ec2DescribeCapacityReservationsResult(data, context); - const response: DescribeCapacityReservationsCommandOutput = { + contents = deserializeAws_ec2DescribeCapacityReservationFleetsResult(data, context); + const response: DescribeCapacityReservationFleetsCommandOutput = { $metadata: deserializeMetadata(output), ...contents, }; return Promise.resolve(response); }; -const deserializeAws_ec2DescribeCapacityReservationsCommandError = async ( +const deserializeAws_ec2DescribeCapacityReservationFleetsCommandError = async ( output: __HttpResponse, context: __SerdeContext -): Promise => { +): Promise => { + const parsedOutput: any = { + ...output, + body: await parseBody(output.body, context), + }; + let response: __SmithyException & __MetadataBearer & { [key: string]: any }; + let errorCode = "UnknownError"; + errorCode = loadEc2ErrorCode(output, parsedOutput.body); + switch (errorCode) { + default: + const parsedBody = parsedOutput.body; + errorCode = parsedBody.Errors.Error.code || parsedBody.Errors.Error.Code || errorCode; + response = { + ...parsedBody.Errors.Error, + name: `${errorCode}`, + message: parsedBody.Errors.Error.message || parsedBody.Errors.Error.Message || errorCode, + $fault: "client", + $metadata: deserializeMetadata(output), + } as any; + } + const message = response.message || response.Message || errorCode; + response.message = message; + delete response.Message; + return Promise.reject(Object.assign(new Error(message), response)); +}; + +export const deserializeAws_ec2DescribeCapacityReservationsCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode >= 300) { + return deserializeAws_ec2DescribeCapacityReservationsCommandError(output, context); + } + const data: any = await parseBody(output.body, context); + let contents: any = {}; + contents = deserializeAws_ec2DescribeCapacityReservationsResult(data, context); + const response: DescribeCapacityReservationsCommandOutput = { + $metadata: deserializeMetadata(output), + ...contents, + }; + return Promise.resolve(response); +}; + +const deserializeAws_ec2DescribeCapacityReservationsCommandError = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { const parsedOutput: any = { ...output, body: await parseBody(output.body, context), @@ -27291,6 +27523,52 @@ const deserializeAws_ec2ModifyCapacityReservationCommandError = async ( return Promise.reject(Object.assign(new Error(message), response)); }; +export const deserializeAws_ec2ModifyCapacityReservationFleetCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode >= 300) { + return deserializeAws_ec2ModifyCapacityReservationFleetCommandError(output, context); + } + const data: any = await parseBody(output.body, context); + let contents: any = {}; + contents = deserializeAws_ec2ModifyCapacityReservationFleetResult(data, context); + const response: ModifyCapacityReservationFleetCommandOutput = { + $metadata: deserializeMetadata(output), + ...contents, + }; + return Promise.resolve(response); +}; + +const deserializeAws_ec2ModifyCapacityReservationFleetCommandError = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + const parsedOutput: any = { + ...output, + body: await parseBody(output.body, context), + }; + let response: __SmithyException & __MetadataBearer & { [key: string]: any }; + let errorCode = "UnknownError"; + errorCode = loadEc2ErrorCode(output, parsedOutput.body); + switch (errorCode) { + default: + const parsedBody = parsedOutput.body; + errorCode = parsedBody.Errors.Error.code || parsedBody.Errors.Error.Code || errorCode; + response = { + ...parsedBody.Errors.Error, + name: `${errorCode}`, + message: parsedBody.Errors.Error.message || parsedBody.Errors.Error.Message || errorCode, + $fault: "client", + $metadata: deserializeMetadata(output), + } as any; + } + const message = response.message || response.Message || errorCode; + response.message = message; + delete response.Message; + return Promise.reject(Object.assign(new Error(message), response)); +}; + export const deserializeAws_ec2ModifyClientVpnEndpointCommand = async ( output: __HttpResponse, context: __SerdeContext @@ -32853,6 +33131,24 @@ const serializeAws_ec2CancelBundleTaskRequest = (input: CancelBundleTaskRequest, return entries; }; +const serializeAws_ec2CancelCapacityReservationFleetsRequest = ( + input: CancelCapacityReservationFleetsRequest, + context: __SerdeContext +): any => { + const entries: any = {}; + if (input.DryRun !== undefined && input.DryRun !== null) { + entries["DryRun"] = input.DryRun; + } + if (input.CapacityReservationFleetIds !== undefined && input.CapacityReservationFleetIds !== null) { + const memberEntries = serializeAws_ec2CapacityReservationFleetIdSet(input.CapacityReservationFleetIds, context); + Object.entries(memberEntries).forEach(([key, value]) => { + const loc = `CapacityReservationFleetId.${key.substring(key.indexOf(".") + 1)}`; + entries[loc] = value; + }); + } + return entries; +}; + const serializeAws_ec2CancelCapacityReservationRequest = ( input: CancelCapacityReservationRequest, context: __SerdeContext @@ -32953,6 +33249,19 @@ const serializeAws_ec2CancelSpotInstanceRequestsRequest = ( return entries; }; +const serializeAws_ec2CapacityReservationFleetIdSet = (input: string[], context: __SerdeContext): any => { + const entries: any = {}; + let counter = 1; + for (const entry of input) { + if (entry === null) { + continue; + } + entries[`Item.${counter}`] = entry; + counter++; + } + return entries; +}; + const serializeAws_ec2CapacityReservationIdSet = (input: string[], context: __SerdeContext): any => { const entries: any = {}; let counter = 1; @@ -33360,6 +33669,55 @@ const serializeAws_ec2CpuOptionsRequest = (input: CpuOptionsRequest, context: __ return entries; }; +const serializeAws_ec2CreateCapacityReservationFleetRequest = ( + input: CreateCapacityReservationFleetRequest, + context: __SerdeContext +): any => { + const entries: any = {}; + if (input.AllocationStrategy !== undefined && input.AllocationStrategy !== null) { + entries["AllocationStrategy"] = input.AllocationStrategy; + } + if (input.ClientToken === undefined) { + input.ClientToken = generateIdempotencyToken(); + } + if (input.ClientToken !== undefined && input.ClientToken !== null) { + entries["ClientToken"] = input.ClientToken; + } + if (input.InstanceTypeSpecifications !== undefined && input.InstanceTypeSpecifications !== null) { + const memberEntries = serializeAws_ec2ReservationFleetInstanceSpecificationList( + input.InstanceTypeSpecifications, + context + ); + Object.entries(memberEntries).forEach(([key, value]) => { + const loc = `InstanceTypeSpecification.${key.substring(key.indexOf(".") + 1)}`; + entries[loc] = value; + }); + } + if (input.Tenancy !== undefined && input.Tenancy !== null) { + entries["Tenancy"] = input.Tenancy; + } + if (input.TotalTargetCapacity !== undefined && input.TotalTargetCapacity !== null) { + entries["TotalTargetCapacity"] = input.TotalTargetCapacity; + } + if (input.EndDate !== undefined && input.EndDate !== null) { + entries["EndDate"] = input.EndDate.toISOString().split(".")[0] + "Z"; + } + if (input.InstanceMatchCriteria !== undefined && input.InstanceMatchCriteria !== null) { + entries["InstanceMatchCriteria"] = input.InstanceMatchCriteria; + } + if (input.TagSpecifications !== undefined && input.TagSpecifications !== null) { + const memberEntries = serializeAws_ec2TagSpecificationList(input.TagSpecifications, context); + Object.entries(memberEntries).forEach(([key, value]) => { + const loc = `TagSpecification.${key.substring(key.indexOf(".") + 1)}`; + entries[loc] = value; + }); + } + if (input.DryRun !== undefined && input.DryRun !== null) { + entries["DryRun"] = input.DryRun; + } + return entries; +}; + const serializeAws_ec2CreateCapacityReservationRequest = ( input: CreateCapacityReservationRequest, context: __SerdeContext @@ -36701,6 +37059,37 @@ const serializeAws_ec2DescribeByoipCidrsRequest = (input: DescribeByoipCidrsRequ return entries; }; +const serializeAws_ec2DescribeCapacityReservationFleetsRequest = ( + input: DescribeCapacityReservationFleetsRequest, + context: __SerdeContext +): any => { + const entries: any = {}; + if (input.CapacityReservationFleetIds !== undefined && input.CapacityReservationFleetIds !== null) { + const memberEntries = serializeAws_ec2CapacityReservationFleetIdSet(input.CapacityReservationFleetIds, context); + Object.entries(memberEntries).forEach(([key, value]) => { + const loc = `CapacityReservationFleetId.${key.substring(key.indexOf(".") + 1)}`; + entries[loc] = value; + }); + } + if (input.NextToken !== undefined && input.NextToken !== null) { + entries["NextToken"] = input.NextToken; + } + if (input.MaxResults !== undefined && input.MaxResults !== null) { + entries["MaxResults"] = input.MaxResults; + } + if (input.Filters !== undefined && input.Filters !== null) { + const memberEntries = serializeAws_ec2FilterList(input.Filters, context); + Object.entries(memberEntries).forEach(([key, value]) => { + const loc = `Filter.${key.substring(key.indexOf(".") + 1)}`; + entries[loc] = value; + }); + } + if (input.DryRun !== undefined && input.DryRun !== null) { + entries["DryRun"] = input.DryRun; + } + return entries; +}; + const serializeAws_ec2DescribeCapacityReservationsRequest = ( input: DescribeCapacityReservationsRequest, context: __SerdeContext @@ -43917,6 +44306,29 @@ const serializeAws_ec2ModifyAvailabilityZoneGroupRequest = ( return entries; }; +const serializeAws_ec2ModifyCapacityReservationFleetRequest = ( + input: ModifyCapacityReservationFleetRequest, + context: __SerdeContext +): any => { + const entries: any = {}; + if (input.CapacityReservationFleetId !== undefined && input.CapacityReservationFleetId !== null) { + entries["CapacityReservationFleetId"] = input.CapacityReservationFleetId; + } + if (input.TotalTargetCapacity !== undefined && input.TotalTargetCapacity !== null) { + entries["TotalTargetCapacity"] = input.TotalTargetCapacity; + } + if (input.EndDate !== undefined && input.EndDate !== null) { + entries["EndDate"] = input.EndDate.toISOString().split(".")[0] + "Z"; + } + if (input.DryRun !== undefined && input.DryRun !== null) { + entries["DryRun"] = input.DryRun; + } + if (input.RemoveEndDate !== undefined && input.RemoveEndDate !== null) { + entries["RemoveEndDate"] = input.RemoveEndDate; + } + return entries; +}; + const serializeAws_ec2ModifyCapacityReservationRequest = ( input: ModifyCapacityReservationRequest, context: __SerdeContext @@ -47252,6 +47664,54 @@ const serializeAws_ec2RequestSpotLaunchSpecificationSecurityGroupList = ( return entries; }; +const serializeAws_ec2ReservationFleetInstanceSpecification = ( + input: ReservationFleetInstanceSpecification, + context: __SerdeContext +): any => { + const entries: any = {}; + if (input.InstanceType !== undefined && input.InstanceType !== null) { + entries["InstanceType"] = input.InstanceType; + } + if (input.InstancePlatform !== undefined && input.InstancePlatform !== null) { + entries["InstancePlatform"] = input.InstancePlatform; + } + if (input.Weight !== undefined && input.Weight !== null) { + entries["Weight"] = __serializeFloat(input.Weight); + } + if (input.AvailabilityZone !== undefined && input.AvailabilityZone !== null) { + entries["AvailabilityZone"] = input.AvailabilityZone; + } + if (input.AvailabilityZoneId !== undefined && input.AvailabilityZoneId !== null) { + entries["AvailabilityZoneId"] = input.AvailabilityZoneId; + } + if (input.EbsOptimized !== undefined && input.EbsOptimized !== null) { + entries["EbsOptimized"] = input.EbsOptimized; + } + if (input.Priority !== undefined && input.Priority !== null) { + entries["Priority"] = input.Priority; + } + return entries; +}; + +const serializeAws_ec2ReservationFleetInstanceSpecificationList = ( + input: ReservationFleetInstanceSpecification[], + context: __SerdeContext +): any => { + const entries: any = {}; + let counter = 1; + for (const entry of input) { + if (entry === null) { + continue; + } + const memberEntries = serializeAws_ec2ReservationFleetInstanceSpecification(entry, context); + Object.entries(memberEntries).forEach(([key, value]) => { + entries[`Member.${counter}.${key}`] = value; + }); + counter++; + } + return entries; +}; + const serializeAws_ec2ReservedInstanceIdSet = (input: string[], context: __SerdeContext): any => { const entries: any = {}; let counter = 1; @@ -51578,6 +52038,58 @@ const deserializeAws_ec2CancelBundleTaskResult = (output: any, context: __SerdeC return contents; }; +const deserializeAws_ec2CancelCapacityReservationFleetError = ( + output: any, + context: __SerdeContext +): CancelCapacityReservationFleetError => { + const contents: any = { + Code: undefined, + Message: undefined, + }; + if (output["code"] !== undefined) { + contents.Code = __expectString(output["code"]); + } + if (output["message"] !== undefined) { + contents.Message = __expectString(output["message"]); + } + return contents; +}; + +const deserializeAws_ec2CancelCapacityReservationFleetsResult = ( + output: any, + context: __SerdeContext +): CancelCapacityReservationFleetsResult => { + const contents: any = { + SuccessfulFleetCancellations: undefined, + FailedFleetCancellations: undefined, + }; + if (output.successfulFleetCancellationSet === "") { + contents.SuccessfulFleetCancellations = []; + } + if ( + output["successfulFleetCancellationSet"] !== undefined && + output["successfulFleetCancellationSet"]["item"] !== undefined + ) { + contents.SuccessfulFleetCancellations = deserializeAws_ec2CapacityReservationFleetCancellationStateSet( + __getArrayIfSingleItem(output["successfulFleetCancellationSet"]["item"]), + context + ); + } + if (output.failedFleetCancellationSet === "") { + contents.FailedFleetCancellations = []; + } + if ( + output["failedFleetCancellationSet"] !== undefined && + output["failedFleetCancellationSet"]["item"] !== undefined + ) { + contents.FailedFleetCancellations = deserializeAws_ec2FailedCapacityReservationFleetCancellationResultSet( + __getArrayIfSingleItem(output["failedFleetCancellationSet"]["item"]), + context + ); + } + return contents; +}; + const deserializeAws_ec2CancelCapacityReservationResult = ( output: any, context: __SerdeContext @@ -51818,6 +52330,7 @@ const deserializeAws_ec2CapacityReservation = (output: any, context: __SerdeCont CreateDate: undefined, Tags: undefined, OutpostArn: undefined, + CapacityReservationFleetId: undefined, }; if (output["capacityReservationId"] !== undefined) { contents.CapacityReservationId = __expectString(output["capacityReservationId"]); @@ -51882,9 +52395,127 @@ const deserializeAws_ec2CapacityReservation = (output: any, context: __SerdeCont if (output["outpostArn"] !== undefined) { contents.OutpostArn = __expectString(output["outpostArn"]); } + if (output["capacityReservationFleetId"] !== undefined) { + contents.CapacityReservationFleetId = __expectString(output["capacityReservationFleetId"]); + } return contents; }; +const deserializeAws_ec2CapacityReservationFleet = (output: any, context: __SerdeContext): CapacityReservationFleet => { + const contents: any = { + CapacityReservationFleetId: undefined, + CapacityReservationFleetArn: undefined, + State: undefined, + TotalTargetCapacity: undefined, + TotalFulfilledCapacity: undefined, + Tenancy: undefined, + EndDate: undefined, + CreateTime: undefined, + InstanceMatchCriteria: undefined, + AllocationStrategy: undefined, + InstanceTypeSpecifications: undefined, + Tags: undefined, + }; + if (output["capacityReservationFleetId"] !== undefined) { + contents.CapacityReservationFleetId = __expectString(output["capacityReservationFleetId"]); + } + if (output["capacityReservationFleetArn"] !== undefined) { + contents.CapacityReservationFleetArn = __expectString(output["capacityReservationFleetArn"]); + } + if (output["state"] !== undefined) { + contents.State = __expectString(output["state"]); + } + if (output["totalTargetCapacity"] !== undefined) { + contents.TotalTargetCapacity = __strictParseInt32(output["totalTargetCapacity"]) as number; + } + if (output["totalFulfilledCapacity"] !== undefined) { + contents.TotalFulfilledCapacity = __strictParseFloat(output["totalFulfilledCapacity"]) as number; + } + if (output["tenancy"] !== undefined) { + contents.Tenancy = __expectString(output["tenancy"]); + } + if (output["endDate"] !== undefined) { + contents.EndDate = __expectNonNull(__parseRfc3339DateTime(output["endDate"])); + } + if (output["createTime"] !== undefined) { + contents.CreateTime = __expectNonNull(__parseRfc3339DateTime(output["createTime"])); + } + if (output["instanceMatchCriteria"] !== undefined) { + contents.InstanceMatchCriteria = __expectString(output["instanceMatchCriteria"]); + } + if (output["allocationStrategy"] !== undefined) { + contents.AllocationStrategy = __expectString(output["allocationStrategy"]); + } + if (output.instanceTypeSpecificationSet === "") { + contents.InstanceTypeSpecifications = []; + } + if ( + output["instanceTypeSpecificationSet"] !== undefined && + output["instanceTypeSpecificationSet"]["item"] !== undefined + ) { + contents.InstanceTypeSpecifications = deserializeAws_ec2FleetCapacityReservationSet( + __getArrayIfSingleItem(output["instanceTypeSpecificationSet"]["item"]), + context + ); + } + if (output.tagSet === "") { + contents.Tags = []; + } + if (output["tagSet"] !== undefined && output["tagSet"]["item"] !== undefined) { + contents.Tags = deserializeAws_ec2TagList(__getArrayIfSingleItem(output["tagSet"]["item"]), context); + } + return contents; +}; + +const deserializeAws_ec2CapacityReservationFleetCancellationState = ( + output: any, + context: __SerdeContext +): CapacityReservationFleetCancellationState => { + const contents: any = { + CurrentFleetState: undefined, + PreviousFleetState: undefined, + CapacityReservationFleetId: undefined, + }; + if (output["currentFleetState"] !== undefined) { + contents.CurrentFleetState = __expectString(output["currentFleetState"]); + } + if (output["previousFleetState"] !== undefined) { + contents.PreviousFleetState = __expectString(output["previousFleetState"]); + } + if (output["capacityReservationFleetId"] !== undefined) { + contents.CapacityReservationFleetId = __expectString(output["capacityReservationFleetId"]); + } + return contents; +}; + +const deserializeAws_ec2CapacityReservationFleetCancellationStateSet = ( + output: any, + context: __SerdeContext +): CapacityReservationFleetCancellationState[] => { + return (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return deserializeAws_ec2CapacityReservationFleetCancellationState(entry, context); + }); +}; + +const deserializeAws_ec2CapacityReservationFleetSet = ( + output: any, + context: __SerdeContext +): CapacityReservationFleet[] => { + return (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return deserializeAws_ec2CapacityReservationFleet(entry, context); + }); +}; + const deserializeAws_ec2CapacityReservationGroup = (output: any, context: __SerdeContext): CapacityReservationGroup => { const contents: any = { GroupArn: undefined, @@ -52845,6 +53476,71 @@ const deserializeAws_ec2CpuOptions = (output: any, context: __SerdeContext): Cpu return contents; }; +const deserializeAws_ec2CreateCapacityReservationFleetResult = ( + output: any, + context: __SerdeContext +): CreateCapacityReservationFleetResult => { + const contents: any = { + CapacityReservationFleetId: undefined, + State: undefined, + TotalTargetCapacity: undefined, + TotalFulfilledCapacity: undefined, + InstanceMatchCriteria: undefined, + AllocationStrategy: undefined, + CreateTime: undefined, + EndDate: undefined, + Tenancy: undefined, + FleetCapacityReservations: undefined, + Tags: undefined, + }; + if (output["capacityReservationFleetId"] !== undefined) { + contents.CapacityReservationFleetId = __expectString(output["capacityReservationFleetId"]); + } + if (output["state"] !== undefined) { + contents.State = __expectString(output["state"]); + } + if (output["totalTargetCapacity"] !== undefined) { + contents.TotalTargetCapacity = __strictParseInt32(output["totalTargetCapacity"]) as number; + } + if (output["totalFulfilledCapacity"] !== undefined) { + contents.TotalFulfilledCapacity = __strictParseFloat(output["totalFulfilledCapacity"]) as number; + } + if (output["instanceMatchCriteria"] !== undefined) { + contents.InstanceMatchCriteria = __expectString(output["instanceMatchCriteria"]); + } + if (output["allocationStrategy"] !== undefined) { + contents.AllocationStrategy = __expectString(output["allocationStrategy"]); + } + if (output["createTime"] !== undefined) { + contents.CreateTime = __expectNonNull(__parseRfc3339DateTime(output["createTime"])); + } + if (output["endDate"] !== undefined) { + contents.EndDate = __expectNonNull(__parseRfc3339DateTime(output["endDate"])); + } + if (output["tenancy"] !== undefined) { + contents.Tenancy = __expectString(output["tenancy"]); + } + if (output.fleetCapacityReservationSet === "") { + contents.FleetCapacityReservations = []; + } + if ( + output["fleetCapacityReservationSet"] !== undefined && + output["fleetCapacityReservationSet"]["item"] !== undefined + ) { + contents.FleetCapacityReservations = deserializeAws_ec2FleetCapacityReservationSet( + __getArrayIfSingleItem(output["fleetCapacityReservationSet"]["item"]), + context + ); + } + if (output.tagSet === "") { + contents.Tags = []; + } + if (output["tagSet"] !== undefined && output["tagSet"]["item"] !== undefined) { + contents.Tags = deserializeAws_ec2TagList(__getArrayIfSingleItem(output["tagSet"]["item"]), context); + } + return contents; +}; + const deserializeAws_ec2CreateCapacityReservationResult = ( output: any, context: __SerdeContext @@ -54811,6 +55507,32 @@ const deserializeAws_ec2DescribeByoipCidrsResult = (output: any, context: __Serd return contents; }; +const deserializeAws_ec2DescribeCapacityReservationFleetsResult = ( + output: any, + context: __SerdeContext +): DescribeCapacityReservationFleetsResult => { + const contents: any = { + CapacityReservationFleets: undefined, + NextToken: undefined, + }; + if (output.capacityReservationFleetSet === "") { + contents.CapacityReservationFleets = []; + } + if ( + output["capacityReservationFleetSet"] !== undefined && + output["capacityReservationFleetSet"]["item"] !== undefined + ) { + contents.CapacityReservationFleets = deserializeAws_ec2CapacityReservationFleetSet( + __getArrayIfSingleItem(output["capacityReservationFleetSet"]["item"]), + context + ); + } + if (output["nextToken"] !== undefined) { + contents.NextToken = __expectString(output["nextToken"]); + } + return contents; +}; + const deserializeAws_ec2DescribeCapacityReservationsResult = ( output: any, context: __SerdeContext @@ -59307,6 +60029,40 @@ const deserializeAws_ec2ExportTransitGatewayRoutesResult = ( return contents; }; +const deserializeAws_ec2FailedCapacityReservationFleetCancellationResult = ( + output: any, + context: __SerdeContext +): FailedCapacityReservationFleetCancellationResult => { + const contents: any = { + CapacityReservationFleetId: undefined, + CancelCapacityReservationFleetError: undefined, + }; + if (output["capacityReservationFleetId"] !== undefined) { + contents.CapacityReservationFleetId = __expectString(output["capacityReservationFleetId"]); + } + if (output["cancelCapacityReservationFleetError"] !== undefined) { + contents.CancelCapacityReservationFleetError = deserializeAws_ec2CancelCapacityReservationFleetError( + output["cancelCapacityReservationFleetError"], + context + ); + } + return contents; +}; + +const deserializeAws_ec2FailedCapacityReservationFleetCancellationResultSet = ( + output: any, + context: __SerdeContext +): FailedCapacityReservationFleetCancellationResult[] => { + return (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return deserializeAws_ec2FailedCapacityReservationFleetCancellationResult(entry, context); + }); +}; + const deserializeAws_ec2FailedQueuedPurchaseDeletion = ( output: any, context: __SerdeContext @@ -59352,6 +60108,70 @@ const deserializeAws_ec2FederatedAuthentication = (output: any, context: __Serde return contents; }; +const deserializeAws_ec2FleetCapacityReservation = (output: any, context: __SerdeContext): FleetCapacityReservation => { + const contents: any = { + CapacityReservationId: undefined, + AvailabilityZoneId: undefined, + InstanceType: undefined, + InstancePlatform: undefined, + AvailabilityZone: undefined, + TotalInstanceCount: undefined, + FulfilledCapacity: undefined, + EbsOptimized: undefined, + CreateDate: undefined, + Weight: undefined, + Priority: undefined, + }; + if (output["capacityReservationId"] !== undefined) { + contents.CapacityReservationId = __expectString(output["capacityReservationId"]); + } + if (output["availabilityZoneId"] !== undefined) { + contents.AvailabilityZoneId = __expectString(output["availabilityZoneId"]); + } + if (output["instanceType"] !== undefined) { + contents.InstanceType = __expectString(output["instanceType"]); + } + if (output["instancePlatform"] !== undefined) { + contents.InstancePlatform = __expectString(output["instancePlatform"]); + } + if (output["availabilityZone"] !== undefined) { + contents.AvailabilityZone = __expectString(output["availabilityZone"]); + } + if (output["totalInstanceCount"] !== undefined) { + contents.TotalInstanceCount = __strictParseInt32(output["totalInstanceCount"]) as number; + } + if (output["fulfilledCapacity"] !== undefined) { + contents.FulfilledCapacity = __strictParseFloat(output["fulfilledCapacity"]) as number; + } + if (output["ebsOptimized"] !== undefined) { + contents.EbsOptimized = __parseBoolean(output["ebsOptimized"]); + } + if (output["createDate"] !== undefined) { + contents.CreateDate = __expectNonNull(__parseRfc3339DateTime(output["createDate"])); + } + if (output["weight"] !== undefined) { + contents.Weight = __strictParseFloat(output["weight"]) as number; + } + if (output["priority"] !== undefined) { + contents.Priority = __strictParseInt32(output["priority"]) as number; + } + return contents; +}; + +const deserializeAws_ec2FleetCapacityReservationSet = ( + output: any, + context: __SerdeContext +): FleetCapacityReservation[] => { + return (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return deserializeAws_ec2FleetCapacityReservation(entry, context); + }); +}; + const deserializeAws_ec2FleetData = (output: any, context: __SerdeContext): FleetData => { const contents: any = { ActivityStatus: undefined, @@ -65284,6 +66104,19 @@ const deserializeAws_ec2ModifyAvailabilityZoneGroupResult = ( return contents; }; +const deserializeAws_ec2ModifyCapacityReservationFleetResult = ( + output: any, + context: __SerdeContext +): ModifyCapacityReservationFleetResult => { + const contents: any = { + Return: undefined, + }; + if (output["return"] !== undefined) { + contents.Return = __parseBoolean(output["return"]); + } + return contents; +}; + const deserializeAws_ec2ModifyCapacityReservationResult = ( output: any, context: __SerdeContext diff --git a/clients/client-ec2/src/waiters/waitForSnapshotCompleted.ts b/clients/client-ec2/src/waiters/waitForSnapshotCompleted.ts index 1eabdc769235..88f2d6986553 100644 --- a/clients/client-ec2/src/waiters/waitForSnapshotCompleted.ts +++ b/clients/client-ec2/src/waiters/waitForSnapshotCompleted.ts @@ -24,6 +24,20 @@ const checkState = async (client: EC2Client, input: DescribeSnapshotsCommandInpu return { state: WaiterState.SUCCESS, reason }; } } catch (e) {} + try { + const returnComparator = () => { + const flat_1: any[] = [].concat(...result.Snapshots); + const projection_3 = flat_1.map((element_2: any) => { + return element_2.State; + }); + return projection_3; + }; + for (const anyStringEq_4 of returnComparator()) { + if (anyStringEq_4 == "error") { + return { state: WaiterState.FAILURE, reason }; + } + } + } catch (e) {} } catch (exception) { reason = exception; } diff --git a/clients/client-efs/src/protocols/Aws_restJson1.ts b/clients/client-efs/src/protocols/Aws_restJson1.ts index 8d6f1a4936cd..9d978588f08c 100644 --- a/clients/client-efs/src/protocols/Aws_restJson1.ts +++ b/clients/client-efs/src/protocols/Aws_restJson1.ts @@ -2815,6 +2815,14 @@ const deserializeAws_restJson1PutAccountPreferencesCommandError = async ( let errorCode = "UnknownError"; errorCode = loadRestJsonErrorCode(output, parsedOutput.body); switch (errorCode) { + case "BadRequest": + case "com.amazonaws.efs#BadRequest": + response = { + ...(await deserializeAws_restJson1BadRequestResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; case "InternalServerError": case "com.amazonaws.efs#InternalServerError": response = { diff --git a/clients/client-firehose/src/models/models_0.ts b/clients/client-firehose/src/models/models_0.ts index 604460f8251d..c669e0a45f7a 100644 --- a/clients/client-firehose/src/models/models_0.ts +++ b/clients/client-firehose/src/models/models_0.ts @@ -1,39 +1,16 @@ import { SENSITIVE_STRING } from "@aws-sdk/smithy-client"; import { MetadataBearer as $MetadataBearer, SmithyException as __SmithyException } from "@aws-sdk/types"; -/** - *

                                                Describes hints for the buffering to perform before delivering data to the - * destination. These options are treated as hints, and therefore Kinesis Data Firehose might - * choose to use different values when it is optimal. The SizeInMBs and - * IntervalInSeconds parameters are optional. However, if specify a value for - * one of them, you must also provide a value for the other.

                                                - */ -export interface BufferingHints { - /** - *

                                                Buffer incoming data to the specified size, in MiBs, before delivering it to the - * destination. The default value is 5. This parameter is optional but if you specify a value - * for it, you must also specify a value for IntervalInSeconds, and vice - * versa.

                                                - *

                                                We recommend setting this parameter to a value greater than the amount of data you - * typically ingest into the delivery stream in 10 seconds. For example, if you typically - * ingest data at 1 MiB/sec, the value should be 10 MiB or higher.

                                                - */ - SizeInMBs?: number; - - /** - *

                                                Buffer incoming data for the specified period of time, in seconds, before delivering - * it to the destination. The default value is 300. This parameter is optional but if you - * specify a value for it, you must also specify a value for SizeInMBs, and vice - * versa.

                                                - */ +export interface AmazonopensearchserviceBufferingHints { IntervalInSeconds?: number; + SizeInMBs?: number; } -export namespace BufferingHints { +export namespace AmazonopensearchserviceBufferingHints { /** * @internal */ - export const filterSensitiveLog = (obj: BufferingHints): any => ({ + export const filterSensitiveLog = (obj: AmazonopensearchserviceBufferingHints): any => ({ ...obj, }); } @@ -69,174 +46,14 @@ export namespace CloudWatchLoggingOptions { }); } -export enum CompressionFormat { - GZIP = "GZIP", - HADOOP_SNAPPY = "HADOOP_SNAPPY", - SNAPPY = "Snappy", - UNCOMPRESSED = "UNCOMPRESSED", - ZIP = "ZIP", -} - -/** - *

                                                Another modification has already happened. Fetch VersionId again and use - * it to update the destination.

                                                - */ -export interface ConcurrentModificationException extends __SmithyException, $MetadataBearer { - name: "ConcurrentModificationException"; - $fault: "client"; - /** - *

                                                A message that provides information about the error.

                                                - */ - message?: string; -} - -export namespace ConcurrentModificationException { - /** - * @internal - */ - export const filterSensitiveLog = (obj: ConcurrentModificationException): any => ({ - ...obj, - }); -} - -export enum ContentEncoding { - GZIP = "GZIP", - NONE = "NONE", -} - -/** - *

                                                Describes a COPY command for Amazon Redshift.

                                                - */ -export interface CopyCommand { - /** - *

                                                The name of the target table. The table must already exist in the database.

                                                - */ - DataTableName: string | undefined; - - /** - *

                                                A comma-separated list of column names.

                                                - */ - DataTableColumns?: string; - - /** - *

                                                Optional parameters to use with the Amazon Redshift COPY command. For - * more information, see the "Optional Parameters" section of Amazon Redshift COPY command. Some possible - * examples that would apply to Kinesis Data Firehose are as follows:

                                                - *

                                                - * delimiter '\t' lzop; - fields are delimited with "\t" (TAB character) and - * compressed using lzop.

                                                - *

                                                - * delimiter '|' - fields are delimited with "|" (this is the default - * delimiter).

                                                - *

                                                - * delimiter '|' escape - the delimiter should be escaped.

                                                - *

                                                - * fixedwidth 'venueid:3,venuename:25,venuecity:12,venuestate:2,venueseats:6' - - * fields are fixed width in the source, with each width specified after every column in the - * table.

                                                - *

                                                - * JSON 's3://mybucket/jsonpaths.txt' - data is in JSON format, and the path - * specified is the format of the data.

                                                - *

                                                For more examples, see Amazon Redshift COPY command - * examples.

                                                - */ - CopyOptions?: string; -} - -export namespace CopyCommand { - /** - * @internal - */ - export const filterSensitiveLog = (obj: CopyCommand): any => ({ - ...obj, - }); -} - -export enum KeyType { - AWS_OWNED_CMK = "AWS_OWNED_CMK", - CUSTOMER_MANAGED_CMK = "CUSTOMER_MANAGED_CMK", -} - -/** - *

                                                Specifies the type and Amazon Resource Name (ARN) of the CMK to use for Server-Side - * Encryption (SSE).

                                                - */ -export interface DeliveryStreamEncryptionConfigurationInput { - /** - *

                                                If you set KeyType to CUSTOMER_MANAGED_CMK, you must specify - * the Amazon Resource Name (ARN) of the CMK. If you set KeyType to - * AWS_OWNED_CMK, Kinesis Data Firehose uses a service-account CMK.

                                                - */ - KeyARN?: string; - - /** - *

                                                Indicates the type of customer master key (CMK) to use for encryption. The default - * setting is AWS_OWNED_CMK. For more information about CMKs, see Customer - * Master Keys (CMKs). When you invoke CreateDeliveryStream or - * StartDeliveryStreamEncryption with KeyType set to - * CUSTOMER_MANAGED_CMK, Kinesis Data Firehose invokes the Amazon KMS operation CreateGrant to create a grant that allows the Kinesis Data Firehose service to - * use the customer managed CMK to perform encryption and decryption. Kinesis Data Firehose - * manages that grant.

                                                - *

                                                When you invoke StartDeliveryStreamEncryption to change the CMK for a - * delivery stream that is encrypted with a customer managed CMK, Kinesis Data Firehose - * schedules the grant it had on the old CMK for retirement.

                                                - *

                                                You can use a CMK of type CUSTOMER_MANAGED_CMK to encrypt up to 500 delivery streams. If - * a CreateDeliveryStream or StartDeliveryStreamEncryption - * operation exceeds this limit, Kinesis Data Firehose throws a - * LimitExceededException.

                                                - * - *

                                                To encrypt your delivery stream, use symmetric CMKs. Kinesis Data Firehose doesn't - * support asymmetric CMKs. For information about symmetric and asymmetric CMKs, see About - * Symmetric and Asymmetric CMKs in the AWS Key Management Service developer - * guide.

                                                - *                                                 - */ - KeyType: KeyType | string | undefined; -} - -export namespace DeliveryStreamEncryptionConfigurationInput { - /** - * @internal - */ - export const filterSensitiveLog = (obj: DeliveryStreamEncryptionConfigurationInput): any => ({ - ...obj, - }); -} - -export type DeliveryStreamType = "DirectPut" | "KinesisStreamAsSource"; - -/** - *

                                                Describes the buffering to perform before delivering data to the Amazon ES - * destination.

                                                - */ -export interface ElasticsearchBufferingHints { - /** - *

                                                Buffer incoming data for the specified period of time, in seconds, before delivering - * it to the destination. The default value is 300 (5 minutes).

                                                - */ - IntervalInSeconds?: number; - - /** - *

                                                Buffer incoming data to the specified size, in MBs, before delivering it to the - * destination. The default value is 5.

                                                - *

                                                We recommend setting this parameter to a value greater than the amount of data you - * typically ingest into the delivery stream in 10 seconds. For example, if you typically - * ingest data at 1 MB/sec, the value should be 10 MB or higher.

                                                - */ - SizeInMBs?: number; -} - -export namespace ElasticsearchBufferingHints { - /** - * @internal - */ - export const filterSensitiveLog = (obj: ElasticsearchBufferingHints): any => ({ - ...obj, - }); +export enum AmazonopensearchserviceIndexRotationPeriod { + NoRotation = "NoRotation", + OneDay = "OneDay", + OneHour = "OneHour", + OneMonth = "OneMonth", + OneWeek = "OneWeek", } -export type ElasticsearchIndexRotationPeriod = "NoRotation" | "OneDay" | "OneHour" | "OneMonth" | "OneWeek"; - export enum ProcessorParameterName { BUFFER_INTERVAL_IN_SECONDS = "BufferIntervalInSeconds", BUFFER_SIZE_IN_MB = "BufferSizeInMBs", @@ -323,30 +140,68 @@ export namespace ProcessingConfiguration { }); } +export interface AmazonopensearchserviceRetryOptions { + DurationInSeconds?: number; +} + +export namespace AmazonopensearchserviceRetryOptions { + /** + * @internal + */ + export const filterSensitiveLog = (obj: AmazonopensearchserviceRetryOptions): any => ({ + ...obj, + }); +} + +export enum AmazonopensearchserviceS3BackupMode { + AllDocuments = "AllDocuments", + FailedDocumentsOnly = "FailedDocumentsOnly", +} + /** - *

                                                Configures retry behavior in case Kinesis Data Firehose is unable to deliver - * documents to Amazon ES.

                                                + *

                                                Describes hints for the buffering to perform before delivering data to the + * destination. These options are treated as hints, and therefore Kinesis Data Firehose might + * choose to use different values when it is optimal. The SizeInMBs and + * IntervalInSeconds parameters are optional. However, if specify a value for + * one of them, you must also provide a value for the other.

                                                */ -export interface ElasticsearchRetryOptions { +export interface BufferingHints { /** - *

                                                After an initial failure to deliver to Amazon ES, the total amount of time during - * which Kinesis Data Firehose retries delivery (including the first attempt). After this time - * has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 - * minutes). A value of 0 (zero) results in no retries.

                                                + *

                                                Buffer incoming data to the specified size, in MiBs, before delivering it to the + * destination. The default value is 5. This parameter is optional but if you specify a value + * for it, you must also specify a value for IntervalInSeconds, and vice + * versa.

                                                + *

                                                We recommend setting this parameter to a value greater than the amount of data you + * typically ingest into the delivery stream in 10 seconds. For example, if you typically + * ingest data at 1 MiB/sec, the value should be 10 MiB or higher.

                                                */ - DurationInSeconds?: number; + SizeInMBs?: number; + + /** + *

                                                Buffer incoming data for the specified period of time, in seconds, before delivering + * it to the destination. The default value is 300. This parameter is optional but if you + * specify a value for it, you must also specify a value for SizeInMBs, and vice + * versa.

                                                + */ + IntervalInSeconds?: number; } -export namespace ElasticsearchRetryOptions { +export namespace BufferingHints { /** * @internal */ - export const filterSensitiveLog = (obj: ElasticsearchRetryOptions): any => ({ + export const filterSensitiveLog = (obj: BufferingHints): any => ({ ...obj, }); } -export type ElasticsearchS3BackupMode = "AllDocuments" | "FailedDocumentsOnly"; +export enum CompressionFormat { + GZIP = "GZIP", + HADOOP_SNAPPY = "HADOOP_SNAPPY", + SNAPPY = "Snappy", + UNCOMPRESSED = "UNCOMPRESSED", + ZIP = "ZIP", +} /** *

                                                Describes an encryption key for a destination in Amazon S3.

                                                @@ -539,28 +394,561 @@ export interface VpcConfiguration { RoleARN: string | undefined; /** - *

                                                The IDs of the security groups that you want Kinesis Data Firehose to use when it - * creates ENIs in the VPC of the Amazon ES destination. You can use the same security group - * that the Amazon ES domain uses or different ones. If you specify different security groups - * here, ensure that they allow outbound HTTPS traffic to the Amazon ES domain's security - * group. Also ensure that the Amazon ES domain's security group allows HTTPS traffic from the - * security groups specified here. If you use the same security group for both your delivery - * stream and the Amazon ES domain, make sure the security group inbound rule allows HTTPS - * traffic. For more information about security group rules, see Security group - * rules in the Amazon VPC documentation.

                                                + *

                                                The IDs of the security groups that you want Kinesis Data Firehose to use when it + * creates ENIs in the VPC of the Amazon ES destination. You can use the same security group + * that the Amazon ES domain uses or different ones. If you specify different security groups + * here, ensure that they allow outbound HTTPS traffic to the Amazon ES domain's security + * group. Also ensure that the Amazon ES domain's security group allows HTTPS traffic from the + * security groups specified here. If you use the same security group for both your delivery + * stream and the Amazon ES domain, make sure the security group inbound rule allows HTTPS + * traffic. For more information about security group rules, see Security group + * rules in the Amazon VPC documentation.

                                                + */ + SecurityGroupIds: string[] | undefined; +} + +export namespace VpcConfiguration { + /** + * @internal + */ + export const filterSensitiveLog = (obj: VpcConfiguration): any => ({ + ...obj, + }); +} + +export interface AmazonopensearchserviceDestinationConfiguration { + RoleARN: string | undefined; + DomainARN?: string; + ClusterEndpoint?: string; + IndexName: string | undefined; + TypeName?: string; + IndexRotationPeriod?: AmazonopensearchserviceIndexRotationPeriod | string; + BufferingHints?: AmazonopensearchserviceBufferingHints; + RetryOptions?: AmazonopensearchserviceRetryOptions; + S3BackupMode?: AmazonopensearchserviceS3BackupMode | string; + /** + *

                                                Describes the configuration of a destination in Amazon S3.

                                                + */ + S3Configuration: S3DestinationConfiguration | undefined; + + /** + *

                                                Describes a data processing configuration.

                                                + */ + ProcessingConfiguration?: ProcessingConfiguration; + + /** + *

                                                Describes the Amazon CloudWatch logging options for your delivery stream.

                                                + */ + CloudWatchLoggingOptions?: CloudWatchLoggingOptions; + + /** + *

                                                The details of the VPC of the Amazon ES destination.

                                                + */ + VpcConfiguration?: VpcConfiguration; +} + +export namespace AmazonopensearchserviceDestinationConfiguration { + /** + * @internal + */ + export const filterSensitiveLog = (obj: AmazonopensearchserviceDestinationConfiguration): any => ({ + ...obj, + }); +} + +/** + *

                                                Describes a destination in Amazon S3.

                                                + */ +export interface S3DestinationDescription { + /** + *

                                                The Amazon Resource Name (ARN) of the AWS credentials. For more information, see + * Amazon + * Resource Names (ARNs) and AWS Service Namespaces.

                                                + */ + RoleARN: string | undefined; + + /** + *

                                                The ARN of the S3 bucket. For more information, see Amazon Resource Names (ARNs) and + * AWS Service Namespaces.

                                                + */ + BucketARN: string | undefined; + + /** + *

                                                The "YYYY/MM/DD/HH" time format prefix is automatically used for delivered Amazon S3 + * files. You can also specify a custom prefix, as described in Custom Prefixes for Amazon S3 + * Objects.

                                                + */ + Prefix?: string; + + /** + *

                                                A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing + * them to S3. This prefix appears immediately following the bucket name. For information + * about how to specify this prefix, see Custom Prefixes for Amazon S3 + * Objects.

                                                + */ + ErrorOutputPrefix?: string; + + /** + *

                                                The buffering option. If no value is specified, BufferingHints object + * default values are used.

                                                + */ + BufferingHints: BufferingHints | undefined; + + /** + *

                                                The compression format. If no value is specified, the default is + * UNCOMPRESSED.

                                                + */ + CompressionFormat: CompressionFormat | string | undefined; + + /** + *

                                                The encryption configuration. If no value is specified, the default is no + * encryption.

                                                + */ + EncryptionConfiguration: EncryptionConfiguration | undefined; + + /** + *

                                                The Amazon CloudWatch logging options for your delivery stream.

                                                + */ + CloudWatchLoggingOptions?: CloudWatchLoggingOptions; +} + +export namespace S3DestinationDescription { + /** + * @internal + */ + export const filterSensitiveLog = (obj: S3DestinationDescription): any => ({ + ...obj, + }); +} + +/** + *

                                                The details of the VPC of the Amazon ES destination.

                                                + */ +export interface VpcConfigurationDescription { + /** + *

                                                The IDs of the subnets that Kinesis Data Firehose uses to create ENIs in the VPC of the + * Amazon ES destination. Make sure that the routing tables and inbound and outbound rules + * allow traffic to flow from the subnets whose IDs are specified here to the subnets that + * have the destination Amazon ES endpoints. Kinesis Data Firehose creates at least one ENI in + * each of the subnets that are specified here. Do not delete or modify these ENIs.

                                                + *

                                                The number of ENIs that Kinesis Data Firehose creates in the subnets specified here + * scales up and down automatically based on throughput. To enable Kinesis Data Firehose to + * scale up the number of ENIs to match throughput, ensure that you have sufficient quota. To + * help you calculate the quota you need, assume that Kinesis Data Firehose can create up to + * three ENIs for this delivery stream for each of the subnets specified here. For more + * information about ENI quota, see Network Interfaces + * in the Amazon VPC Quotas topic.

                                                + */ + SubnetIds: string[] | undefined; + + /** + *

                                                The ARN of the IAM role that the delivery stream uses to create endpoints in the + * destination VPC. You can use your existing Kinesis Data Firehose delivery role or you can + * specify a new role. In either case, make sure that the role trusts the Kinesis Data + * Firehose service principal and that it grants the following permissions:

                                                + *
                                                  + *
                                                • + *

                                                  + * ec2:DescribeVpcs + *

                                                  + *
                                                  • + *
                                                • + *

                                                  + * ec2:DescribeVpcAttribute + *

                                                  + *
                                                  • + *
                                                • + *

                                                  + * ec2:DescribeSubnets + *

                                                  + *
                                                  • + *
                                                • + *

                                                  + * ec2:DescribeSecurityGroups + *

                                                  + *
                                                  • + *
                                                • + *

                                                  + * ec2:DescribeNetworkInterfaces + *

                                                  + *
                                                  • + *
                                                • + *

                                                  + * ec2:CreateNetworkInterface + *

                                                  + *
                                                  • + *
                                                • + *

                                                  + * ec2:CreateNetworkInterfacePermission + *

                                                  + *
                                                  • + *
                                                • + *

                                                  + * ec2:DeleteNetworkInterface + *

                                                  + *
                                                  • + *
                                                + *

                                                If you revoke these permissions after you create the delivery stream, Kinesis Data + * Firehose can't scale out by creating more ENIs when necessary. You might therefore see a + * degradation in performance.

                                                + */ + RoleARN: string | undefined; + + /** + *

                                                The IDs of the security groups that Kinesis Data Firehose uses when it creates ENIs in + * the VPC of the Amazon ES destination. You can use the same security group that the Amazon + * ES domain uses or different ones. If you specify different security groups, ensure that + * they allow outbound HTTPS traffic to the Amazon ES domain's security group. Also ensure + * that the Amazon ES domain's security group allows HTTPS traffic from the security groups + * specified here. If you use the same security group for both your delivery stream and the + * Amazon ES domain, make sure the security group inbound rule allows HTTPS traffic. For more + * information about security group rules, see Security group + * rules in the Amazon VPC documentation.

                                                + */ + SecurityGroupIds: string[] | undefined; + + /** + *

                                                The ID of the Amazon ES destination's VPC.

                                                + */ + VpcId: string | undefined; +} + +export namespace VpcConfigurationDescription { + /** + * @internal + */ + export const filterSensitiveLog = (obj: VpcConfigurationDescription): any => ({ + ...obj, + }); +} + +export interface AmazonopensearchserviceDestinationDescription { + RoleARN?: string; + DomainARN?: string; + ClusterEndpoint?: string; + IndexName?: string; + TypeName?: string; + IndexRotationPeriod?: AmazonopensearchserviceIndexRotationPeriod | string; + BufferingHints?: AmazonopensearchserviceBufferingHints; + RetryOptions?: AmazonopensearchserviceRetryOptions; + S3BackupMode?: AmazonopensearchserviceS3BackupMode | string; + /** + *

                                                Describes a destination in Amazon S3.

                                                + */ + S3DestinationDescription?: S3DestinationDescription; + + /** + *

                                                Describes a data processing configuration.

                                                + */ + ProcessingConfiguration?: ProcessingConfiguration; + + /** + *

                                                Describes the Amazon CloudWatch logging options for your delivery stream.

                                                + */ + CloudWatchLoggingOptions?: CloudWatchLoggingOptions; + + /** + *

                                                The details of the VPC of the Amazon ES destination.

                                                + */ + VpcConfigurationDescription?: VpcConfigurationDescription; +} + +export namespace AmazonopensearchserviceDestinationDescription { + /** + * @internal + */ + export const filterSensitiveLog = (obj: AmazonopensearchserviceDestinationDescription): any => ({ + ...obj, + }); +} + +/** + *

                                                Describes an update for a destination in Amazon S3.

                                                + */ +export interface S3DestinationUpdate { + /** + *

                                                The Amazon Resource Name (ARN) of the AWS credentials. For more information, see + * Amazon + * Resource Names (ARNs) and AWS Service Namespaces.

                                                + */ + RoleARN?: string; + + /** + *

                                                The ARN of the S3 bucket. For more information, see Amazon Resource Names (ARNs) and + * AWS Service Namespaces.

                                                + */ + BucketARN?: string; + + /** + *

                                                The "YYYY/MM/DD/HH" time format prefix is automatically used for delivered Amazon S3 + * files. You can also specify a custom prefix, as described in Custom Prefixes for Amazon S3 + * Objects.

                                                + */ + Prefix?: string; + + /** + *

                                                A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing + * them to S3. This prefix appears immediately following the bucket name. For information + * about how to specify this prefix, see Custom Prefixes for Amazon S3 + * Objects.

                                                + */ + ErrorOutputPrefix?: string; + + /** + *

                                                The buffering option. If no value is specified, BufferingHints object + * default values are used.

                                                + */ + BufferingHints?: BufferingHints; + + /** + *

                                                The compression format. If no value is specified, the default is + * UNCOMPRESSED.

                                                + *

                                                The compression formats SNAPPY or ZIP cannot be specified + * for Amazon Redshift destinations because they are not supported by the Amazon Redshift + * COPY operation that reads from the S3 bucket.

                                                + */ + CompressionFormat?: CompressionFormat | string; + + /** + *

                                                The encryption configuration. If no value is specified, the default is no + * encryption.

                                                + */ + EncryptionConfiguration?: EncryptionConfiguration; + + /** + *

                                                The CloudWatch logging options for your delivery stream.

                                                + */ + CloudWatchLoggingOptions?: CloudWatchLoggingOptions; +} + +export namespace S3DestinationUpdate { + /** + * @internal + */ + export const filterSensitiveLog = (obj: S3DestinationUpdate): any => ({ + ...obj, + }); +} + +export interface AmazonopensearchserviceDestinationUpdate { + RoleARN?: string; + DomainARN?: string; + ClusterEndpoint?: string; + IndexName?: string; + TypeName?: string; + IndexRotationPeriod?: AmazonopensearchserviceIndexRotationPeriod | string; + BufferingHints?: AmazonopensearchserviceBufferingHints; + RetryOptions?: AmazonopensearchserviceRetryOptions; + /** + *

                                                Describes an update for a destination in Amazon S3.

                                                + */ + S3Update?: S3DestinationUpdate; + + /** + *

                                                Describes a data processing configuration.

                                                + */ + ProcessingConfiguration?: ProcessingConfiguration; + + /** + *

                                                Describes the Amazon CloudWatch logging options for your delivery stream.

                                                + */ + CloudWatchLoggingOptions?: CloudWatchLoggingOptions; +} + +export namespace AmazonopensearchserviceDestinationUpdate { + /** + * @internal + */ + export const filterSensitiveLog = (obj: AmazonopensearchserviceDestinationUpdate): any => ({ + ...obj, + }); +} + +/** + *

                                                Another modification has already happened. Fetch VersionId again and use + * it to update the destination.

                                                + */ +export interface ConcurrentModificationException extends __SmithyException, $MetadataBearer { + name: "ConcurrentModificationException"; + $fault: "client"; + /** + *

                                                A message that provides information about the error.

                                                + */ + message?: string; +} + +export namespace ConcurrentModificationException { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ConcurrentModificationException): any => ({ + ...obj, + }); +} + +export enum ContentEncoding { + GZIP = "GZIP", + NONE = "NONE", +} + +/** + *

                                                Describes a COPY command for Amazon Redshift.

                                                + */ +export interface CopyCommand { + /** + *

                                                The name of the target table. The table must already exist in the database.

                                                + */ + DataTableName: string | undefined; + + /** + *

                                                A comma-separated list of column names.

                                                + */ + DataTableColumns?: string; + + /** + *

                                                Optional parameters to use with the Amazon Redshift COPY command. For + * more information, see the "Optional Parameters" section of Amazon Redshift COPY command. Some possible + * examples that would apply to Kinesis Data Firehose are as follows:

                                                + *

                                                + * delimiter '\t' lzop; - fields are delimited with "\t" (TAB character) and + * compressed using lzop.

                                                + *

                                                + * delimiter '|' - fields are delimited with "|" (this is the default + * delimiter).

                                                + *

                                                + * delimiter '|' escape - the delimiter should be escaped.

                                                + *

                                                + * fixedwidth 'venueid:3,venuename:25,venuecity:12,venuestate:2,venueseats:6' - + * fields are fixed width in the source, with each width specified after every column in the + * table.

                                                + *

                                                + * JSON 's3://mybucket/jsonpaths.txt' - data is in JSON format, and the path + * specified is the format of the data.

                                                + *

                                                For more examples, see Amazon Redshift COPY command + * examples.

                                                + */ + CopyOptions?: string; +} + +export namespace CopyCommand { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CopyCommand): any => ({ + ...obj, + }); +} + +export enum KeyType { + AWS_OWNED_CMK = "AWS_OWNED_CMK", + CUSTOMER_MANAGED_CMK = "CUSTOMER_MANAGED_CMK", +} + +/** + *

                                                Specifies the type and Amazon Resource Name (ARN) of the CMK to use for Server-Side + * Encryption (SSE).

                                                + */ +export interface DeliveryStreamEncryptionConfigurationInput { + /** + *

                                                If you set KeyType to CUSTOMER_MANAGED_CMK, you must specify + * the Amazon Resource Name (ARN) of the CMK. If you set KeyType to + * AWS_OWNED_CMK, Kinesis Data Firehose uses a service-account CMK.

                                                + */ + KeyARN?: string; + + /** + *

                                                Indicates the type of customer master key (CMK) to use for encryption. The default + * setting is AWS_OWNED_CMK. For more information about CMKs, see Customer + * Master Keys (CMKs). When you invoke CreateDeliveryStream or + * StartDeliveryStreamEncryption with KeyType set to + * CUSTOMER_MANAGED_CMK, Kinesis Data Firehose invokes the Amazon KMS operation CreateGrant to create a grant that allows the Kinesis Data Firehose service to + * use the customer managed CMK to perform encryption and decryption. Kinesis Data Firehose + * manages that grant.

                                                + *

                                                When you invoke StartDeliveryStreamEncryption to change the CMK for a + * delivery stream that is encrypted with a customer managed CMK, Kinesis Data Firehose + * schedules the grant it had on the old CMK for retirement.

                                                + *

                                                You can use a CMK of type CUSTOMER_MANAGED_CMK to encrypt up to 500 delivery streams. If + * a CreateDeliveryStream or StartDeliveryStreamEncryption + * operation exceeds this limit, Kinesis Data Firehose throws a + * LimitExceededException.

                                                + * + *

                                                To encrypt your delivery stream, use symmetric CMKs. Kinesis Data Firehose doesn't + * support asymmetric CMKs. For information about symmetric and asymmetric CMKs, see About + * Symmetric and Asymmetric CMKs in the AWS Key Management Service developer + * guide.

                                                + *                                                 + */ + KeyType: KeyType | string | undefined; +} + +export namespace DeliveryStreamEncryptionConfigurationInput { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DeliveryStreamEncryptionConfigurationInput): any => ({ + ...obj, + }); +} + +export type DeliveryStreamType = "DirectPut" | "KinesisStreamAsSource"; + +/** + *

                                                Describes the buffering to perform before delivering data to the Amazon ES + * destination.

                                                + */ +export interface ElasticsearchBufferingHints { + /** + *

                                                Buffer incoming data for the specified period of time, in seconds, before delivering + * it to the destination. The default value is 300 (5 minutes).

                                                + */ + IntervalInSeconds?: number; + + /** + *

                                                Buffer incoming data to the specified size, in MBs, before delivering it to the + * destination. The default value is 5.

                                                + *

                                                We recommend setting this parameter to a value greater than the amount of data you + * typically ingest into the delivery stream in 10 seconds. For example, if you typically + * ingest data at 1 MB/sec, the value should be 10 MB or higher.

                                                + */ + SizeInMBs?: number; +} + +export namespace ElasticsearchBufferingHints { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ElasticsearchBufferingHints): any => ({ + ...obj, + }); +} + +export type ElasticsearchIndexRotationPeriod = "NoRotation" | "OneDay" | "OneHour" | "OneMonth" | "OneWeek"; + +/** + *

                                                Configures retry behavior in case Kinesis Data Firehose is unable to deliver + * documents to Amazon ES.

                                                + */ +export interface ElasticsearchRetryOptions { + /** + *

                                                After an initial failure to deliver to Amazon ES, the total amount of time during + * which Kinesis Data Firehose retries delivery (including the first attempt). After this time + * has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 + * minutes). A value of 0 (zero) results in no retries.

                                                */ - SecurityGroupIds: string[] | undefined; + DurationInSeconds?: number; } -export namespace VpcConfiguration { +export namespace ElasticsearchRetryOptions { /** * @internal */ - export const filterSensitiveLog = (obj: VpcConfiguration): any => ({ + export const filterSensitiveLog = (obj: ElasticsearchRetryOptions): any => ({ ...obj, }); } +export type ElasticsearchS3BackupMode = "AllDocuments" | "FailedDocumentsOnly"; + /** *

                                                Describes the configuration of a destination in Amazon ES.

                                                */ @@ -1815,6 +2203,7 @@ export interface CreateDeliveryStreamInput { */ ElasticsearchDestinationConfiguration?: ElasticsearchDestinationConfiguration; + AmazonopensearchserviceDestinationConfiguration?: AmazonopensearchserviceDestinationConfiguration; /** *

                                                The destination in Splunk. You can specify only one destination.

                                                */ @@ -2126,172 +2515,6 @@ export enum DeliveryStreamStatus { DELETING_FAILED = "DELETING_FAILED", } -/** - *

                                                Describes a destination in Amazon S3.

                                                - */ -export interface S3DestinationDescription { - /** - *

                                                The Amazon Resource Name (ARN) of the AWS credentials. For more information, see - * Amazon - * Resource Names (ARNs) and AWS Service Namespaces.

                                                - */ - RoleARN: string | undefined; - - /** - *

                                                The ARN of the S3 bucket. For more information, see Amazon Resource Names (ARNs) and - * AWS Service Namespaces.

                                                - */ - BucketARN: string | undefined; - - /** - *

                                                The "YYYY/MM/DD/HH" time format prefix is automatically used for delivered Amazon S3 - * files. You can also specify a custom prefix, as described in Custom Prefixes for Amazon S3 - * Objects.

                                                - */ - Prefix?: string; - - /** - *

                                                A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing - * them to S3. This prefix appears immediately following the bucket name. For information - * about how to specify this prefix, see Custom Prefixes for Amazon S3 - * Objects.

                                                - */ - ErrorOutputPrefix?: string; - - /** - *

                                                The buffering option. If no value is specified, BufferingHints object - * default values are used.

                                                - */ - BufferingHints: BufferingHints | undefined; - - /** - *

                                                The compression format. If no value is specified, the default is - * UNCOMPRESSED.

                                                - */ - CompressionFormat: CompressionFormat | string | undefined; - - /** - *

                                                The encryption configuration. If no value is specified, the default is no - * encryption.

                                                - */ - EncryptionConfiguration: EncryptionConfiguration | undefined; - - /** - *

                                                The Amazon CloudWatch logging options for your delivery stream.

                                                - */ - CloudWatchLoggingOptions?: CloudWatchLoggingOptions; -} - -export namespace S3DestinationDescription { - /** - * @internal - */ - export const filterSensitiveLog = (obj: S3DestinationDescription): any => ({ - ...obj, - }); -} - -/** - *

                                                The details of the VPC of the Amazon ES destination.

                                                - */ -export interface VpcConfigurationDescription { - /** - *

                                                The IDs of the subnets that Kinesis Data Firehose uses to create ENIs in the VPC of the - * Amazon ES destination. Make sure that the routing tables and inbound and outbound rules - * allow traffic to flow from the subnets whose IDs are specified here to the subnets that - * have the destination Amazon ES endpoints. Kinesis Data Firehose creates at least one ENI in - * each of the subnets that are specified here. Do not delete or modify these ENIs.

                                                - *

                                                The number of ENIs that Kinesis Data Firehose creates in the subnets specified here - * scales up and down automatically based on throughput. To enable Kinesis Data Firehose to - * scale up the number of ENIs to match throughput, ensure that you have sufficient quota. To - * help you calculate the quota you need, assume that Kinesis Data Firehose can create up to - * three ENIs for this delivery stream for each of the subnets specified here. For more - * information about ENI quota, see Network Interfaces - * in the Amazon VPC Quotas topic.

                                                - */ - SubnetIds: string[] | undefined; - - /** - *

                                                The ARN of the IAM role that the delivery stream uses to create endpoints in the - * destination VPC. You can use your existing Kinesis Data Firehose delivery role or you can - * specify a new role. In either case, make sure that the role trusts the Kinesis Data - * Firehose service principal and that it grants the following permissions:

                                                - *
                                                  - *
                                                • - *

                                                  - * ec2:DescribeVpcs - *

                                                  - *
                                                  • - *
                                                • - *

                                                  - * ec2:DescribeVpcAttribute - *

                                                  - *
                                                  • - *
                                                • - *

                                                  - * ec2:DescribeSubnets - *

                                                  - *
                                                  • - *
                                                • - *

                                                  - * ec2:DescribeSecurityGroups - *

                                                  - *
                                                  • - *
                                                • - *

                                                  - * ec2:DescribeNetworkInterfaces - *

                                                  - *
                                                  • - *
                                                • - *

                                                  - * ec2:CreateNetworkInterface - *

                                                  - *
                                                  • - *
                                                • - *

                                                  - * ec2:CreateNetworkInterfacePermission - *

                                                  - *
                                                  • - *
                                                • - *

                                                  - * ec2:DeleteNetworkInterface - *

                                                  - *
                                                  • - *
                                                - *

                                                If you revoke these permissions after you create the delivery stream, Kinesis Data - * Firehose can't scale out by creating more ENIs when necessary. You might therefore see a - * degradation in performance.

                                                - */ - RoleARN: string | undefined; - - /** - *

                                                The IDs of the security groups that Kinesis Data Firehose uses when it creates ENIs in - * the VPC of the Amazon ES destination. You can use the same security group that the Amazon - * ES domain uses or different ones. If you specify different security groups, ensure that - * they allow outbound HTTPS traffic to the Amazon ES domain's security group. Also ensure - * that the Amazon ES domain's security group allows HTTPS traffic from the security groups - * specified here. If you use the same security group for both your delivery stream and the - * Amazon ES domain, make sure the security group inbound rule allows HTTPS traffic. For more - * information about security group rules, see Security group - * rules in the Amazon VPC documentation.

                                                - */ - SecurityGroupIds: string[] | undefined; - - /** - *

                                                The ID of the Amazon ES destination's VPC.

                                                - */ - VpcId: string | undefined; -} - -export namespace VpcConfigurationDescription { - /** - * @internal - */ - export const filterSensitiveLog = (obj: VpcConfigurationDescription): any => ({ - ...obj, - }); -} - /** *

                                                The destination description in Amazon ES.

                                                */ @@ -2740,6 +2963,7 @@ export interface DestinationDescription { */ ElasticsearchDestinationDescription?: ElasticsearchDestinationDescription; + AmazonopensearchserviceDestinationDescription?: AmazonopensearchserviceDestinationDescription; /** *

                                                The destination in Splunk.

                                                */ @@ -2973,74 +3197,6 @@ export namespace DescribeDeliveryStreamOutput { }); } -/** - *

                                                Describes an update for a destination in Amazon S3.

                                                - */ -export interface S3DestinationUpdate { - /** - *

                                                The Amazon Resource Name (ARN) of the AWS credentials. For more information, see - * Amazon - * Resource Names (ARNs) and AWS Service Namespaces.

                                                - */ - RoleARN?: string; - - /** - *

                                                The ARN of the S3 bucket. For more information, see Amazon Resource Names (ARNs) and - * AWS Service Namespaces.

                                                - */ - BucketARN?: string; - - /** - *

                                                The "YYYY/MM/DD/HH" time format prefix is automatically used for delivered Amazon S3 - * files. You can also specify a custom prefix, as described in Custom Prefixes for Amazon S3 - * Objects.

                                                - */ - Prefix?: string; - - /** - *

                                                A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing - * them to S3. This prefix appears immediately following the bucket name. For information - * about how to specify this prefix, see Custom Prefixes for Amazon S3 - * Objects.

                                                - */ - ErrorOutputPrefix?: string; - - /** - *

                                                The buffering option. If no value is specified, BufferingHints object - * default values are used.

                                                - */ - BufferingHints?: BufferingHints; - - /** - *

                                                The compression format. If no value is specified, the default is - * UNCOMPRESSED.

                                                - *

                                                The compression formats SNAPPY or ZIP cannot be specified - * for Amazon Redshift destinations because they are not supported by the Amazon Redshift - * COPY operation that reads from the S3 bucket.

                                                - */ - CompressionFormat?: CompressionFormat | string; - - /** - *

                                                The encryption configuration. If no value is specified, the default is no - * encryption.

                                                - */ - EncryptionConfiguration?: EncryptionConfiguration; - - /** - *

                                                The CloudWatch logging options for your delivery stream.

                                                - */ - CloudWatchLoggingOptions?: CloudWatchLoggingOptions; -} - -export namespace S3DestinationUpdate { - /** - * @internal - */ - export const filterSensitiveLog = (obj: S3DestinationUpdate): any => ({ - ...obj, - }); -} - /** *

                                                Describes an update for a destination in Amazon ES.

                                                */ @@ -3912,6 +4068,7 @@ export interface UpdateDestinationInput { */ ElasticsearchDestinationUpdate?: ElasticsearchDestinationUpdate; + AmazonopensearchserviceDestinationUpdate?: AmazonopensearchserviceDestinationUpdate; /** *

                                                Describes an update for a destination in Splunk.

                                                */ diff --git a/clients/client-firehose/src/protocols/Aws_json1_1.ts b/clients/client-firehose/src/protocols/Aws_json1_1.ts index 29d41ea25638..d00d360746e8 100644 --- a/clients/client-firehose/src/protocols/Aws_json1_1.ts +++ b/clients/client-firehose/src/protocols/Aws_json1_1.ts @@ -56,6 +56,11 @@ import { import { UpdateDestinationCommandInput, UpdateDestinationCommandOutput } from "../commands/UpdateDestinationCommand"; import { _Record, + AmazonopensearchserviceBufferingHints, + AmazonopensearchserviceDestinationConfiguration, + AmazonopensearchserviceDestinationDescription, + AmazonopensearchserviceDestinationUpdate, + AmazonopensearchserviceRetryOptions, BufferingHints, CloudWatchLoggingOptions, ConcurrentModificationException, @@ -1274,6 +1279,102 @@ const deserializeAws_json1_1ServiceUnavailableExceptionResponse = async ( return contents; }; +const serializeAws_json1_1AmazonopensearchserviceBufferingHints = ( + input: AmazonopensearchserviceBufferingHints, + context: __SerdeContext +): any => { + return { + ...(input.IntervalInSeconds !== undefined && + input.IntervalInSeconds !== null && { IntervalInSeconds: input.IntervalInSeconds }), + ...(input.SizeInMBs !== undefined && input.SizeInMBs !== null && { SizeInMBs: input.SizeInMBs }), + }; +}; + +const serializeAws_json1_1AmazonopensearchserviceDestinationConfiguration = ( + input: AmazonopensearchserviceDestinationConfiguration, + context: __SerdeContext +): any => { + return { + ...(input.BufferingHints !== undefined && + input.BufferingHints !== null && { + BufferingHints: serializeAws_json1_1AmazonopensearchserviceBufferingHints(input.BufferingHints, context), + }), + ...(input.CloudWatchLoggingOptions !== undefined && + input.CloudWatchLoggingOptions !== null && { + CloudWatchLoggingOptions: serializeAws_json1_1CloudWatchLoggingOptions(input.CloudWatchLoggingOptions, context), + }), + ...(input.ClusterEndpoint !== undefined && + input.ClusterEndpoint !== null && { ClusterEndpoint: input.ClusterEndpoint }), + ...(input.DomainARN !== undefined && input.DomainARN !== null && { DomainARN: input.DomainARN }), + ...(input.IndexName !== undefined && input.IndexName !== null && { IndexName: input.IndexName }), + ...(input.IndexRotationPeriod !== undefined && + input.IndexRotationPeriod !== null && { IndexRotationPeriod: input.IndexRotationPeriod }), + ...(input.ProcessingConfiguration !== undefined && + input.ProcessingConfiguration !== null && { + ProcessingConfiguration: serializeAws_json1_1ProcessingConfiguration(input.ProcessingConfiguration, context), + }), + ...(input.RetryOptions !== undefined && + input.RetryOptions !== null && { + RetryOptions: serializeAws_json1_1AmazonopensearchserviceRetryOptions(input.RetryOptions, context), + }), + ...(input.RoleARN !== undefined && input.RoleARN !== null && { RoleARN: input.RoleARN }), + ...(input.S3BackupMode !== undefined && input.S3BackupMode !== null && { S3BackupMode: input.S3BackupMode }), + ...(input.S3Configuration !== undefined && + input.S3Configuration !== null && { + S3Configuration: serializeAws_json1_1S3DestinationConfiguration(input.S3Configuration, context), + }), + ...(input.TypeName !== undefined && input.TypeName !== null && { TypeName: input.TypeName }), + ...(input.VpcConfiguration !== undefined && + input.VpcConfiguration !== null && { + VpcConfiguration: serializeAws_json1_1VpcConfiguration(input.VpcConfiguration, context), + }), + }; +}; + +const serializeAws_json1_1AmazonopensearchserviceDestinationUpdate = ( + input: AmazonopensearchserviceDestinationUpdate, + context: __SerdeContext +): any => { + return { + ...(input.BufferingHints !== undefined && + input.BufferingHints !== null && { + BufferingHints: serializeAws_json1_1AmazonopensearchserviceBufferingHints(input.BufferingHints, context), + }), + ...(input.CloudWatchLoggingOptions !== undefined && + input.CloudWatchLoggingOptions !== null && { + CloudWatchLoggingOptions: serializeAws_json1_1CloudWatchLoggingOptions(input.CloudWatchLoggingOptions, context), + }), + ...(input.ClusterEndpoint !== undefined && + input.ClusterEndpoint !== null && { ClusterEndpoint: input.ClusterEndpoint }), + ...(input.DomainARN !== undefined && input.DomainARN !== null && { DomainARN: input.DomainARN }), + ...(input.IndexName !== undefined && input.IndexName !== null && { IndexName: input.IndexName }), + ...(input.IndexRotationPeriod !== undefined && + input.IndexRotationPeriod !== null && { IndexRotationPeriod: input.IndexRotationPeriod }), + ...(input.ProcessingConfiguration !== undefined && + input.ProcessingConfiguration !== null && { + ProcessingConfiguration: serializeAws_json1_1ProcessingConfiguration(input.ProcessingConfiguration, context), + }), + ...(input.RetryOptions !== undefined && + input.RetryOptions !== null && { + RetryOptions: serializeAws_json1_1AmazonopensearchserviceRetryOptions(input.RetryOptions, context), + }), + ...(input.RoleARN !== undefined && input.RoleARN !== null && { RoleARN: input.RoleARN }), + ...(input.S3Update !== undefined && + input.S3Update !== null && { S3Update: serializeAws_json1_1S3DestinationUpdate(input.S3Update, context) }), + ...(input.TypeName !== undefined && input.TypeName !== null && { TypeName: input.TypeName }), + }; +}; + +const serializeAws_json1_1AmazonopensearchserviceRetryOptions = ( + input: AmazonopensearchserviceRetryOptions, + context: __SerdeContext +): any => { + return { + ...(input.DurationInSeconds !== undefined && + input.DurationInSeconds !== null && { DurationInSeconds: input.DurationInSeconds }), + }; +}; + const serializeAws_json1_1BufferingHints = (input: BufferingHints, context: __SerdeContext): any => { return { ...(input.IntervalInSeconds !== undefined && @@ -1322,6 +1423,14 @@ const serializeAws_json1_1CreateDeliveryStreamInput = ( context: __SerdeContext ): any => { return { + ...(input.AmazonopensearchserviceDestinationConfiguration !== undefined && + input.AmazonopensearchserviceDestinationConfiguration !== null && { + AmazonopensearchserviceDestinationConfiguration: + serializeAws_json1_1AmazonopensearchserviceDestinationConfiguration( + input.AmazonopensearchserviceDestinationConfiguration, + context + ), + }), ...(input.DeliveryStreamEncryptionConfigurationInput !== undefined && input.DeliveryStreamEncryptionConfigurationInput !== null && { DeliveryStreamEncryptionConfigurationInput: serializeAws_json1_1DeliveryStreamEncryptionConfigurationInput( @@ -2387,6 +2496,13 @@ const serializeAws_json1_1UntagDeliveryStreamInput = ( const serializeAws_json1_1UpdateDestinationInput = (input: UpdateDestinationInput, context: __SerdeContext): any => { return { + ...(input.AmazonopensearchserviceDestinationUpdate !== undefined && + input.AmazonopensearchserviceDestinationUpdate !== null && { + AmazonopensearchserviceDestinationUpdate: serializeAws_json1_1AmazonopensearchserviceDestinationUpdate( + input.AmazonopensearchserviceDestinationUpdate, + context + ), + }), ...(input.CurrentDeliveryStreamVersionId !== undefined && input.CurrentDeliveryStreamVersionId !== null && { CurrentDeliveryStreamVersionId: input.CurrentDeliveryStreamVersionId, @@ -2445,6 +2561,64 @@ const serializeAws_json1_1VpcConfiguration = (input: VpcConfiguration, context: }; }; +const deserializeAws_json1_1AmazonopensearchserviceBufferingHints = ( + output: any, + context: __SerdeContext +): AmazonopensearchserviceBufferingHints => { + return { + IntervalInSeconds: __expectInt32(output.IntervalInSeconds), + SizeInMBs: __expectInt32(output.SizeInMBs), + } as any; +}; + +const deserializeAws_json1_1AmazonopensearchserviceDestinationDescription = ( + output: any, + context: __SerdeContext +): AmazonopensearchserviceDestinationDescription => { + return { + BufferingHints: + output.BufferingHints !== undefined && output.BufferingHints !== null + ? deserializeAws_json1_1AmazonopensearchserviceBufferingHints(output.BufferingHints, context) + : undefined, + CloudWatchLoggingOptions: + output.CloudWatchLoggingOptions !== undefined && output.CloudWatchLoggingOptions !== null + ? deserializeAws_json1_1CloudWatchLoggingOptions(output.CloudWatchLoggingOptions, context) + : undefined, + ClusterEndpoint: __expectString(output.ClusterEndpoint), + DomainARN: __expectString(output.DomainARN), + IndexName: __expectString(output.IndexName), + IndexRotationPeriod: __expectString(output.IndexRotationPeriod), + ProcessingConfiguration: + output.ProcessingConfiguration !== undefined && output.ProcessingConfiguration !== null + ? deserializeAws_json1_1ProcessingConfiguration(output.ProcessingConfiguration, context) + : undefined, + RetryOptions: + output.RetryOptions !== undefined && output.RetryOptions !== null + ? deserializeAws_json1_1AmazonopensearchserviceRetryOptions(output.RetryOptions, context) + : undefined, + RoleARN: __expectString(output.RoleARN), + S3BackupMode: __expectString(output.S3BackupMode), + S3DestinationDescription: + output.S3DestinationDescription !== undefined && output.S3DestinationDescription !== null + ? deserializeAws_json1_1S3DestinationDescription(output.S3DestinationDescription, context) + : undefined, + TypeName: __expectString(output.TypeName), + VpcConfigurationDescription: + output.VpcConfigurationDescription !== undefined && output.VpcConfigurationDescription !== null + ? deserializeAws_json1_1VpcConfigurationDescription(output.VpcConfigurationDescription, context) + : undefined, + } as any; +}; + +const deserializeAws_json1_1AmazonopensearchserviceRetryOptions = ( + output: any, + context: __SerdeContext +): AmazonopensearchserviceRetryOptions => { + return { + DurationInSeconds: __expectInt32(output.DurationInSeconds), + } as any; +}; + const deserializeAws_json1_1BufferingHints = (output: any, context: __SerdeContext): BufferingHints => { return { IntervalInSeconds: __expectInt32(output.IntervalInSeconds), @@ -2627,6 +2801,14 @@ const deserializeAws_json1_1Deserializer = (output: any, context: __SerdeContext const deserializeAws_json1_1DestinationDescription = (output: any, context: __SerdeContext): DestinationDescription => { return { + AmazonopensearchserviceDestinationDescription: + output.AmazonopensearchserviceDestinationDescription !== undefined && + output.AmazonopensearchserviceDestinationDescription !== null + ? deserializeAws_json1_1AmazonopensearchserviceDestinationDescription( + output.AmazonopensearchserviceDestinationDescription, + context + ) + : undefined, DestinationId: __expectString(output.DestinationId), ElasticsearchDestinationDescription: output.ElasticsearchDestinationDescription !== undefined && output.ElasticsearchDestinationDescription !== null diff --git a/clients/client-fsx/src/models/models_0.ts b/clients/client-fsx/src/models/models_0.ts index 83c181e92c08..72ee5d84fc5e 100644 --- a/clients/client-fsx/src/models/models_0.ts +++ b/clients/client-fsx/src/models/models_0.ts @@ -818,7 +818,7 @@ export interface SelfManagedActiveDirectoryAttributes { UserName?: string; /** - *

                                                A list of up to two IP addresses of DNS servers or domain controllers in the + *

                                                A list of up to three IP addresses of DNS servers or domain controllers in the * self-managed AD directory.

                                                */ DnsIps?: string[]; @@ -2635,7 +2635,7 @@ export namespace WindowsAuditLogCreateConfiguration { } /** - *

                                                The configuration that Amazon FSx uses to join a Amazon FSx for Windows File Server file system or an ONTAP storage virtual machine (SVM) to + *

                                                The configuration that Amazon FSx uses to join a FSx for Windows File Server file system or an ONTAP storage virtual machine (SVM) to * a self-managed (including on-premises) Microsoft Active Directory (AD) * directory. For more information, see * @@ -2688,7 +2688,7 @@ export interface SelfManagedActiveDirectoryConfiguration { Password: string | undefined; /** - *

                                                A list of up to two IP addresses of DNS servers or domain controllers in the + *

                                                A list of up to three IP addresses of DNS servers or domain controllers in the * self-managed AD directory.

                                                */ DnsIps: string[] | undefined; @@ -2717,7 +2717,7 @@ export interface CreateFileSystemWindowsConfiguration { ActiveDirectoryId?: string; /** - *

                                                The configuration that Amazon FSx uses to join a Amazon FSx for Windows File Server file system or an ONTAP storage virtual machine (SVM) to + *

                                                The configuration that Amazon FSx uses to join a FSx for Windows File Server file system or an ONTAP storage virtual machine (SVM) to * a self-managed (including on-premises) Microsoft Active Directory (AD) * directory. For more information, see * @@ -2980,6 +2980,23 @@ export interface CreateFileSystemRequest { *

                                                The ONTAP configuration properties of the FSx for NetApp ONTAP file system that you are creating.

                                                */ OntapConfiguration?: CreateFileSystemOntapConfiguration; + + /** + *

                                                Sets the version of the Amazon FSx for Lustre file system you're creating. + * Valid values are 2.10 and 2.12.

                                                + *
                                                  + *
                                                • + *

                                                  Set the value to 2.10 to create a Lustre 2.10 + * file system.

                                                  + *
                                                  • + *
                                                • + *

                                                  Set the value to 2.12 to create a Lustre 2.12 + * file system.

                                                  + *
                                                  • + *
                                                + *

                                                Default value is 2.10.

                                                + */ + FileSystemTypeVersion?: string; } export namespace CreateFileSystemRequest { @@ -3206,6 +3223,16 @@ export interface CreateFileSystemFromBackupRequest { * in the Key Management Service API Reference.

                                                */ KmsKeyId?: string; + + /** + *

                                                Sets the version for the Amazon FSx for Lustre file system you're creating from a backup. + * Valid values are 2.10 and 2.12.

                                                + *

                                                You don't need to specify FileSystemTypeVersion because it will + * be applied using the backup's FileSystemTypeVersion setting. + * If you choose to specify FileSystemTypeVersion when creating from backup, the + * value must match the backup's FileSystemTypeVersion setting.

                                                + */ + FileSystemTypeVersion?: string; } export namespace CreateFileSystemFromBackupRequest { @@ -3231,7 +3258,7 @@ export interface CreateSvmActiveDirectoryConfiguration { NetBiosName: string | undefined; /** - *

                                                The configuration that Amazon FSx uses to join a Amazon FSx for Windows File Server file system or an ONTAP storage virtual machine (SVM) to + *

                                                The configuration that Amazon FSx uses to join a FSx for Windows File Server file system or an ONTAP storage virtual machine (SVM) to * a self-managed (including on-premises) Microsoft Active Directory (AD) * directory. For more information, see * @@ -5105,7 +5132,7 @@ export interface SelfManagedActiveDirectoryConfigurationUpdates { Password?: string; /** - *

                                                A list of up to two IP addresses of DNS servers or domain controllers in the + *

                                                A list of up to three IP addresses of DNS servers or domain controllers in the * self-managed AD directory.

                                                */ DnsIps?: string[]; @@ -5711,6 +5738,12 @@ export interface FileSystem { *

                                                The configuration for this FSx for NetApp ONTAP file system.

                                                */ OntapConfiguration?: OntapFileSystemConfiguration; + + /** + *

                                                The version of your Amazon FSx for Lustre file system, either + * 2.10 or 2.12.

                                                + */ + FileSystemTypeVersion?: string; } export namespace FileSystem { diff --git a/clients/client-fsx/src/protocols/Aws_json1_1.ts b/clients/client-fsx/src/protocols/Aws_json1_1.ts index 92e7e446dfd5..5292bae6fe06 100644 --- a/clients/client-fsx/src/protocols/Aws_json1_1.ts +++ b/clients/client-fsx/src/protocols/Aws_json1_1.ts @@ -3584,6 +3584,8 @@ const serializeAws_json1_1CreateFileSystemFromBackupRequest = ( return { ...(input.BackupId !== undefined && input.BackupId !== null && { BackupId: input.BackupId }), ClientRequestToken: input.ClientRequestToken ?? generateIdempotencyToken(), + ...(input.FileSystemTypeVersion !== undefined && + input.FileSystemTypeVersion !== null && { FileSystemTypeVersion: input.FileSystemTypeVersion }), ...(input.KmsKeyId !== undefined && input.KmsKeyId !== null && { KmsKeyId: input.KmsKeyId }), ...(input.LustreConfiguration !== undefined && input.LustreConfiguration !== null && { @@ -3685,6 +3687,8 @@ const serializeAws_json1_1CreateFileSystemRequest = (input: CreateFileSystemRequ ClientRequestToken: input.ClientRequestToken ?? generateIdempotencyToken(), ...(input.FileSystemType !== undefined && input.FileSystemType !== null && { FileSystemType: input.FileSystemType }), + ...(input.FileSystemTypeVersion !== undefined && + input.FileSystemTypeVersion !== null && { FileSystemTypeVersion: input.FileSystemTypeVersion }), ...(input.KmsKeyId !== undefined && input.KmsKeyId !== null && { KmsKeyId: input.KmsKeyId }), ...(input.LustreConfiguration !== undefined && input.LustreConfiguration !== null && { @@ -5177,6 +5181,7 @@ const deserializeAws_json1_1FileSystem = (output: any, context: __SerdeContext): : undefined, FileSystemId: __expectString(output.FileSystemId), FileSystemType: __expectString(output.FileSystemType), + FileSystemTypeVersion: __expectString(output.FileSystemTypeVersion), KmsKeyId: __expectString(output.KmsKeyId), Lifecycle: __expectString(output.Lifecycle), LustreConfiguration: diff --git a/clients/client-glue/src/models/models_0.ts b/clients/client-glue/src/models/models_0.ts index adf85fb7cd55..53035b5f1c33 100644 --- a/clients/client-glue/src/models/models_0.ts +++ b/clients/client-glue/src/models/models_0.ts @@ -3872,6 +3872,11 @@ export interface CreateConnectionRequest { * to create.

                                                */ ConnectionInput: ConnectionInput | undefined; + + /** + *

                                                The tags you assign to the connection.

                                                + */ + Tags?: { [key: string]: string }; } export namespace CreateConnectionRequest { diff --git a/clients/client-glue/src/models/models_1.ts b/clients/client-glue/src/models/models_1.ts index 3817d5f411f9..7f6aaff62fe3 100644 --- a/clients/client-glue/src/models/models_1.ts +++ b/clients/client-glue/src/models/models_1.ts @@ -2234,6 +2234,9 @@ export interface GetPartitionsRequest { */ MaxResults?: number; + /** + *

                                                When true, specifies not returning the partition column schema. Useful when you are interested only in other partition attributes such as partition values or location. This approach avoids the problem of a large response by not returning duplicate data.

                                                + */ ExcludeColumnSchema?: boolean; } diff --git a/clients/client-glue/src/protocols/Aws_json1_1.ts b/clients/client-glue/src/protocols/Aws_json1_1.ts index 81952fa4cbdd..58722f676284 100644 --- a/clients/client-glue/src/protocols/Aws_json1_1.ts +++ b/clients/client-glue/src/protocols/Aws_json1_1.ts @@ -17502,6 +17502,7 @@ const serializeAws_json1_1CreateConnectionRequest = (input: CreateConnectionRequ input.ConnectionInput !== null && { ConnectionInput: serializeAws_json1_1ConnectionInput(input.ConnectionInput, context), }), + ...(input.Tags !== undefined && input.Tags !== null && { Tags: serializeAws_json1_1TagsMap(input.Tags, context) }), }; }; diff --git a/clients/client-grafana/.gitignore b/clients/client-grafana/.gitignore new file mode 100644 index 000000000000..54f14c9aef25 --- /dev/null +++ b/clients/client-grafana/.gitignore @@ -0,0 +1,9 @@ +/node_modules/ +/build/ +/coverage/ +/docs/ +/dist-* +*.tsbuildinfo +*.tgz +*.log +package-lock.json diff --git a/clients/client-grafana/.npmignore b/clients/client-grafana/.npmignore new file mode 100644 index 000000000000..b7ff81137c4a --- /dev/null +++ b/clients/client-grafana/.npmignore @@ -0,0 +1,4 @@ +/coverage/ +/docs/ +tsconfig.test.json +*.tsbuildinfo diff --git a/clients/client-grafana/LICENSE b/clients/client-grafana/LICENSE new file mode 100644 index 000000000000..f9e0c8672bca --- /dev/null +++ b/clients/client-grafana/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2018-2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/clients/client-grafana/README.md b/clients/client-grafana/README.md new file mode 100644 index 000000000000..8ac19e9c451c --- /dev/null +++ b/clients/client-grafana/README.md @@ -0,0 +1,209 @@ +# @aws-sdk/client-grafana + +[![NPM version](https://img.shields.io/npm/v/@aws-sdk/client-grafana/latest.svg)](https://www.npmjs.com/package/@aws-sdk/client-grafana) +[![NPM downloads](https://img.shields.io/npm/dm/@aws-sdk/client-grafana.svg)](https://www.npmjs.com/package/@aws-sdk/client-grafana) + +## Description + +AWS SDK for JavaScript Grafana Client for Node.js, Browser and React Native. + +

                                                Amazon Managed Grafana is a fully managed and secure data visualization service that you can use to +instantly query, correlate, and visualize operational metrics, logs, and traces from multiple sources. +Amazon Managed Grafana makes it easy to deploy, operate, and scale Grafana, a widely deployed data visualization tool +that is popular for its extensible data support.

                                                +

                                                With Amazon Managed Grafana, you create logically isolated Grafana servers called workspaces. In +a workspace, you can create Grafana dashboards and visualizations to analyze your metrics, logs, and traces without having to +build, package, or deploy any hardware to run Grafana servers.

                                                + +## Installing + +To install the this package, simply type add or install @aws-sdk/client-grafana +using your favorite package manager: + +- `npm install @aws-sdk/client-grafana` +- `yarn add @aws-sdk/client-grafana` +- `pnpm add @aws-sdk/client-grafana` + +## Getting Started + +### Import + +The AWS SDK is modulized by clients and commands. +To send a request, you only need to import the `GrafanaClient` and +the commands you need, for example `AssociateLicenseCommand`: + +```js +// ES5 example +const { GrafanaClient, AssociateLicenseCommand } = require("@aws-sdk/client-grafana"); +``` + +```ts +// ES6+ example +import { GrafanaClient, AssociateLicenseCommand } from "@aws-sdk/client-grafana"; +``` + +### Usage + +To send a request, you: + +- Initiate client with configuration (e.g. credentials, region). +- Initiate command with input parameters. +- Call `send` operation on client with command object as input. +- If you are using a custom http handler, you may call `destroy()` to close open connections. + +```js +// a client can be shared by different commands. +const client = new GrafanaClient({ region: "REGION" }); + +const params = { + /** input parameters */ +}; +const command = new AssociateLicenseCommand(params); +``` + +#### Async/await + +We recommend using [await](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/await) +operator to wait for the promise returned by send operation as follows: + +```js +// async/await. +try { + const data = await client.send(command); + // process data. +} catch (error) { + // error handling. +} finally { + // finally. +} +``` + +Async-await is clean, concise, intuitive, easy to debug and has better error handling +as compared to using Promise chains or callbacks. + +#### Promises + +You can also use [Promise chaining](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Using_promises#chaining) +to execute send operation. + +```js +client.send(command).then( + (data) => { + // process data. + }, + (error) => { + // error handling. + } +); +``` + +Promises can also be called using `.catch()` and `.finally()` as follows: + +```js +client + .send(command) + .then((data) => { + // process data. + }) + .catch((error) => { + // error handling. + }) + .finally(() => { + // finally. + }); +``` + +#### Callbacks + +We do not recommend using callbacks because of [callback hell](http://callbackhell.com/), +but they are supported by the send operation. + +```js +// callbacks. +client.send(command, (err, data) => { + // proccess err and data. +}); +``` + +#### v2 compatible style + +The client can also send requests using v2 compatible style. +However, it results in a bigger bundle size and may be dropped in next major version. More details in the blog post +on [modular packages in AWS SDK for JavaScript](https://aws.amazon.com/blogs/developer/modular-packages-in-aws-sdk-for-javascript/) + +```ts +import * as AWS from "@aws-sdk/client-grafana"; +const client = new AWS.Grafana({ region: "REGION" }); + +// async/await. +try { + const data = await client.associateLicense(params); + // process data. +} catch (error) { + // error handling. +} + +// Promises. +client + .associateLicense(params) + .then((data) => { + // process data. + }) + .catch((error) => { + // error handling. + }); + +// callbacks. +client.associateLicense(params, (err, data) => { + // proccess err and data. +}); +``` + +### Troubleshooting + +When the service returns an exception, the error will include the exception information, +as well as response metadata (e.g. request id). + +```js +try { + const data = await client.send(command); + // process data. +} catch (error) { + const { requestId, cfId, extendedRequestId } = error.$metadata; + console.log({ requestId, cfId, extendedRequestId }); + /** + * The keys within exceptions are also parsed. + * You can access them by specifying exception names: + * if (error.name === 'SomeServiceException') { + * const value = error.specialKeyInException; + * } + */ +} +``` + +## Getting Help + +Please use these community resources for getting help. +We use the GitHub issues for tracking bugs and feature requests, but have limited bandwidth to address them. + +- Visit [Developer Guide](https://docs.aws.amazon.com/sdk-for-javascript/v3/developer-guide/welcome.html) + or [API Reference](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/index.html). +- Check out the blog posts tagged with [`aws-sdk-js`](https://aws.amazon.com/blogs/developer/tag/aws-sdk-js/) + on AWS Developer Blog. +- Ask a question on [StackOverflow](https://stackoverflow.com/questions/tagged/aws-sdk-js) and tag it with `aws-sdk-js`. +- Join the AWS JavaScript community on [gitter](https://gitter.im/aws/aws-sdk-js-v3). +- If it turns out that you may have found a bug, please [open an issue](https://github.com/aws/aws-sdk-js-v3/issues/new/choose). + +To test your universal JavaScript code in Node.js, browser and react-native environments, +visit our [code samples repo](https://github.com/aws-samples/aws-sdk-js-tests). + +## Contributing + +This client code is generated automatically. Any modifications will be overwritten the next time the `@aws-sdk/client-grafana` package is updated. +To contribute to client you can check our [generate clients scripts](https://github.com/aws/aws-sdk-js-v3/tree/main/scripts/generate-clients). + +## License + +This SDK is distributed under the +[Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0), +see LICENSE for more information. diff --git a/clients/client-grafana/jest.config.js b/clients/client-grafana/jest.config.js new file mode 100644 index 000000000000..02eed352c6a8 --- /dev/null +++ b/clients/client-grafana/jest.config.js @@ -0,0 +1,4 @@ +module.exports = { + preset: "ts-jest", + testMatch: ["**/*.spec.ts", "!**/*.browser.spec.ts", "!**/*.integ.spec.ts"], +}; diff --git a/clients/client-grafana/package.json b/clients/client-grafana/package.json new file mode 100644 index 000000000000..d6517c378959 --- /dev/null +++ b/clients/client-grafana/package.json @@ -0,0 +1,96 @@ +{ + "name": "@aws-sdk/client-grafana", + "description": "AWS SDK for JavaScript Grafana Client for Node.js, Browser and React Native", + "version": "3.0.0", + "scripts": { + "build": "yarn build:cjs && yarn build:es && yarn build:types", + "build:cjs": "tsc -p tsconfig.json", + "build:docs": "yarn clean:docs && typedoc ./", + "build:es": "tsc -p tsconfig.es.json", + "build:types": "tsc -p tsconfig.types.json", + "clean": "yarn clean:dist && yarn clean:docs", + "clean:dist": "rimraf ./dist-*", + "clean:docs": "rimraf ./docs", + "downlevel-dts": "downlevel-dts dist-types dist-types/ts3.4", + "test": "jest --coverage --passWithNoTests" + }, + "main": "./dist-cjs/index.js", + "types": "./dist-types/index.d.ts", + "module": "./dist-es/index.js", + "sideEffects": false, + "dependencies": { + "@aws-crypto/sha256-browser": "^1.1.0", + "@aws-crypto/sha256-js": "^1.1.0", + "@aws-sdk/client-sts": "3.35.0", + "@aws-sdk/config-resolver": "3.35.0", + "@aws-sdk/credential-provider-node": "3.35.0", + "@aws-sdk/fetch-http-handler": "3.35.0", + "@aws-sdk/hash-node": "3.35.0", + "@aws-sdk/invalid-dependency": "3.35.0", + "@aws-sdk/middleware-content-length": "3.35.0", + "@aws-sdk/middleware-host-header": "3.35.0", + "@aws-sdk/middleware-logger": "3.35.0", + "@aws-sdk/middleware-retry": "3.35.0", + "@aws-sdk/middleware-serde": "3.35.0", + "@aws-sdk/middleware-signing": "3.35.0", + "@aws-sdk/middleware-stack": "3.35.0", + "@aws-sdk/middleware-user-agent": "3.35.0", + "@aws-sdk/node-config-provider": "3.35.0", + "@aws-sdk/node-http-handler": "3.35.0", + "@aws-sdk/protocol-http": "3.35.0", + "@aws-sdk/smithy-client": "3.35.0", + "@aws-sdk/types": "3.35.0", + "@aws-sdk/url-parser": "3.35.0", + "@aws-sdk/util-base64-browser": "3.35.0", + "@aws-sdk/util-base64-node": "3.35.0", + "@aws-sdk/util-body-length-browser": "3.35.0", + "@aws-sdk/util-body-length-node": "3.35.0", + "@aws-sdk/util-user-agent-browser": "3.35.0", + "@aws-sdk/util-user-agent-node": "3.35.0", + "@aws-sdk/util-utf8-browser": "3.35.0", + "@aws-sdk/util-utf8-node": "3.35.0", + "tslib": "^2.3.0", + "uuid": "^8.3.2" + }, + "devDependencies": { + "@aws-sdk/client-documentation-generator": "3.35.0", + "@types/node": "^12.7.5", + "@types/uuid": "^8.3.0", + "downlevel-dts": "0.7.0", + "jest": "^26.1.0", + "rimraf": "^3.0.0", + "ts-jest": "^26.4.1", + "typedoc": "^0.19.2", + "typescript": "~4.3.5" + }, + "engines": { + "node": ">=10.0.0" + }, + "typesVersions": { + "<4.0": { + "dist-types/*": [ + "dist-types/ts3.4/*" + ] + } + }, + "files": [ + "dist-*" + ], + "author": { + "name": "AWS SDK for JavaScript Team", + "url": "https://aws.amazon.com/javascript/" + }, + "license": "Apache-2.0", + "browser": { + "./dist-es/runtimeConfig": "./dist-es/runtimeConfig.browser" + }, + "react-native": { + "./dist-es/runtimeConfig": "./dist-es/runtimeConfig.native" + }, + "homepage": "https://github.com/aws/aws-sdk-js-v3/tree/main/clients/client-grafana", + "repository": { + "type": "git", + "url": "https://github.com/aws/aws-sdk-js-v3.git", + "directory": "clients/client-grafana" + } +} diff --git a/clients/client-grafana/src/Grafana.ts b/clients/client-grafana/src/Grafana.ts new file mode 100644 index 000000000000..00d15648cac3 --- /dev/null +++ b/clients/client-grafana/src/Grafana.ts @@ -0,0 +1,442 @@ +import { HttpHandlerOptions as __HttpHandlerOptions } from "@aws-sdk/types"; + +import { + AssociateLicenseCommand, + AssociateLicenseCommandInput, + AssociateLicenseCommandOutput, +} from "./commands/AssociateLicenseCommand"; +import { + CreateWorkspaceCommand, + CreateWorkspaceCommandInput, + CreateWorkspaceCommandOutput, +} from "./commands/CreateWorkspaceCommand"; +import { + DeleteWorkspaceCommand, + DeleteWorkspaceCommandInput, + DeleteWorkspaceCommandOutput, +} from "./commands/DeleteWorkspaceCommand"; +import { + DescribeWorkspaceAuthenticationCommand, + DescribeWorkspaceAuthenticationCommandInput, + DescribeWorkspaceAuthenticationCommandOutput, +} from "./commands/DescribeWorkspaceAuthenticationCommand"; +import { + DescribeWorkspaceCommand, + DescribeWorkspaceCommandInput, + DescribeWorkspaceCommandOutput, +} from "./commands/DescribeWorkspaceCommand"; +import { + DisassociateLicenseCommand, + DisassociateLicenseCommandInput, + DisassociateLicenseCommandOutput, +} from "./commands/DisassociateLicenseCommand"; +import { + ListPermissionsCommand, + ListPermissionsCommandInput, + ListPermissionsCommandOutput, +} from "./commands/ListPermissionsCommand"; +import { + ListWorkspacesCommand, + ListWorkspacesCommandInput, + ListWorkspacesCommandOutput, +} from "./commands/ListWorkspacesCommand"; +import { + UpdatePermissionsCommand, + UpdatePermissionsCommandInput, + UpdatePermissionsCommandOutput, +} from "./commands/UpdatePermissionsCommand"; +import { + UpdateWorkspaceAuthenticationCommand, + UpdateWorkspaceAuthenticationCommandInput, + UpdateWorkspaceAuthenticationCommandOutput, +} from "./commands/UpdateWorkspaceAuthenticationCommand"; +import { + UpdateWorkspaceCommand, + UpdateWorkspaceCommandInput, + UpdateWorkspaceCommandOutput, +} from "./commands/UpdateWorkspaceCommand"; +import { GrafanaClient } from "./GrafanaClient"; + +/** + *

                                                Amazon Managed Grafana is a fully managed and secure data visualization service that you can use to + * instantly query, correlate, and visualize operational metrics, logs, and traces from multiple sources. + * Amazon Managed Grafana makes it easy to deploy, operate, and scale Grafana, a widely deployed data visualization tool + * that is popular for its extensible data support.

                                                + *

                                                With Amazon Managed Grafana, you create logically isolated Grafana servers called workspaces. In + * a workspace, you can create Grafana dashboards and visualizations to analyze your metrics, logs, and traces without having to + * build, package, or deploy any hardware to run Grafana servers.

                                                + */ +export class Grafana extends GrafanaClient { + /** + *

                                                Assigns a Grafana Enterprise license to a workspace. Upgrading to Grafana Enterprise + * incurs additional fees. For more information, see Upgrade a workspace to + * Grafana Enterprise.

                                                + */ + public associateLicense( + args: AssociateLicenseCommandInput, + options?: __HttpHandlerOptions + ): Promise; + public associateLicense( + args: AssociateLicenseCommandInput, + cb: (err: any, data?: AssociateLicenseCommandOutput) => void + ): void; + public associateLicense( + args: AssociateLicenseCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: AssociateLicenseCommandOutput) => void + ): void; + public associateLicense( + args: AssociateLicenseCommandInput, + optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: AssociateLicenseCommandOutput) => void), + cb?: (err: any, data?: AssociateLicenseCommandOutput) => void + ): Promise | void { + const command = new AssociateLicenseCommand(args); + if (typeof optionsOrCb === "function") { + this.send(command, optionsOrCb); + } else if (typeof cb === "function") { + if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`); + this.send(command, optionsOrCb || {}, cb); + } else { + return this.send(command, optionsOrCb); + } + } + + /** + *

                                                Creates a workspace. In a workspace, you can create Grafana + * dashboards and visualizations to analyze your metrics, logs, and traces. You don't have to + * build, package, or deploy any hardware to run the Grafana server.

                                                + *

                                                Don't use CreateWorkspace to modify an existing workspace. Instead, + * use UpdateWorkspace.

                                                + */ + public createWorkspace( + args: CreateWorkspaceCommandInput, + options?: __HttpHandlerOptions + ): Promise; + public createWorkspace( + args: CreateWorkspaceCommandInput, + cb: (err: any, data?: CreateWorkspaceCommandOutput) => void + ): void; + public createWorkspace( + args: CreateWorkspaceCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: CreateWorkspaceCommandOutput) => void + ): void; + public createWorkspace( + args: CreateWorkspaceCommandInput, + optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: CreateWorkspaceCommandOutput) => void), + cb?: (err: any, data?: CreateWorkspaceCommandOutput) => void + ): Promise | void { + const command = new CreateWorkspaceCommand(args); + if (typeof optionsOrCb === "function") { + this.send(command, optionsOrCb); + } else if (typeof cb === "function") { + if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`); + this.send(command, optionsOrCb || {}, cb); + } else { + return this.send(command, optionsOrCb); + } + } + + /** + *

                                                Deletes an Amazon Managed Grafana workspace.

                                                + */ + public deleteWorkspace( + args: DeleteWorkspaceCommandInput, + options?: __HttpHandlerOptions + ): Promise; + public deleteWorkspace( + args: DeleteWorkspaceCommandInput, + cb: (err: any, data?: DeleteWorkspaceCommandOutput) => void + ): void; + public deleteWorkspace( + args: DeleteWorkspaceCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: DeleteWorkspaceCommandOutput) => void + ): void; + public deleteWorkspace( + args: DeleteWorkspaceCommandInput, + optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: DeleteWorkspaceCommandOutput) => void), + cb?: (err: any, data?: DeleteWorkspaceCommandOutput) => void + ): Promise | void { + const command = new DeleteWorkspaceCommand(args); + if (typeof optionsOrCb === "function") { + this.send(command, optionsOrCb); + } else if (typeof cb === "function") { + if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`); + this.send(command, optionsOrCb || {}, cb); + } else { + return this.send(command, optionsOrCb); + } + } + + /** + *

                                                Displays information about one Amazon Managed Grafana workspace.

                                                + */ + public describeWorkspace( + args: DescribeWorkspaceCommandInput, + options?: __HttpHandlerOptions + ): Promise; + public describeWorkspace( + args: DescribeWorkspaceCommandInput, + cb: (err: any, data?: DescribeWorkspaceCommandOutput) => void + ): void; + public describeWorkspace( + args: DescribeWorkspaceCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: DescribeWorkspaceCommandOutput) => void + ): void; + public describeWorkspace( + args: DescribeWorkspaceCommandInput, + optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: DescribeWorkspaceCommandOutput) => void), + cb?: (err: any, data?: DescribeWorkspaceCommandOutput) => void + ): Promise | void { + const command = new DescribeWorkspaceCommand(args); + if (typeof optionsOrCb === "function") { + this.send(command, optionsOrCb); + } else if (typeof cb === "function") { + if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`); + this.send(command, optionsOrCb || {}, cb); + } else { + return this.send(command, optionsOrCb); + } + } + + /** + *

                                                Displays information about the authentication methods used in one Amazon Managed Grafana workspace.

                                                + */ + public describeWorkspaceAuthentication( + args: DescribeWorkspaceAuthenticationCommandInput, + options?: __HttpHandlerOptions + ): Promise; + public describeWorkspaceAuthentication( + args: DescribeWorkspaceAuthenticationCommandInput, + cb: (err: any, data?: DescribeWorkspaceAuthenticationCommandOutput) => void + ): void; + public describeWorkspaceAuthentication( + args: DescribeWorkspaceAuthenticationCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: DescribeWorkspaceAuthenticationCommandOutput) => void + ): void; + public describeWorkspaceAuthentication( + args: DescribeWorkspaceAuthenticationCommandInput, + optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: DescribeWorkspaceAuthenticationCommandOutput) => void), + cb?: (err: any, data?: DescribeWorkspaceAuthenticationCommandOutput) => void + ): Promise | void { + const command = new DescribeWorkspaceAuthenticationCommand(args); + if (typeof optionsOrCb === "function") { + this.send(command, optionsOrCb); + } else if (typeof cb === "function") { + if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`); + this.send(command, optionsOrCb || {}, cb); + } else { + return this.send(command, optionsOrCb); + } + } + + /** + *

                                                Removes the Grafana Enterprise license from a workspace.

                                                + */ + public disassociateLicense( + args: DisassociateLicenseCommandInput, + options?: __HttpHandlerOptions + ): Promise; + public disassociateLicense( + args: DisassociateLicenseCommandInput, + cb: (err: any, data?: DisassociateLicenseCommandOutput) => void + ): void; + public disassociateLicense( + args: DisassociateLicenseCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: DisassociateLicenseCommandOutput) => void + ): void; + public disassociateLicense( + args: DisassociateLicenseCommandInput, + optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: DisassociateLicenseCommandOutput) => void), + cb?: (err: any, data?: DisassociateLicenseCommandOutput) => void + ): Promise | void { + const command = new DisassociateLicenseCommand(args); + if (typeof optionsOrCb === "function") { + this.send(command, optionsOrCb); + } else if (typeof cb === "function") { + if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`); + this.send(command, optionsOrCb || {}, cb); + } else { + return this.send(command, optionsOrCb); + } + } + + /** + *

                                                Lists the users and groups who have the Grafana Admin and + * Editor roles in this workspace. If you use this + * operation without specifying userId or groupId, the operation returns + * the roles of all users + * and groups. If you specify a userId or a groupId, only the roles + * for that user or group are returned. If you do this, you can specify only one userId or + * one groupId.

                                                + */ + public listPermissions( + args: ListPermissionsCommandInput, + options?: __HttpHandlerOptions + ): Promise; + public listPermissions( + args: ListPermissionsCommandInput, + cb: (err: any, data?: ListPermissionsCommandOutput) => void + ): void; + public listPermissions( + args: ListPermissionsCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: ListPermissionsCommandOutput) => void + ): void; + public listPermissions( + args: ListPermissionsCommandInput, + optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: ListPermissionsCommandOutput) => void), + cb?: (err: any, data?: ListPermissionsCommandOutput) => void + ): Promise | void { + const command = new ListPermissionsCommand(args); + if (typeof optionsOrCb === "function") { + this.send(command, optionsOrCb); + } else if (typeof cb === "function") { + if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`); + this.send(command, optionsOrCb || {}, cb); + } else { + return this.send(command, optionsOrCb); + } + } + + /** + *

                                                Returns a list of Amazon Managed Grafana workspaces in the account, with some information + * about each workspace. For more complete information about one workspace, use DescribeWorkspace.

                                                + */ + public listWorkspaces( + args: ListWorkspacesCommandInput, + options?: __HttpHandlerOptions + ): Promise; + public listWorkspaces( + args: ListWorkspacesCommandInput, + cb: (err: any, data?: ListWorkspacesCommandOutput) => void + ): void; + public listWorkspaces( + args: ListWorkspacesCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: ListWorkspacesCommandOutput) => void + ): void; + public listWorkspaces( + args: ListWorkspacesCommandInput, + optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: ListWorkspacesCommandOutput) => void), + cb?: (err: any, data?: ListWorkspacesCommandOutput) => void + ): Promise | void { + const command = new ListWorkspacesCommand(args); + if (typeof optionsOrCb === "function") { + this.send(command, optionsOrCb); + } else if (typeof cb === "function") { + if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`); + this.send(command, optionsOrCb || {}, cb); + } else { + return this.send(command, optionsOrCb); + } + } + + /** + *

                                                Updates which users in a workspace have the Grafana Admin or Editor roles.

                                                + */ + public updatePermissions( + args: UpdatePermissionsCommandInput, + options?: __HttpHandlerOptions + ): Promise; + public updatePermissions( + args: UpdatePermissionsCommandInput, + cb: (err: any, data?: UpdatePermissionsCommandOutput) => void + ): void; + public updatePermissions( + args: UpdatePermissionsCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: UpdatePermissionsCommandOutput) => void + ): void; + public updatePermissions( + args: UpdatePermissionsCommandInput, + optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: UpdatePermissionsCommandOutput) => void), + cb?: (err: any, data?: UpdatePermissionsCommandOutput) => void + ): Promise | void { + const command = new UpdatePermissionsCommand(args); + if (typeof optionsOrCb === "function") { + this.send(command, optionsOrCb); + } else if (typeof cb === "function") { + if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`); + this.send(command, optionsOrCb || {}, cb); + } else { + return this.send(command, optionsOrCb); + } + } + + /** + *

                                                Modifies an existing Amazon Managed Grafana workspace. If you use this operation and omit any + * optional parameters, the existing values of those parameters are not changed.

                                                + *

                                                To modify the user authentication methods that the workspace uses, such as SAML or Amazon Web Services SSO, + * use UpdateWorkspaceAuthentication.

                                                + *

                                                To modify which users in the workspace have the Admin and Editor Grafana roles, + * use UpdatePermissions.

                                                + */ + public updateWorkspace( + args: UpdateWorkspaceCommandInput, + options?: __HttpHandlerOptions + ): Promise; + public updateWorkspace( + args: UpdateWorkspaceCommandInput, + cb: (err: any, data?: UpdateWorkspaceCommandOutput) => void + ): void; + public updateWorkspace( + args: UpdateWorkspaceCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: UpdateWorkspaceCommandOutput) => void + ): void; + public updateWorkspace( + args: UpdateWorkspaceCommandInput, + optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: UpdateWorkspaceCommandOutput) => void), + cb?: (err: any, data?: UpdateWorkspaceCommandOutput) => void + ): Promise | void { + const command = new UpdateWorkspaceCommand(args); + if (typeof optionsOrCb === "function") { + this.send(command, optionsOrCb); + } else if (typeof cb === "function") { + if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`); + this.send(command, optionsOrCb || {}, cb); + } else { + return this.send(command, optionsOrCb); + } + } + + /** + *

                                                Use this operation to define the identity provider (IdP) that this workspace + * authenticates users from, using SAML. You can also map SAML assertion attributes to + * workspace user information and define which groups in the assertion attribute are to have + * the Admin and Editor roles in the workspace.

                                                + */ + public updateWorkspaceAuthentication( + args: UpdateWorkspaceAuthenticationCommandInput, + options?: __HttpHandlerOptions + ): Promise; + public updateWorkspaceAuthentication( + args: UpdateWorkspaceAuthenticationCommandInput, + cb: (err: any, data?: UpdateWorkspaceAuthenticationCommandOutput) => void + ): void; + public updateWorkspaceAuthentication( + args: UpdateWorkspaceAuthenticationCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: UpdateWorkspaceAuthenticationCommandOutput) => void + ): void; + public updateWorkspaceAuthentication( + args: UpdateWorkspaceAuthenticationCommandInput, + optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: UpdateWorkspaceAuthenticationCommandOutput) => void), + cb?: (err: any, data?: UpdateWorkspaceAuthenticationCommandOutput) => void + ): Promise | void { + const command = new UpdateWorkspaceAuthenticationCommand(args); + if (typeof optionsOrCb === "function") { + this.send(command, optionsOrCb); + } else if (typeof cb === "function") { + if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`); + this.send(command, optionsOrCb || {}, cb); + } else { + return this.send(command, optionsOrCb); + } + } +} diff --git a/clients/client-grafana/src/GrafanaClient.ts b/clients/client-grafana/src/GrafanaClient.ts new file mode 100644 index 000000000000..5b5c084a4f47 --- /dev/null +++ b/clients/client-grafana/src/GrafanaClient.ts @@ -0,0 +1,284 @@ +import { + EndpointsInputConfig, + EndpointsResolvedConfig, + RegionInputConfig, + RegionResolvedConfig, + resolveEndpointsConfig, + resolveRegionConfig, +} from "@aws-sdk/config-resolver"; +import { getContentLengthPlugin } from "@aws-sdk/middleware-content-length"; +import { + getHostHeaderPlugin, + HostHeaderInputConfig, + HostHeaderResolvedConfig, + resolveHostHeaderConfig, +} from "@aws-sdk/middleware-host-header"; +import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; +import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@aws-sdk/middleware-retry"; +import { + AwsAuthInputConfig, + AwsAuthResolvedConfig, + getAwsAuthPlugin, + resolveAwsAuthConfig, +} from "@aws-sdk/middleware-signing"; +import { + getUserAgentPlugin, + resolveUserAgentConfig, + UserAgentInputConfig, + UserAgentResolvedConfig, +} from "@aws-sdk/middleware-user-agent"; +import { HttpHandler as __HttpHandler } from "@aws-sdk/protocol-http"; +import { + Client as __Client, + SmithyConfiguration as __SmithyConfiguration, + SmithyResolvedConfiguration as __SmithyResolvedConfiguration, +} from "@aws-sdk/smithy-client"; +import { + Credentials as __Credentials, + Decoder as __Decoder, + Encoder as __Encoder, + Hash as __Hash, + HashConstructor as __HashConstructor, + HttpHandlerOptions as __HttpHandlerOptions, + Logger as __Logger, + Provider as __Provider, + Provider, + RegionInfoProvider, + StreamCollector as __StreamCollector, + UrlParser as __UrlParser, + UserAgent as __UserAgent, +} from "@aws-sdk/types"; + +import { AssociateLicenseCommandInput, AssociateLicenseCommandOutput } from "./commands/AssociateLicenseCommand"; +import { CreateWorkspaceCommandInput, CreateWorkspaceCommandOutput } from "./commands/CreateWorkspaceCommand"; +import { DeleteWorkspaceCommandInput, DeleteWorkspaceCommandOutput } from "./commands/DeleteWorkspaceCommand"; +import { + DescribeWorkspaceAuthenticationCommandInput, + DescribeWorkspaceAuthenticationCommandOutput, +} from "./commands/DescribeWorkspaceAuthenticationCommand"; +import { DescribeWorkspaceCommandInput, DescribeWorkspaceCommandOutput } from "./commands/DescribeWorkspaceCommand"; +import { + DisassociateLicenseCommandInput, + DisassociateLicenseCommandOutput, +} from "./commands/DisassociateLicenseCommand"; +import { ListPermissionsCommandInput, ListPermissionsCommandOutput } from "./commands/ListPermissionsCommand"; +import { ListWorkspacesCommandInput, ListWorkspacesCommandOutput } from "./commands/ListWorkspacesCommand"; +import { UpdatePermissionsCommandInput, UpdatePermissionsCommandOutput } from "./commands/UpdatePermissionsCommand"; +import { + UpdateWorkspaceAuthenticationCommandInput, + UpdateWorkspaceAuthenticationCommandOutput, +} from "./commands/UpdateWorkspaceAuthenticationCommand"; +import { UpdateWorkspaceCommandInput, UpdateWorkspaceCommandOutput } from "./commands/UpdateWorkspaceCommand"; +import { getRuntimeConfig as __getRuntimeConfig } from "./runtimeConfig"; + +export type ServiceInputTypes = + | AssociateLicenseCommandInput + | CreateWorkspaceCommandInput + | DeleteWorkspaceCommandInput + | DescribeWorkspaceAuthenticationCommandInput + | DescribeWorkspaceCommandInput + | DisassociateLicenseCommandInput + | ListPermissionsCommandInput + | ListWorkspacesCommandInput + | UpdatePermissionsCommandInput + | UpdateWorkspaceAuthenticationCommandInput + | UpdateWorkspaceCommandInput; + +export type ServiceOutputTypes = + | AssociateLicenseCommandOutput + | CreateWorkspaceCommandOutput + | DeleteWorkspaceCommandOutput + | DescribeWorkspaceAuthenticationCommandOutput + | DescribeWorkspaceCommandOutput + | DisassociateLicenseCommandOutput + | ListPermissionsCommandOutput + | ListWorkspacesCommandOutput + | UpdatePermissionsCommandOutput + | UpdateWorkspaceAuthenticationCommandOutput + | UpdateWorkspaceCommandOutput; + +export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__HttpHandlerOptions>> { + /** + * The HTTP handler to use. Fetch in browser and Https in Nodejs. + */ + requestHandler?: __HttpHandler; + + /** + * A constructor for a class implementing the {@link __Hash} interface + * that computes the SHA-256 HMAC or checksum of a string or binary buffer. + * @internal + */ + sha256?: __HashConstructor; + + /** + * The function that will be used to convert strings into HTTP endpoints. + * @internal + */ + urlParser?: __UrlParser; + + /** + * A function that can calculate the length of a request body. + * @internal + */ + bodyLengthChecker?: (body: any) => number | undefined; + + /** + * A function that converts a stream into an array of bytes. + * @internal + */ + streamCollector?: __StreamCollector; + + /** + * The function that will be used to convert a base64-encoded string to a byte array. + * @internal + */ + base64Decoder?: __Decoder; + + /** + * The function that will be used to convert binary data to a base64-encoded string. + * @internal + */ + base64Encoder?: __Encoder; + + /** + * The function that will be used to convert a UTF8-encoded string to a byte array. + * @internal + */ + utf8Decoder?: __Decoder; + + /** + * The function that will be used to convert binary data to a UTF-8 encoded string. + * @internal + */ + utf8Encoder?: __Encoder; + + /** + * The runtime environment. + * @internal + */ + runtime?: string; + + /** + * Disable dyanamically changing the endpoint of the client based on the hostPrefix + * trait of an operation. + */ + disableHostPrefix?: boolean; + + /** + * Value for how many times a request will be made at most in case of retry. + */ + maxAttempts?: number | __Provider; + + /** + * Specifies which retry algorithm to use. + */ + retryMode?: string | __Provider; + + /** + * Optional logger for logging debug/info/warn/error. + */ + logger?: __Logger; + + /** + * Unique service identifier. + * @internal + */ + serviceId?: string; + + /** + * The AWS region to which this client will send requests + */ + region?: string | __Provider; + + /** + * Default credentials provider; Not available in browser runtime. + * @internal + */ + credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + + /** + * Fetch related hostname, signing name or signing region with given region. + * @internal + */ + regionInfoProvider?: RegionInfoProvider; + + /** + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal + */ + defaultUserAgentProvider?: Provider<__UserAgent>; +} + +type GrafanaClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOptions>> & + ClientDefaults & + RegionInputConfig & + EndpointsInputConfig & + RetryInputConfig & + HostHeaderInputConfig & + AwsAuthInputConfig & + UserAgentInputConfig; +/** + * The configuration interface of GrafanaClient class constructor that set the region, credentials and other options. + */ +export interface GrafanaClientConfig extends GrafanaClientConfigType {} + +type GrafanaClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHandlerOptions> & + Required & + RegionResolvedConfig & + EndpointsResolvedConfig & + RetryResolvedConfig & + HostHeaderResolvedConfig & + AwsAuthResolvedConfig & + UserAgentResolvedConfig; +/** + * The resolved configuration interface of GrafanaClient class. This is resolved and normalized from the {@link GrafanaClientConfig | constructor configuration interface}. + */ +export interface GrafanaClientResolvedConfig extends GrafanaClientResolvedConfigType {} + +/** + *

                                                Amazon Managed Grafana is a fully managed and secure data visualization service that you can use to + * instantly query, correlate, and visualize operational metrics, logs, and traces from multiple sources. + * Amazon Managed Grafana makes it easy to deploy, operate, and scale Grafana, a widely deployed data visualization tool + * that is popular for its extensible data support.

                                                + *

                                                With Amazon Managed Grafana, you create logically isolated Grafana servers called workspaces. In + * a workspace, you can create Grafana dashboards and visualizations to analyze your metrics, logs, and traces without having to + * build, package, or deploy any hardware to run Grafana servers.

                                                + */ +export class GrafanaClient extends __Client< + __HttpHandlerOptions, + ServiceInputTypes, + ServiceOutputTypes, + GrafanaClientResolvedConfig +> { + /** + * The resolved configuration of GrafanaClient class. This is resolved and normalized from the {@link GrafanaClientConfig | constructor configuration interface}. + */ + readonly config: GrafanaClientResolvedConfig; + + constructor(configuration: GrafanaClientConfig) { + const _config_0 = __getRuntimeConfig(configuration); + const _config_1 = resolveRegionConfig(_config_0); + const _config_2 = resolveEndpointsConfig(_config_1); + const _config_3 = resolveRetryConfig(_config_2); + const _config_4 = resolveHostHeaderConfig(_config_3); + const _config_5 = resolveAwsAuthConfig(_config_4); + const _config_6 = resolveUserAgentConfig(_config_5); + super(_config_6); + this.config = _config_6; + this.middlewareStack.use(getRetryPlugin(this.config)); + this.middlewareStack.use(getContentLengthPlugin(this.config)); + this.middlewareStack.use(getHostHeaderPlugin(this.config)); + this.middlewareStack.use(getLoggerPlugin(this.config)); + this.middlewareStack.use(getAwsAuthPlugin(this.config)); + this.middlewareStack.use(getUserAgentPlugin(this.config)); + } + + /** + * Destroy underlying resources, like sockets. It's usually not necessary to do this. + * However in Node.js, it's best to explicitly shut down the client's agent when it is no longer needed. + * Otherwise, sockets might stay open for quite a long time before the server terminates them. + */ + destroy(): void { + super.destroy(); + } +} diff --git a/clients/client-grafana/src/commands/AssociateLicenseCommand.ts b/clients/client-grafana/src/commands/AssociateLicenseCommand.ts new file mode 100644 index 000000000000..5f6de8860d51 --- /dev/null +++ b/clients/client-grafana/src/commands/AssociateLicenseCommand.ts @@ -0,0 +1,97 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { GrafanaClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GrafanaClient"; +import { AssociateLicenseRequest, AssociateLicenseResponse } from "../models/models_0"; +import { + deserializeAws_restJson1AssociateLicenseCommand, + serializeAws_restJson1AssociateLicenseCommand, +} from "../protocols/Aws_restJson1"; + +export interface AssociateLicenseCommandInput extends AssociateLicenseRequest {} +export interface AssociateLicenseCommandOutput extends AssociateLicenseResponse, __MetadataBearer {} + +/** + *

                                                Assigns a Grafana Enterprise license to a workspace. Upgrading to Grafana Enterprise + * incurs additional fees. For more information, see Upgrade a workspace to + * Grafana Enterprise.

                                                + * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { GrafanaClient, AssociateLicenseCommand } from "@aws-sdk/client-grafana"; // ES Modules import + * // const { GrafanaClient, AssociateLicenseCommand } = require("@aws-sdk/client-grafana"); // CommonJS import + * const client = new GrafanaClient(config); + * const command = new AssociateLicenseCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link AssociateLicenseCommandInput} for command's `input` shape. + * @see {@link AssociateLicenseCommandOutput} for command's `response` shape. + * @see {@link GrafanaClientResolvedConfig | config} for command's `input` shape. + * + */ +export class AssociateLicenseCommand extends $Command< + AssociateLicenseCommandInput, + AssociateLicenseCommandOutput, + GrafanaClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: AssociateLicenseCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStack, + configuration: GrafanaClientResolvedConfig, + options?: __HttpHandlerOptions + ): Handler { + this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); + + const stack = clientStack.concat(this.middlewareStack); + + const { logger } = configuration; + const clientName = "GrafanaClient"; + const commandName = "AssociateLicenseCommand"; + const handlerExecutionContext: HandlerExecutionContext = { + logger, + clientName, + commandName, + inputFilterSensitiveLog: AssociateLicenseRequest.filterSensitiveLog, + outputFilterSensitiveLog: AssociateLicenseResponse.filterSensitiveLog, + }; + const { requestHandler } = configuration; + return stack.resolve( + (request: FinalizeHandlerArguments) => + requestHandler.handle(request.request as __HttpRequest, options || {}), + handlerExecutionContext + ); + } + + private serialize(input: AssociateLicenseCommandInput, context: __SerdeContext): Promise<__HttpRequest> { + return serializeAws_restJson1AssociateLicenseCommand(input, context); + } + + private deserialize(output: __HttpResponse, context: __SerdeContext): Promise { + return deserializeAws_restJson1AssociateLicenseCommand(output, context); + } + + // Start section: command_body_extra + // End section: command_body_extra +} diff --git a/clients/client-grafana/src/commands/CreateWorkspaceCommand.ts b/clients/client-grafana/src/commands/CreateWorkspaceCommand.ts new file mode 100644 index 000000000000..c0b0cc8c0eb8 --- /dev/null +++ b/clients/client-grafana/src/commands/CreateWorkspaceCommand.ts @@ -0,0 +1,99 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { GrafanaClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GrafanaClient"; +import { CreateWorkspaceRequest, CreateWorkspaceResponse } from "../models/models_0"; +import { + deserializeAws_restJson1CreateWorkspaceCommand, + serializeAws_restJson1CreateWorkspaceCommand, +} from "../protocols/Aws_restJson1"; + +export interface CreateWorkspaceCommandInput extends CreateWorkspaceRequest {} +export interface CreateWorkspaceCommandOutput extends CreateWorkspaceResponse, __MetadataBearer {} + +/** + *

                                                Creates a workspace. In a workspace, you can create Grafana + * dashboards and visualizations to analyze your metrics, logs, and traces. You don't have to + * build, package, or deploy any hardware to run the Grafana server.

                                                + *

                                                Don't use CreateWorkspace to modify an existing workspace. Instead, + * use UpdateWorkspace.

                                                + * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { GrafanaClient, CreateWorkspaceCommand } from "@aws-sdk/client-grafana"; // ES Modules import + * // const { GrafanaClient, CreateWorkspaceCommand } = require("@aws-sdk/client-grafana"); // CommonJS import + * const client = new GrafanaClient(config); + * const command = new CreateWorkspaceCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link CreateWorkspaceCommandInput} for command's `input` shape. + * @see {@link CreateWorkspaceCommandOutput} for command's `response` shape. + * @see {@link GrafanaClientResolvedConfig | config} for command's `input` shape. + * + */ +export class CreateWorkspaceCommand extends $Command< + CreateWorkspaceCommandInput, + CreateWorkspaceCommandOutput, + GrafanaClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: CreateWorkspaceCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStack, + configuration: GrafanaClientResolvedConfig, + options?: __HttpHandlerOptions + ): Handler { + this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); + + const stack = clientStack.concat(this.middlewareStack); + + const { logger } = configuration; + const clientName = "GrafanaClient"; + const commandName = "CreateWorkspaceCommand"; + const handlerExecutionContext: HandlerExecutionContext = { + logger, + clientName, + commandName, + inputFilterSensitiveLog: CreateWorkspaceRequest.filterSensitiveLog, + outputFilterSensitiveLog: CreateWorkspaceResponse.filterSensitiveLog, + }; + const { requestHandler } = configuration; + return stack.resolve( + (request: FinalizeHandlerArguments) => + requestHandler.handle(request.request as __HttpRequest, options || {}), + handlerExecutionContext + ); + } + + private serialize(input: CreateWorkspaceCommandInput, context: __SerdeContext): Promise<__HttpRequest> { + return serializeAws_restJson1CreateWorkspaceCommand(input, context); + } + + private deserialize(output: __HttpResponse, context: __SerdeContext): Promise { + return deserializeAws_restJson1CreateWorkspaceCommand(output, context); + } + + // Start section: command_body_extra + // End section: command_body_extra +} diff --git a/clients/client-grafana/src/commands/DeleteWorkspaceCommand.ts b/clients/client-grafana/src/commands/DeleteWorkspaceCommand.ts new file mode 100644 index 000000000000..673a83152939 --- /dev/null +++ b/clients/client-grafana/src/commands/DeleteWorkspaceCommand.ts @@ -0,0 +1,95 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { GrafanaClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GrafanaClient"; +import { DeleteWorkspaceRequest, DeleteWorkspaceResponse } from "../models/models_0"; +import { + deserializeAws_restJson1DeleteWorkspaceCommand, + serializeAws_restJson1DeleteWorkspaceCommand, +} from "../protocols/Aws_restJson1"; + +export interface DeleteWorkspaceCommandInput extends DeleteWorkspaceRequest {} +export interface DeleteWorkspaceCommandOutput extends DeleteWorkspaceResponse, __MetadataBearer {} + +/** + *

                                                Deletes an Amazon Managed Grafana workspace.

                                                + * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { GrafanaClient, DeleteWorkspaceCommand } from "@aws-sdk/client-grafana"; // ES Modules import + * // const { GrafanaClient, DeleteWorkspaceCommand } = require("@aws-sdk/client-grafana"); // CommonJS import + * const client = new GrafanaClient(config); + * const command = new DeleteWorkspaceCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link DeleteWorkspaceCommandInput} for command's `input` shape. + * @see {@link DeleteWorkspaceCommandOutput} for command's `response` shape. + * @see {@link GrafanaClientResolvedConfig | config} for command's `input` shape. + * + */ +export class DeleteWorkspaceCommand extends $Command< + DeleteWorkspaceCommandInput, + DeleteWorkspaceCommandOutput, + GrafanaClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: DeleteWorkspaceCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStack, + configuration: GrafanaClientResolvedConfig, + options?: __HttpHandlerOptions + ): Handler { + this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); + + const stack = clientStack.concat(this.middlewareStack); + + const { logger } = configuration; + const clientName = "GrafanaClient"; + const commandName = "DeleteWorkspaceCommand"; + const handlerExecutionContext: HandlerExecutionContext = { + logger, + clientName, + commandName, + inputFilterSensitiveLog: DeleteWorkspaceRequest.filterSensitiveLog, + outputFilterSensitiveLog: DeleteWorkspaceResponse.filterSensitiveLog, + }; + const { requestHandler } = configuration; + return stack.resolve( + (request: FinalizeHandlerArguments) => + requestHandler.handle(request.request as __HttpRequest, options || {}), + handlerExecutionContext + ); + } + + private serialize(input: DeleteWorkspaceCommandInput, context: __SerdeContext): Promise<__HttpRequest> { + return serializeAws_restJson1DeleteWorkspaceCommand(input, context); + } + + private deserialize(output: __HttpResponse, context: __SerdeContext): Promise { + return deserializeAws_restJson1DeleteWorkspaceCommand(output, context); + } + + // Start section: command_body_extra + // End section: command_body_extra +} diff --git a/clients/client-grafana/src/commands/DescribeWorkspaceAuthenticationCommand.ts b/clients/client-grafana/src/commands/DescribeWorkspaceAuthenticationCommand.ts new file mode 100644 index 000000000000..5943fc5be8b9 --- /dev/null +++ b/clients/client-grafana/src/commands/DescribeWorkspaceAuthenticationCommand.ts @@ -0,0 +1,103 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { GrafanaClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GrafanaClient"; +import { DescribeWorkspaceAuthenticationRequest, DescribeWorkspaceAuthenticationResponse } from "../models/models_0"; +import { + deserializeAws_restJson1DescribeWorkspaceAuthenticationCommand, + serializeAws_restJson1DescribeWorkspaceAuthenticationCommand, +} from "../protocols/Aws_restJson1"; + +export interface DescribeWorkspaceAuthenticationCommandInput extends DescribeWorkspaceAuthenticationRequest {} +export interface DescribeWorkspaceAuthenticationCommandOutput + extends DescribeWorkspaceAuthenticationResponse, + __MetadataBearer {} + +/** + *

                                                Displays information about the authentication methods used in one Amazon Managed Grafana workspace.

                                                + * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { GrafanaClient, DescribeWorkspaceAuthenticationCommand } from "@aws-sdk/client-grafana"; // ES Modules import + * // const { GrafanaClient, DescribeWorkspaceAuthenticationCommand } = require("@aws-sdk/client-grafana"); // CommonJS import + * const client = new GrafanaClient(config); + * const command = new DescribeWorkspaceAuthenticationCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link DescribeWorkspaceAuthenticationCommandInput} for command's `input` shape. + * @see {@link DescribeWorkspaceAuthenticationCommandOutput} for command's `response` shape. + * @see {@link GrafanaClientResolvedConfig | config} for command's `input` shape. + * + */ +export class DescribeWorkspaceAuthenticationCommand extends $Command< + DescribeWorkspaceAuthenticationCommandInput, + DescribeWorkspaceAuthenticationCommandOutput, + GrafanaClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: DescribeWorkspaceAuthenticationCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStack, + configuration: GrafanaClientResolvedConfig, + options?: __HttpHandlerOptions + ): Handler { + this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); + + const stack = clientStack.concat(this.middlewareStack); + + const { logger } = configuration; + const clientName = "GrafanaClient"; + const commandName = "DescribeWorkspaceAuthenticationCommand"; + const handlerExecutionContext: HandlerExecutionContext = { + logger, + clientName, + commandName, + inputFilterSensitiveLog: DescribeWorkspaceAuthenticationRequest.filterSensitiveLog, + outputFilterSensitiveLog: DescribeWorkspaceAuthenticationResponse.filterSensitiveLog, + }; + const { requestHandler } = configuration; + return stack.resolve( + (request: FinalizeHandlerArguments) => + requestHandler.handle(request.request as __HttpRequest, options || {}), + handlerExecutionContext + ); + } + + private serialize( + input: DescribeWorkspaceAuthenticationCommandInput, + context: __SerdeContext + ): Promise<__HttpRequest> { + return serializeAws_restJson1DescribeWorkspaceAuthenticationCommand(input, context); + } + + private deserialize( + output: __HttpResponse, + context: __SerdeContext + ): Promise { + return deserializeAws_restJson1DescribeWorkspaceAuthenticationCommand(output, context); + } + + // Start section: command_body_extra + // End section: command_body_extra +} diff --git a/clients/client-grafana/src/commands/DescribeWorkspaceCommand.ts b/clients/client-grafana/src/commands/DescribeWorkspaceCommand.ts new file mode 100644 index 000000000000..38db6e6d10b3 --- /dev/null +++ b/clients/client-grafana/src/commands/DescribeWorkspaceCommand.ts @@ -0,0 +1,95 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { GrafanaClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GrafanaClient"; +import { DescribeWorkspaceRequest, DescribeWorkspaceResponse } from "../models/models_0"; +import { + deserializeAws_restJson1DescribeWorkspaceCommand, + serializeAws_restJson1DescribeWorkspaceCommand, +} from "../protocols/Aws_restJson1"; + +export interface DescribeWorkspaceCommandInput extends DescribeWorkspaceRequest {} +export interface DescribeWorkspaceCommandOutput extends DescribeWorkspaceResponse, __MetadataBearer {} + +/** + *

                                                Displays information about one Amazon Managed Grafana workspace.

                                                + * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { GrafanaClient, DescribeWorkspaceCommand } from "@aws-sdk/client-grafana"; // ES Modules import + * // const { GrafanaClient, DescribeWorkspaceCommand } = require("@aws-sdk/client-grafana"); // CommonJS import + * const client = new GrafanaClient(config); + * const command = new DescribeWorkspaceCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link DescribeWorkspaceCommandInput} for command's `input` shape. + * @see {@link DescribeWorkspaceCommandOutput} for command's `response` shape. + * @see {@link GrafanaClientResolvedConfig | config} for command's `input` shape. + * + */ +export class DescribeWorkspaceCommand extends $Command< + DescribeWorkspaceCommandInput, + DescribeWorkspaceCommandOutput, + GrafanaClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: DescribeWorkspaceCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStack, + configuration: GrafanaClientResolvedConfig, + options?: __HttpHandlerOptions + ): Handler { + this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); + + const stack = clientStack.concat(this.middlewareStack); + + const { logger } = configuration; + const clientName = "GrafanaClient"; + const commandName = "DescribeWorkspaceCommand"; + const handlerExecutionContext: HandlerExecutionContext = { + logger, + clientName, + commandName, + inputFilterSensitiveLog: DescribeWorkspaceRequest.filterSensitiveLog, + outputFilterSensitiveLog: DescribeWorkspaceResponse.filterSensitiveLog, + }; + const { requestHandler } = configuration; + return stack.resolve( + (request: FinalizeHandlerArguments) => + requestHandler.handle(request.request as __HttpRequest, options || {}), + handlerExecutionContext + ); + } + + private serialize(input: DescribeWorkspaceCommandInput, context: __SerdeContext): Promise<__HttpRequest> { + return serializeAws_restJson1DescribeWorkspaceCommand(input, context); + } + + private deserialize(output: __HttpResponse, context: __SerdeContext): Promise { + return deserializeAws_restJson1DescribeWorkspaceCommand(output, context); + } + + // Start section: command_body_extra + // End section: command_body_extra +} diff --git a/clients/client-grafana/src/commands/DisassociateLicenseCommand.ts b/clients/client-grafana/src/commands/DisassociateLicenseCommand.ts new file mode 100644 index 000000000000..6d9e383a8ea4 --- /dev/null +++ b/clients/client-grafana/src/commands/DisassociateLicenseCommand.ts @@ -0,0 +1,95 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { GrafanaClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GrafanaClient"; +import { DisassociateLicenseRequest, DisassociateLicenseResponse } from "../models/models_0"; +import { + deserializeAws_restJson1DisassociateLicenseCommand, + serializeAws_restJson1DisassociateLicenseCommand, +} from "../protocols/Aws_restJson1"; + +export interface DisassociateLicenseCommandInput extends DisassociateLicenseRequest {} +export interface DisassociateLicenseCommandOutput extends DisassociateLicenseResponse, __MetadataBearer {} + +/** + *

                                                Removes the Grafana Enterprise license from a workspace.

                                                + * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { GrafanaClient, DisassociateLicenseCommand } from "@aws-sdk/client-grafana"; // ES Modules import + * // const { GrafanaClient, DisassociateLicenseCommand } = require("@aws-sdk/client-grafana"); // CommonJS import + * const client = new GrafanaClient(config); + * const command = new DisassociateLicenseCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link DisassociateLicenseCommandInput} for command's `input` shape. + * @see {@link DisassociateLicenseCommandOutput} for command's `response` shape. + * @see {@link GrafanaClientResolvedConfig | config} for command's `input` shape. + * + */ +export class DisassociateLicenseCommand extends $Command< + DisassociateLicenseCommandInput, + DisassociateLicenseCommandOutput, + GrafanaClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: DisassociateLicenseCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStack, + configuration: GrafanaClientResolvedConfig, + options?: __HttpHandlerOptions + ): Handler { + this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); + + const stack = clientStack.concat(this.middlewareStack); + + const { logger } = configuration; + const clientName = "GrafanaClient"; + const commandName = "DisassociateLicenseCommand"; + const handlerExecutionContext: HandlerExecutionContext = { + logger, + clientName, + commandName, + inputFilterSensitiveLog: DisassociateLicenseRequest.filterSensitiveLog, + outputFilterSensitiveLog: DisassociateLicenseResponse.filterSensitiveLog, + }; + const { requestHandler } = configuration; + return stack.resolve( + (request: FinalizeHandlerArguments) => + requestHandler.handle(request.request as __HttpRequest, options || {}), + handlerExecutionContext + ); + } + + private serialize(input: DisassociateLicenseCommandInput, context: __SerdeContext): Promise<__HttpRequest> { + return serializeAws_restJson1DisassociateLicenseCommand(input, context); + } + + private deserialize(output: __HttpResponse, context: __SerdeContext): Promise { + return deserializeAws_restJson1DisassociateLicenseCommand(output, context); + } + + // Start section: command_body_extra + // End section: command_body_extra +} diff --git a/clients/client-grafana/src/commands/ListPermissionsCommand.ts b/clients/client-grafana/src/commands/ListPermissionsCommand.ts new file mode 100644 index 000000000000..dad65776c336 --- /dev/null +++ b/clients/client-grafana/src/commands/ListPermissionsCommand.ts @@ -0,0 +1,101 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { GrafanaClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GrafanaClient"; +import { ListPermissionsRequest, ListPermissionsResponse } from "../models/models_0"; +import { + deserializeAws_restJson1ListPermissionsCommand, + serializeAws_restJson1ListPermissionsCommand, +} from "../protocols/Aws_restJson1"; + +export interface ListPermissionsCommandInput extends ListPermissionsRequest {} +export interface ListPermissionsCommandOutput extends ListPermissionsResponse, __MetadataBearer {} + +/** + *

                                                Lists the users and groups who have the Grafana Admin and + * Editor roles in this workspace. If you use this + * operation without specifying userId or groupId, the operation returns + * the roles of all users + * and groups. If you specify a userId or a groupId, only the roles + * for that user or group are returned. If you do this, you can specify only one userId or + * one groupId.

                                                + * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { GrafanaClient, ListPermissionsCommand } from "@aws-sdk/client-grafana"; // ES Modules import + * // const { GrafanaClient, ListPermissionsCommand } = require("@aws-sdk/client-grafana"); // CommonJS import + * const client = new GrafanaClient(config); + * const command = new ListPermissionsCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link ListPermissionsCommandInput} for command's `input` shape. + * @see {@link ListPermissionsCommandOutput} for command's `response` shape. + * @see {@link GrafanaClientResolvedConfig | config} for command's `input` shape. + * + */ +export class ListPermissionsCommand extends $Command< + ListPermissionsCommandInput, + ListPermissionsCommandOutput, + GrafanaClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: ListPermissionsCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStack, + configuration: GrafanaClientResolvedConfig, + options?: __HttpHandlerOptions + ): Handler { + this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); + + const stack = clientStack.concat(this.middlewareStack); + + const { logger } = configuration; + const clientName = "GrafanaClient"; + const commandName = "ListPermissionsCommand"; + const handlerExecutionContext: HandlerExecutionContext = { + logger, + clientName, + commandName, + inputFilterSensitiveLog: ListPermissionsRequest.filterSensitiveLog, + outputFilterSensitiveLog: ListPermissionsResponse.filterSensitiveLog, + }; + const { requestHandler } = configuration; + return stack.resolve( + (request: FinalizeHandlerArguments) => + requestHandler.handle(request.request as __HttpRequest, options || {}), + handlerExecutionContext + ); + } + + private serialize(input: ListPermissionsCommandInput, context: __SerdeContext): Promise<__HttpRequest> { + return serializeAws_restJson1ListPermissionsCommand(input, context); + } + + private deserialize(output: __HttpResponse, context: __SerdeContext): Promise { + return deserializeAws_restJson1ListPermissionsCommand(output, context); + } + + // Start section: command_body_extra + // End section: command_body_extra +} diff --git a/clients/client-grafana/src/commands/ListWorkspacesCommand.ts b/clients/client-grafana/src/commands/ListWorkspacesCommand.ts new file mode 100644 index 000000000000..511a6250d9fe --- /dev/null +++ b/clients/client-grafana/src/commands/ListWorkspacesCommand.ts @@ -0,0 +1,96 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { GrafanaClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GrafanaClient"; +import { ListWorkspacesRequest, ListWorkspacesResponse } from "../models/models_0"; +import { + deserializeAws_restJson1ListWorkspacesCommand, + serializeAws_restJson1ListWorkspacesCommand, +} from "../protocols/Aws_restJson1"; + +export interface ListWorkspacesCommandInput extends ListWorkspacesRequest {} +export interface ListWorkspacesCommandOutput extends ListWorkspacesResponse, __MetadataBearer {} + +/** + *

                                                Returns a list of Amazon Managed Grafana workspaces in the account, with some information + * about each workspace. For more complete information about one workspace, use DescribeWorkspace.

                                                + * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { GrafanaClient, ListWorkspacesCommand } from "@aws-sdk/client-grafana"; // ES Modules import + * // const { GrafanaClient, ListWorkspacesCommand } = require("@aws-sdk/client-grafana"); // CommonJS import + * const client = new GrafanaClient(config); + * const command = new ListWorkspacesCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link ListWorkspacesCommandInput} for command's `input` shape. + * @see {@link ListWorkspacesCommandOutput} for command's `response` shape. + * @see {@link GrafanaClientResolvedConfig | config} for command's `input` shape. + * + */ +export class ListWorkspacesCommand extends $Command< + ListWorkspacesCommandInput, + ListWorkspacesCommandOutput, + GrafanaClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: ListWorkspacesCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStack, + configuration: GrafanaClientResolvedConfig, + options?: __HttpHandlerOptions + ): Handler { + this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); + + const stack = clientStack.concat(this.middlewareStack); + + const { logger } = configuration; + const clientName = "GrafanaClient"; + const commandName = "ListWorkspacesCommand"; + const handlerExecutionContext: HandlerExecutionContext = { + logger, + clientName, + commandName, + inputFilterSensitiveLog: ListWorkspacesRequest.filterSensitiveLog, + outputFilterSensitiveLog: ListWorkspacesResponse.filterSensitiveLog, + }; + const { requestHandler } = configuration; + return stack.resolve( + (request: FinalizeHandlerArguments) => + requestHandler.handle(request.request as __HttpRequest, options || {}), + handlerExecutionContext + ); + } + + private serialize(input: ListWorkspacesCommandInput, context: __SerdeContext): Promise<__HttpRequest> { + return serializeAws_restJson1ListWorkspacesCommand(input, context); + } + + private deserialize(output: __HttpResponse, context: __SerdeContext): Promise { + return deserializeAws_restJson1ListWorkspacesCommand(output, context); + } + + // Start section: command_body_extra + // End section: command_body_extra +} diff --git a/clients/client-grafana/src/commands/UpdatePermissionsCommand.ts b/clients/client-grafana/src/commands/UpdatePermissionsCommand.ts new file mode 100644 index 000000000000..dd0c6b32b5db --- /dev/null +++ b/clients/client-grafana/src/commands/UpdatePermissionsCommand.ts @@ -0,0 +1,95 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { GrafanaClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GrafanaClient"; +import { UpdatePermissionsRequest, UpdatePermissionsResponse } from "../models/models_0"; +import { + deserializeAws_restJson1UpdatePermissionsCommand, + serializeAws_restJson1UpdatePermissionsCommand, +} from "../protocols/Aws_restJson1"; + +export interface UpdatePermissionsCommandInput extends UpdatePermissionsRequest {} +export interface UpdatePermissionsCommandOutput extends UpdatePermissionsResponse, __MetadataBearer {} + +/** + *

                                                Updates which users in a workspace have the Grafana Admin or Editor roles.

                                                + * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { GrafanaClient, UpdatePermissionsCommand } from "@aws-sdk/client-grafana"; // ES Modules import + * // const { GrafanaClient, UpdatePermissionsCommand } = require("@aws-sdk/client-grafana"); // CommonJS import + * const client = new GrafanaClient(config); + * const command = new UpdatePermissionsCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link UpdatePermissionsCommandInput} for command's `input` shape. + * @see {@link UpdatePermissionsCommandOutput} for command's `response` shape. + * @see {@link GrafanaClientResolvedConfig | config} for command's `input` shape. + * + */ +export class UpdatePermissionsCommand extends $Command< + UpdatePermissionsCommandInput, + UpdatePermissionsCommandOutput, + GrafanaClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: UpdatePermissionsCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStack, + configuration: GrafanaClientResolvedConfig, + options?: __HttpHandlerOptions + ): Handler { + this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); + + const stack = clientStack.concat(this.middlewareStack); + + const { logger } = configuration; + const clientName = "GrafanaClient"; + const commandName = "UpdatePermissionsCommand"; + const handlerExecutionContext: HandlerExecutionContext = { + logger, + clientName, + commandName, + inputFilterSensitiveLog: UpdatePermissionsRequest.filterSensitiveLog, + outputFilterSensitiveLog: UpdatePermissionsResponse.filterSensitiveLog, + }; + const { requestHandler } = configuration; + return stack.resolve( + (request: FinalizeHandlerArguments) => + requestHandler.handle(request.request as __HttpRequest, options || {}), + handlerExecutionContext + ); + } + + private serialize(input: UpdatePermissionsCommandInput, context: __SerdeContext): Promise<__HttpRequest> { + return serializeAws_restJson1UpdatePermissionsCommand(input, context); + } + + private deserialize(output: __HttpResponse, context: __SerdeContext): Promise { + return deserializeAws_restJson1UpdatePermissionsCommand(output, context); + } + + // Start section: command_body_extra + // End section: command_body_extra +} diff --git a/clients/client-grafana/src/commands/UpdateWorkspaceAuthenticationCommand.ts b/clients/client-grafana/src/commands/UpdateWorkspaceAuthenticationCommand.ts new file mode 100644 index 000000000000..2c89646db775 --- /dev/null +++ b/clients/client-grafana/src/commands/UpdateWorkspaceAuthenticationCommand.ts @@ -0,0 +1,103 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { GrafanaClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GrafanaClient"; +import { UpdateWorkspaceAuthenticationRequest, UpdateWorkspaceAuthenticationResponse } from "../models/models_0"; +import { + deserializeAws_restJson1UpdateWorkspaceAuthenticationCommand, + serializeAws_restJson1UpdateWorkspaceAuthenticationCommand, +} from "../protocols/Aws_restJson1"; + +export interface UpdateWorkspaceAuthenticationCommandInput extends UpdateWorkspaceAuthenticationRequest {} +export interface UpdateWorkspaceAuthenticationCommandOutput + extends UpdateWorkspaceAuthenticationResponse, + __MetadataBearer {} + +/** + *

                                                Use this operation to define the identity provider (IdP) that this workspace + * authenticates users from, using SAML. You can also map SAML assertion attributes to + * workspace user information and define which groups in the assertion attribute are to have + * the Admin and Editor roles in the workspace.

                                                + * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { GrafanaClient, UpdateWorkspaceAuthenticationCommand } from "@aws-sdk/client-grafana"; // ES Modules import + * // const { GrafanaClient, UpdateWorkspaceAuthenticationCommand } = require("@aws-sdk/client-grafana"); // CommonJS import + * const client = new GrafanaClient(config); + * const command = new UpdateWorkspaceAuthenticationCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link UpdateWorkspaceAuthenticationCommandInput} for command's `input` shape. + * @see {@link UpdateWorkspaceAuthenticationCommandOutput} for command's `response` shape. + * @see {@link GrafanaClientResolvedConfig | config} for command's `input` shape. + * + */ +export class UpdateWorkspaceAuthenticationCommand extends $Command< + UpdateWorkspaceAuthenticationCommandInput, + UpdateWorkspaceAuthenticationCommandOutput, + GrafanaClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: UpdateWorkspaceAuthenticationCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStack, + configuration: GrafanaClientResolvedConfig, + options?: __HttpHandlerOptions + ): Handler { + this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); + + const stack = clientStack.concat(this.middlewareStack); + + const { logger } = configuration; + const clientName = "GrafanaClient"; + const commandName = "UpdateWorkspaceAuthenticationCommand"; + const handlerExecutionContext: HandlerExecutionContext = { + logger, + clientName, + commandName, + inputFilterSensitiveLog: UpdateWorkspaceAuthenticationRequest.filterSensitiveLog, + outputFilterSensitiveLog: UpdateWorkspaceAuthenticationResponse.filterSensitiveLog, + }; + const { requestHandler } = configuration; + return stack.resolve( + (request: FinalizeHandlerArguments) => + requestHandler.handle(request.request as __HttpRequest, options || {}), + handlerExecutionContext + ); + } + + private serialize(input: UpdateWorkspaceAuthenticationCommandInput, context: __SerdeContext): Promise<__HttpRequest> { + return serializeAws_restJson1UpdateWorkspaceAuthenticationCommand(input, context); + } + + private deserialize( + output: __HttpResponse, + context: __SerdeContext + ): Promise { + return deserializeAws_restJson1UpdateWorkspaceAuthenticationCommand(output, context); + } + + // Start section: command_body_extra + // End section: command_body_extra +} diff --git a/clients/client-grafana/src/commands/UpdateWorkspaceCommand.ts b/clients/client-grafana/src/commands/UpdateWorkspaceCommand.ts new file mode 100644 index 000000000000..4a4cede6a03a --- /dev/null +++ b/clients/client-grafana/src/commands/UpdateWorkspaceCommand.ts @@ -0,0 +1,100 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { GrafanaClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GrafanaClient"; +import { UpdateWorkspaceRequest, UpdateWorkspaceResponse } from "../models/models_0"; +import { + deserializeAws_restJson1UpdateWorkspaceCommand, + serializeAws_restJson1UpdateWorkspaceCommand, +} from "../protocols/Aws_restJson1"; + +export interface UpdateWorkspaceCommandInput extends UpdateWorkspaceRequest {} +export interface UpdateWorkspaceCommandOutput extends UpdateWorkspaceResponse, __MetadataBearer {} + +/** + *

                                                Modifies an existing Amazon Managed Grafana workspace. If you use this operation and omit any + * optional parameters, the existing values of those parameters are not changed.

                                                + *

                                                To modify the user authentication methods that the workspace uses, such as SAML or Amazon Web Services SSO, + * use UpdateWorkspaceAuthentication.

                                                + *

                                                To modify which users in the workspace have the Admin and Editor Grafana roles, + * use UpdatePermissions.

                                                + * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { GrafanaClient, UpdateWorkspaceCommand } from "@aws-sdk/client-grafana"; // ES Modules import + * // const { GrafanaClient, UpdateWorkspaceCommand } = require("@aws-sdk/client-grafana"); // CommonJS import + * const client = new GrafanaClient(config); + * const command = new UpdateWorkspaceCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link UpdateWorkspaceCommandInput} for command's `input` shape. + * @see {@link UpdateWorkspaceCommandOutput} for command's `response` shape. + * @see {@link GrafanaClientResolvedConfig | config} for command's `input` shape. + * + */ +export class UpdateWorkspaceCommand extends $Command< + UpdateWorkspaceCommandInput, + UpdateWorkspaceCommandOutput, + GrafanaClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: UpdateWorkspaceCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStack, + configuration: GrafanaClientResolvedConfig, + options?: __HttpHandlerOptions + ): Handler { + this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); + + const stack = clientStack.concat(this.middlewareStack); + + const { logger } = configuration; + const clientName = "GrafanaClient"; + const commandName = "UpdateWorkspaceCommand"; + const handlerExecutionContext: HandlerExecutionContext = { + logger, + clientName, + commandName, + inputFilterSensitiveLog: UpdateWorkspaceRequest.filterSensitiveLog, + outputFilterSensitiveLog: UpdateWorkspaceResponse.filterSensitiveLog, + }; + const { requestHandler } = configuration; + return stack.resolve( + (request: FinalizeHandlerArguments) => + requestHandler.handle(request.request as __HttpRequest, options || {}), + handlerExecutionContext + ); + } + + private serialize(input: UpdateWorkspaceCommandInput, context: __SerdeContext): Promise<__HttpRequest> { + return serializeAws_restJson1UpdateWorkspaceCommand(input, context); + } + + private deserialize(output: __HttpResponse, context: __SerdeContext): Promise { + return deserializeAws_restJson1UpdateWorkspaceCommand(output, context); + } + + // Start section: command_body_extra + // End section: command_body_extra +} diff --git a/clients/client-grafana/src/endpoints.ts b/clients/client-grafana/src/endpoints.ts new file mode 100644 index 000000000000..9066ffc86e87 --- /dev/null +++ b/clients/client-grafana/src/endpoints.ts @@ -0,0 +1,98 @@ +import { getRegionInfo, PartitionHash, RegionHash } from "@aws-sdk/config-resolver"; +import { RegionInfoProvider } from "@aws-sdk/types"; + +const regionHash: RegionHash = { + "ap-northeast-1": { + hostname: "grafana.ap-northeast-1.amazonaws.com", + signingRegion: "ap-northeast-1", + }, + "ap-northeast-2": { + hostname: "grafana.ap-northeast-2.amazonaws.com", + signingRegion: "ap-northeast-2", + }, + "ap-southeast-1": { + hostname: "grafana.ap-southeast-1.amazonaws.com", + signingRegion: "ap-southeast-1", + }, + "ap-southeast-2": { + hostname: "grafana.ap-southeast-2.amazonaws.com", + signingRegion: "ap-southeast-2", + }, + "eu-central-1": { + hostname: "grafana.eu-central-1.amazonaws.com", + signingRegion: "eu-central-1", + }, + "eu-west-1": { + hostname: "grafana.eu-west-1.amazonaws.com", + signingRegion: "eu-west-1", + }, + "eu-west-2": { + hostname: "grafana.eu-west-2.amazonaws.com", + signingRegion: "eu-west-2", + }, + "us-east-1": { + hostname: "grafana.us-east-1.amazonaws.com", + signingRegion: "us-east-1", + }, + "us-east-2": { + hostname: "grafana.us-east-2.amazonaws.com", + signingRegion: "us-east-2", + }, + "us-west-2": { + hostname: "grafana.us-west-2.amazonaws.com", + signingRegion: "us-west-2", + }, +}; + +const partitionHash: PartitionHash = { + aws: { + regions: [ + "af-south-1", + "ap-east-1", + "ap-northeast-1", + "ap-northeast-2", + "ap-northeast-3", + "ap-south-1", + "ap-southeast-1", + "ap-southeast-2", + "ca-central-1", + "eu-central-1", + "eu-north-1", + "eu-south-1", + "eu-west-1", + "eu-west-2", + "eu-west-3", + "me-south-1", + "sa-east-1", + "us-east-1", + "us-east-2", + "us-west-1", + "us-west-2", + ], + hostname: "grafana.{region}.amazonaws.com", + }, + "aws-cn": { + regions: ["cn-north-1", "cn-northwest-1"], + hostname: "grafana.{region}.amazonaws.com.cn", + }, + "aws-iso": { + regions: ["us-iso-east-1"], + hostname: "grafana.{region}.c2s.ic.gov", + }, + "aws-iso-b": { + regions: ["us-isob-east-1"], + hostname: "grafana.{region}.sc2s.sgov.gov", + }, + "aws-us-gov": { + regions: ["us-gov-east-1", "us-gov-west-1"], + hostname: "grafana.{region}.amazonaws.com", + }, +}; + +export const defaultRegionInfoProvider: RegionInfoProvider = async (region: string, options?: any) => + getRegionInfo(region, { + ...options, + signingService: "grafana", + regionHash, + partitionHash, + }); diff --git a/clients/client-grafana/src/index.ts b/clients/client-grafana/src/index.ts new file mode 100644 index 000000000000..3738a930930a --- /dev/null +++ b/clients/client-grafana/src/index.ts @@ -0,0 +1,17 @@ +export * from "./GrafanaClient"; +export * from "./Grafana"; +export * from "./commands/AssociateLicenseCommand"; +export * from "./commands/CreateWorkspaceCommand"; +export * from "./commands/DeleteWorkspaceCommand"; +export * from "./commands/DescribeWorkspaceCommand"; +export * from "./commands/DescribeWorkspaceAuthenticationCommand"; +export * from "./commands/DisassociateLicenseCommand"; +export * from "./commands/ListPermissionsCommand"; +export * from "./pagination/ListPermissionsPaginator"; +export * from "./commands/ListWorkspacesCommand"; +export * from "./pagination/ListWorkspacesPaginator"; +export * from "./commands/UpdatePermissionsCommand"; +export * from "./commands/UpdateWorkspaceCommand"; +export * from "./commands/UpdateWorkspaceAuthenticationCommand"; +export * from "./pagination/Interfaces"; +export * from "./models/index"; diff --git a/clients/client-grafana/src/models/index.ts b/clients/client-grafana/src/models/index.ts new file mode 100644 index 000000000000..09c5d6e09b8c --- /dev/null +++ b/clients/client-grafana/src/models/index.ts @@ -0,0 +1 @@ +export * from "./models_0"; diff --git a/clients/client-grafana/src/models/models_0.ts b/clients/client-grafana/src/models/models_0.ts new file mode 100644 index 000000000000..3816be6c8c64 --- /dev/null +++ b/clients/client-grafana/src/models/models_0.ts @@ -0,0 +1,1632 @@ +import { SENSITIVE_STRING } from "@aws-sdk/smithy-client"; +import { MetadataBearer as $MetadataBearer, SmithyException as __SmithyException } from "@aws-sdk/types"; + +/** + *

                                                You do not have sufficient permissions to perform this action.

                                                + */ +export interface AccessDeniedException extends __SmithyException, $MetadataBearer { + name: "AccessDeniedException"; + $fault: "client"; + message: string | undefined; +} + +export namespace AccessDeniedException { + /** + * @internal + */ + export const filterSensitiveLog = (obj: AccessDeniedException): any => ({ + ...obj, + }); +} + +export enum AccountAccessType { + /** + * Indicates that the customer is using Grafana to monitor resources in their current account. + */ + CURRENT_ACCOUNT = "CURRENT_ACCOUNT", + /** + * Indicates that the customer is using Grafana to monitor resources in organizational units. + */ + ORGANIZATION = "ORGANIZATION", +} + +/** + *

                                                A structure that defines which attributes in the IdP assertion are to be used to define + * information about the users authenticated by the IdP to use the workspace.

                                                + */ +export interface AssertionAttributes { + /** + *

                                                The name of the attribute within the SAML assertion to use as the user full "friendly" names for SAML users.

                                                + */ + name?: string; + + /** + *

                                                The name of the attribute within the SAML assertion to use as the login names for SAML users.

                                                + */ + login?: string; + + /** + *

                                                The name of the attribute within the SAML assertion to use as the email names for SAML users.

                                                + */ + email?: string; + + /** + *

                                                The name of the attribute within the SAML assertion to use as the user full "friendly" names for user groups.

                                                + */ + groups?: string; + + /** + *

                                                The name of the attribute within the SAML assertion to use as the user roles.

                                                + */ + role?: string; + + /** + *

                                                The name of the attribute within the SAML assertion to use as the user full "friendly" names for the users' organizations.

                                                + */ + org?: string; +} + +export namespace AssertionAttributes { + /** + * @internal + */ + export const filterSensitiveLog = (obj: AssertionAttributes): any => ({ + ...obj, + }); +} + +export enum LicenseType { + /** + * Grafana Enterprise License. + */ + ENTERPRISE = "ENTERPRISE", + /** + * Grafana Enterprise Free Trial License. + */ + ENTERPRISE_FREE_TRIAL = "ENTERPRISE_FREE_TRIAL", +} + +export interface AssociateLicenseRequest { + /** + *

                                                The ID of the workspace to associate the license with.

                                                + */ + workspaceId: string | undefined; + + /** + *

                                                The type of license to associate with the workspace.

                                                + */ + licenseType: LicenseType | string | undefined; +} + +export namespace AssociateLicenseRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: AssociateLicenseRequest): any => ({ + ...obj, + }); +} + +export enum AuthenticationProviderTypes { + /** + * Indicates that AMG workspace has AWS SSO enabled as its authentication provider. + */ + AWS_SSO = "AWS_SSO", + /** + * Indicates that the AMG workspace has SAML enabled as its authentication provider. + */ + SAML = "SAML", +} + +export enum SamlConfigurationStatus { + /** + * Indicates that SAML on an AMG workspace is enabled and has been configured. + */ + CONFIGURED = "CONFIGURED", + /** + * Indicates that SAML on an AMG workspace is enabled but has not been configured. + */ + NOT_CONFIGURED = "NOT_CONFIGURED", +} + +/** + *

                                                A structure that describes whether the workspace uses SAML, Amazon Web Services SSO, or both methods + * for user authentication, and whether that authentication is fully configured.

                                                + */ +export interface AuthenticationSummary { + /** + *

                                                Specifies whether the workspace uses SAML, Amazon Web Services SSO, or both methods for user + * authentication.

                                                + */ + providers: (AuthenticationProviderTypes | string)[] | undefined; + + /** + *

                                                Specifies whether the workplace's user authentication method is fully configured.

                                                + */ + samlConfigurationStatus?: SamlConfigurationStatus | string; +} + +export namespace AuthenticationSummary { + /** + * @internal + */ + export const filterSensitiveLog = (obj: AuthenticationSummary): any => ({ + ...obj, + }); +} + +export enum DataSourceType { + /** + * Amazon OpenSearch Service + */ + AMAZON_OPENSEARCH_SERVICE = "AMAZON_OPENSEARCH_SERVICE", + /** + * CloudWatch Logs + */ + CLOUDWATCH = "CLOUDWATCH", + /** + * Managed Prometheus + */ + PROMETHEUS = "PROMETHEUS", + /** + * IoT SiteWise + */ + SITEWISE = "SITEWISE", + /** + * Timestream + */ + TIMESTREAM = "TIMESTREAM", + /** + * X-Ray + */ + XRAY = "XRAY", +} + +export enum NotificationDestinationType { + /** + * AWS Simple Notification Service + */ + SNS = "SNS", +} + +export enum PermissionType { + /** + * Customer Managed + */ + CUSTOMER_MANAGED = "CUSTOMER_MANAGED", + /** + * Service Managed + */ + SERVICE_MANAGED = "SERVICE_MANAGED", +} + +export enum WorkspaceStatus { + /** + * Workspace is active. + */ + ACTIVE = "ACTIVE", + /** + * Workspace is being created. + */ + CREATING = "CREATING", + /** + * Workspace creation failed. + */ + CREATION_FAILED = "CREATION_FAILED", + /** + * Workspace is being deleted. + */ + DELETING = "DELETING", + /** + * Workspace deletion failed. + */ + DELETION_FAILED = "DELETION_FAILED", + /** + * Workspace is in an invalid state, it can only and should be deleted. + */ + FAILED = "FAILED", + /** + * Failed to remove enterprise license from workspace. + */ + LICENSE_REMOVAL_FAILED = "LICENSE_REMOVAL_FAILED", + /** + * Workspace update failed. + */ + UPDATE_FAILED = "UPDATE_FAILED", + /** + * Workspace is being updated. + */ + UPDATING = "UPDATING", + /** + * Workspace upgrade failed. + */ + UPGRADE_FAILED = "UPGRADE_FAILED", + /** + * Workspace is being upgraded to enterprise. + */ + UPGRADING = "UPGRADING", +} + +/** + *

                                                A structure containing information about an Amazon Managed Grafana workspace in your account.

                                                + */ +export interface WorkspaceDescription { + /** + *

                                                Specifies whether the workspace can access Amazon Web Services resources in this Amazon Web Services account only, or whether it can also access Amazon Web Services resources in + * other accounts in the same organization. If this is ORGANIZATION, the + * workspaceOrganizationalUnits parameter specifies which organizational units + * the workspace can access.

                                                + */ + accountAccessType?: AccountAccessType | string; + + /** + *

                                                The date that the workspace was created.

                                                + */ + created: Date | undefined; + + /** + *

                                                Specifies the Amazon Web Services data sources that have been configured to have IAM + * roles and permissions created to allow + * Amazon Managed Grafana to read data from these sources.

                                                + */ + dataSources: (DataSourceType | string)[] | undefined; + + /** + *

                                                The user-defined description of the workspace.

                                                + */ + description?: string; + + /** + *

                                                The URL that users can use to access the Grafana console in the workspace.

                                                + */ + endpoint: string | undefined; + + /** + *

                                                The version of Grafana supported in this workspace.

                                                + */ + grafanaVersion: string | undefined; + + /** + *

                                                The unique ID of this workspace.

                                                + */ + id: string | undefined; + + /** + *

                                                The most recent date that the workspace was modified.

                                                + */ + modified: Date | undefined; + + /** + *

                                                The name of the workspace.

                                                + */ + name?: string; + + /** + *

                                                The name of the IAM role that is used to access resources through Organizations.

                                                + */ + organizationRoleName?: string; + + /** + *

                                                The Amazon Web Services notification channels that Amazon Managed Grafana can automatically create IAM + * roles and permissions for, to allow + * Amazon Managed Grafana to use these channels.

                                                + */ + notificationDestinations?: (NotificationDestinationType | string)[]; + + /** + *

                                                Specifies the organizational units that this workspace is allowed to use data sources + * from, if this workspace is in an account that is part of an organization.

                                                + */ + organizationalUnits?: string[]; + + /** + *

                                                If this is Service Managed, Amazon Managed Grafana automatically creates the IAM roles + * and provisions the permissions that the workspace needs to use Amazon Web Services data sources and notification channels.

                                                + *

                                                If this is CUSTOMER_MANAGED, you manage those roles and permissions + * yourself. If you are creating this workspace in a member account of an organization and that account is not a + * delegated administrator account, and + * you want the workspace to access data sources in other Amazon Web Services accounts in the + * organization, you must choose CUSTOMER_MANAGED.

                                                + *

                                                For more information, see Amazon Managed Grafana permissions and policies for + * Amazon Web Services data sources and notification channels + *

                                                + */ + permissionType?: PermissionType | string; + + /** + *

                                                The name of the CloudFormation stack set that is used to generate IAM roles + * to be used for this workspace.

                                                + */ + stackSetName?: string; + + /** + *

                                                The current status of the workspace.

                                                + */ + status: WorkspaceStatus | string | undefined; + + /** + *

                                                The IAM role that grants permissions to the Amazon Web Services resources that the + * workspace will view data from. This role must already exist.

                                                + */ + workspaceRoleArn?: string; + + /** + *

                                                Specifies whether this workspace has a full Grafana Enterprise license or a free trial license.

                                                + */ + licenseType?: LicenseType | string; + + /** + *

                                                Specifies whether this workspace has already fully used its free trial for Grafana Enterprise.

                                                + */ + freeTrialConsumed?: boolean; + + /** + *

                                                If this workspace has a full Grafana Enterprise license, this specifies when the license ends and + * will need to be renewed.

                                                + */ + licenseExpiration?: Date; + + /** + *

                                                If this workspace is currently in the free trial period for Grafana Enterprise, this value specifies + * when that free trial ends.

                                                + */ + freeTrialExpiration?: Date; + + /** + *

                                                A structure that describes whether the workspace uses SAML, Amazon Web Services SSO, or both methods + * for user authentication.

                                                + */ + authentication: AuthenticationSummary | undefined; +} + +export namespace WorkspaceDescription { + /** + * @internal + */ + export const filterSensitiveLog = (obj: WorkspaceDescription): any => ({ + ...obj, + ...(obj.description && { description: SENSITIVE_STRING }), + ...(obj.name && { name: SENSITIVE_STRING }), + ...(obj.organizationRoleName && { organizationRoleName: SENSITIVE_STRING }), + ...(obj.organizationalUnits && { organizationalUnits: SENSITIVE_STRING }), + ...(obj.workspaceRoleArn && { workspaceRoleArn: SENSITIVE_STRING }), + }); +} + +export interface AssociateLicenseResponse { + /** + *

                                                A structure containing data about the workspace.

                                                + */ + workspace: WorkspaceDescription | undefined; +} + +export namespace AssociateLicenseResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: AssociateLicenseResponse): any => ({ + ...obj, + ...(obj.workspace && { workspace: WorkspaceDescription.filterSensitiveLog(obj.workspace) }), + }); +} + +/** + *

                                                Unexpected error while processing the request. Retry the request.

                                                + */ +export interface InternalServerException extends __SmithyException, $MetadataBearer { + name: "InternalServerException"; + $fault: "server"; + $retryable: {}; + /** + *

                                                A description of the error.

                                                + */ + message: string | undefined; + + /** + *

                                                How long to wait before you retry this operation.

                                                + */ + retryAfterSeconds?: number; +} + +export namespace InternalServerException { + /** + * @internal + */ + export const filterSensitiveLog = (obj: InternalServerException): any => ({ + ...obj, + }); +} + +/** + *

                                                The request references a resource that does not exist.

                                                + */ +export interface ResourceNotFoundException extends __SmithyException, $MetadataBearer { + name: "ResourceNotFoundException"; + $fault: "client"; + /** + *

                                                The value of a parameter in the request caused an error.

                                                + */ + message: string | undefined; + + /** + *

                                                The ID of the resource that is associated with the error.

                                                + */ + resourceId: string | undefined; + + /** + *

                                                The type of the resource that is associated with the error.

                                                + */ + resourceType: string | undefined; +} + +export namespace ResourceNotFoundException { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ResourceNotFoundException): any => ({ + ...obj, + }); +} + +/** + *

                                                The request was denied because of request throttling. Retry the request.

                                                + */ +export interface ThrottlingException extends __SmithyException, $MetadataBearer { + name: "ThrottlingException"; + $fault: "client"; + $retryable: {}; + /** + *

                                                A description of the error.

                                                + */ + message: string | undefined; + + /** + *

                                                The ID of the service that is associated with the error.

                                                + */ + serviceCode?: string; + + /** + *

                                                The ID of the service quota that was exceeded.

                                                + */ + quotaCode?: string; + + /** + *

                                                The value of a parameter in the request caused an error.

                                                + */ + retryAfterSeconds?: number; +} + +export namespace ThrottlingException { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ThrottlingException): any => ({ + ...obj, + }); +} + +/** + *

                                                A structure that contains information about a request parameter that caused an error.

                                                + */ +export interface ValidationExceptionField { + /** + *

                                                The name of the field that caused the validation error.

                                                + */ + name: string | undefined; + + /** + *

                                                A message describing why this field couldn't be validated.

                                                + */ + message: string | undefined; +} + +export namespace ValidationExceptionField { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ValidationExceptionField): any => ({ + ...obj, + }); +} + +export enum ValidationExceptionReason { + CANNOT_PARSE = "CANNOT_PARSE", + FIELD_VALIDATION_FAILED = "FIELD_VALIDATION_FAILED", + OTHER = "OTHER", + UNKNOWN_OPERATION = "UNKNOWN_OPERATION", +} + +/** + *

                                                The value of a parameter in the request caused an error.

                                                + */ +export interface ValidationException extends __SmithyException, $MetadataBearer { + name: "ValidationException"; + $fault: "client"; + /** + *

                                                A description of the error.

                                                + */ + message: string | undefined; + + /** + *

                                                The reason that the operation failed.

                                                + */ + reason: ValidationExceptionReason | string | undefined; + + /** + *

                                                A list of fields that might be associated with the error.

                                                + */ + fieldList?: ValidationExceptionField[]; +} + +export namespace ValidationException { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ValidationException): any => ({ + ...obj, + }); +} + +export interface DescribeWorkspaceAuthenticationRequest { + /** + *

                                                The ID of the workspace to return authentication information about.

                                                + */ + workspaceId: string | undefined; +} + +export namespace DescribeWorkspaceAuthenticationRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DescribeWorkspaceAuthenticationRequest): any => ({ + ...obj, + }); +} + +/** + *

                                                A structure containing information about how this workspace works with + * Amazon Web Services SSO.

                                                + */ +export interface AwsSsoAuthentication { + /** + *

                                                The ID of the Amazon Web Services SSO-managed application that is created by Amazon Managed Grafana.

                                                + */ + ssoClientId?: string; +} + +export namespace AwsSsoAuthentication { + /** + * @internal + */ + export const filterSensitiveLog = (obj: AwsSsoAuthentication): any => ({ + ...obj, + }); +} + +/** + *

                                                A structure containing the identity provider (IdP) metadata used to integrate the + * identity provider with this workspace. You can specify the metadata either by providing a + * URL to its location in the url parameter, or by specifying the full metadata + * in XML format in the xml parameter.

                                                + */ +export type IdpMetadata = IdpMetadata.UrlMember | IdpMetadata.XmlMember | IdpMetadata.$UnknownMember; + +export namespace IdpMetadata { + /** + *

                                                The URL of the location containing the metadata.

                                                + */ + export interface UrlMember { + url: string; + xml?: never; + $unknown?: never; + } + + /** + *

                                                The actual full metadata file, in XML format.

                                                + */ + export interface XmlMember { + url?: never; + xml: string; + $unknown?: never; + } + + export interface $UnknownMember { + url?: never; + xml?: never; + $unknown: [string, any]; + } + + export interface Visitor { + url: (value: string) => T; + xml: (value: string) => T; + _: (name: string, value: any) => T; + } + + export const visit = (value: IdpMetadata, visitor: Visitor): T => { + if (value.url !== undefined) return visitor.url(value.url); + if (value.xml !== undefined) return visitor.xml(value.xml); + return visitor._(value.$unknown[0], value.$unknown[1]); + }; + + /** + * @internal + */ + export const filterSensitiveLog = (obj: IdpMetadata): any => { + if (obj.url !== undefined) return { url: obj.url }; + if (obj.xml !== undefined) return { xml: obj.xml }; + if (obj.$unknown !== undefined) return { [obj.$unknown[0]]: "UNKNOWN" }; + }; +} + +/** + *

                                                This structure defines which groups defined in the SAML assertion attribute are to be mapped + * to the Grafana Admin and Editor roles in the workspace.

                                                + */ +export interface RoleValues { + /** + *

                                                A list of groups from the SAML assertion attribute to grant the Grafana + * Editor role to.

                                                + */ + editor?: string[]; + + /** + *

                                                A list of groups from the SAML assertion attribute to grant the Grafana + * Admin role to.

                                                + */ + admin?: string[]; +} + +export namespace RoleValues { + /** + * @internal + */ + export const filterSensitiveLog = (obj: RoleValues): any => ({ + ...obj, + }); +} + +/** + *

                                                A structure containing information about how this workspace works with + * SAML.

                                                + */ +export interface SamlConfiguration { + /** + *

                                                A structure containing the identity provider (IdP) metadata used to integrate the + * identity provider with this workspace.

                                                + */ + idpMetadata: IdpMetadata | undefined; + + /** + *

                                                A structure that defines which attributes in the SAML assertion are to be used to define information about + * the users authenticated by that IdP to use the workspace.

                                                + */ + assertionAttributes?: AssertionAttributes; + + /** + *

                                                A structure containing arrays that map group names in the SAML assertion to the + * Grafana Admin and Editor roles in the workspace.

                                                + */ + roleValues?: RoleValues; + + /** + *

                                                Lists which organizations defined in the SAML assertion are allowed to use the Amazon Managed Grafana workspace. + * If this is empty, all organizations in the assertion attribute have access.

                                                + */ + allowedOrganizations?: string[]; + + /** + *

                                                How long a sign-on session by a SAML user is valid, before the user has to sign on + * again.

                                                + */ + loginValidityDuration?: number; +} + +export namespace SamlConfiguration { + /** + * @internal + */ + export const filterSensitiveLog = (obj: SamlConfiguration): any => ({ + ...obj, + ...(obj.idpMetadata && { idpMetadata: IdpMetadata.filterSensitiveLog(obj.idpMetadata) }), + }); +} + +/** + *

                                                A structure containing information about how this workspace works with + * SAML.

                                                + */ +export interface SamlAuthentication { + /** + *

                                                Specifies whether the workspace's SAML configuration is complete.

                                                + */ + status: SamlConfigurationStatus | string | undefined; + + /** + *

                                                A structure containing details about how this workspace works with + * SAML.

                                                + */ + configuration?: SamlConfiguration; +} + +export namespace SamlAuthentication { + /** + * @internal + */ + export const filterSensitiveLog = (obj: SamlAuthentication): any => ({ + ...obj, + ...(obj.configuration && { configuration: SamlConfiguration.filterSensitiveLog(obj.configuration) }), + }); +} + +/** + *

                                                A structure containing information about the user authentication methods used by the workspace.

                                                + */ +export interface AuthenticationDescription { + /** + *

                                                Specifies whether this workspace uses Amazon Web Services SSO, SAML, or both methods to authenticate + * users to use the Grafana console in the Amazon Managed Grafana workspace.

                                                + */ + providers: (AuthenticationProviderTypes | string)[] | undefined; + + /** + *

                                                A structure containing information about how this workspace works with + * SAML, including what attributes within the assertion are to be mapped to user information in the workspace.

                                                + */ + saml?: SamlAuthentication; + + /** + *

                                                A structure containing information about how this workspace works with + * Amazon Web Services SSO.

                                                + */ + awsSso?: AwsSsoAuthentication; +} + +export namespace AuthenticationDescription { + /** + * @internal + */ + export const filterSensitiveLog = (obj: AuthenticationDescription): any => ({ + ...obj, + ...(obj.saml && { saml: SamlAuthentication.filterSensitiveLog(obj.saml) }), + }); +} + +export interface DescribeWorkspaceAuthenticationResponse { + /** + *

                                                A structure containing information about the authentication methods used in + * the workspace.

                                                + */ + authentication: AuthenticationDescription | undefined; +} + +export namespace DescribeWorkspaceAuthenticationResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DescribeWorkspaceAuthenticationResponse): any => ({ + ...obj, + ...(obj.authentication && { authentication: AuthenticationDescription.filterSensitiveLog(obj.authentication) }), + }); +} + +/** + *

                                                A resource was in an inconsistent state during an update or a deletion.

                                                + */ +export interface ConflictException extends __SmithyException, $MetadataBearer { + name: "ConflictException"; + $fault: "client"; + /** + *

                                                A description of the error.

                                                + */ + message: string | undefined; + + /** + *

                                                The ID of the resource that is associated with the error.

                                                + */ + resourceId: string | undefined; + + /** + *

                                                The type of the resource that is associated with the error.

                                                + */ + resourceType: string | undefined; +} + +export namespace ConflictException { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ConflictException): any => ({ + ...obj, + }); +} + +export interface UpdateWorkspaceAuthenticationRequest { + /** + *

                                                The ID of the workspace to update the authentication for.

                                                + */ + workspaceId: string | undefined; + + /** + *

                                                Specifies whether this workspace uses SAML 2.0, Amazon Web Services Single Sign On, or both to authenticate + * users for using the Grafana console within a workspace. For more information, + * see User authentication in + * Amazon Managed Grafana.

                                                + */ + authenticationProviders: (AuthenticationProviderTypes | string)[] | undefined; + + /** + *

                                                If the workspace uses SAML, use this structure to + * map SAML assertion attributes to workspace user information and + * define which groups in the assertion attribute are to have the Admin and Editor roles + * in the workspace.

                                                + */ + samlConfiguration?: SamlConfiguration; +} + +export namespace UpdateWorkspaceAuthenticationRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: UpdateWorkspaceAuthenticationRequest): any => ({ + ...obj, + ...(obj.samlConfiguration && { samlConfiguration: SamlConfiguration.filterSensitiveLog(obj.samlConfiguration) }), + }); +} + +export interface UpdateWorkspaceAuthenticationResponse { + /** + *

                                                A structure that describes the user authentication for this workspace after the update is made.

                                                + */ + authentication: AuthenticationDescription | undefined; +} + +export namespace UpdateWorkspaceAuthenticationResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: UpdateWorkspaceAuthenticationResponse): any => ({ + ...obj, + ...(obj.authentication && { authentication: AuthenticationDescription.filterSensitiveLog(obj.authentication) }), + }); +} + +export interface DisassociateLicenseRequest { + /** + *

                                                The ID of the workspace to remove the Grafana Enterprise license from.

                                                + */ + workspaceId: string | undefined; + + /** + *

                                                The type of license to remove from the workspace.

                                                + */ + licenseType: LicenseType | string | undefined; +} + +export namespace DisassociateLicenseRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DisassociateLicenseRequest): any => ({ + ...obj, + }); +} + +export interface DisassociateLicenseResponse { + /** + *

                                                A structure containing information about the workspace.

                                                + */ + workspace: WorkspaceDescription | undefined; +} + +export namespace DisassociateLicenseResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DisassociateLicenseResponse): any => ({ + ...obj, + ...(obj.workspace && { workspace: WorkspaceDescription.filterSensitiveLog(obj.workspace) }), + }); +} + +export enum UserType { + /** + * SSO group. + */ + SSO_GROUP = "SSO_GROUP", + /** + * SSO user. + */ + SSO_USER = "SSO_USER", +} + +export interface ListPermissionsRequest { + /** + *

                                                The maximum number of results to include in the response.

                                                + */ + maxResults?: number; + + /** + *

                                                The token to use when requesting the next set of results. You received this token from a previous + * ListPermissions operation.

                                                + */ + nextToken?: string; + + /** + *

                                                (Optional) If you specify SSO_USER, then only the permissions of Amazon Web Services SSO users + * are returned. If you specify SSO_GROUP, only the permissions of Amazon Web Services SSO groups + * are returned.

                                                + */ + userType?: UserType | string; + + /** + *

                                                (Optional) Limits the results to only the user that matches this ID.

                                                + */ + userId?: string; + + /** + *

                                                (Optional) Limits the results to only the group that matches this ID.

                                                + */ + groupId?: string; + + /** + *

                                                The ID of the workspace to list permissions for. This parameter is required.

                                                + */ + workspaceId: string | undefined; +} + +export namespace ListPermissionsRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ListPermissionsRequest): any => ({ + ...obj, + }); +} + +export enum Role { + /** + * Role Admin. + */ + ADMIN = "ADMIN", + /** + * Role Editor. + */ + EDITOR = "EDITOR", +} + +/** + *

                                                A structure that specifies one user or group in the workspace.

                                                + */ +export interface User { + /** + *

                                                The ID of the user or group.

                                                + */ + id: string | undefined; + + /** + *

                                                Specifies whether this is a single user or a group.

                                                + */ + type: UserType | string | undefined; +} + +export namespace User { + /** + * @internal + */ + export const filterSensitiveLog = (obj: User): any => ({ + ...obj, + }); +} + +/** + *

                                                A structure containing the identity of one user or group and the Admin + * or Editor role that they have.

                                                + */ +export interface PermissionEntry { + /** + *

                                                A structure with the ID of the user or group with this role.

                                                + */ + user: User | undefined; + + /** + *

                                                Specifies whether the user or group has the Admin + * or Editor role.

                                                + */ + role: Role | string | undefined; +} + +export namespace PermissionEntry { + /** + * @internal + */ + export const filterSensitiveLog = (obj: PermissionEntry): any => ({ + ...obj, + }); +} + +export interface ListPermissionsResponse { + /** + *

                                                The token to use in a subsequent ListPermissions operation to return + * the next set of results.

                                                + */ + nextToken?: string; + + /** + *

                                                The permissions returned by the operation.

                                                + */ + permissions: PermissionEntry[] | undefined; +} + +export namespace ListPermissionsResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ListPermissionsResponse): any => ({ + ...obj, + }); +} + +export enum UpdateAction { + /** + * Add permissions. + */ + ADD = "ADD", + /** + * Revoke permissions. + */ + REVOKE = "REVOKE", +} + +/** + *

                                                Contains the instructions for one Grafana role permission update in a + * UpdatePermissions operation.

                                                + */ +export interface UpdateInstruction { + /** + *

                                                Specifies whether this update is to add or revoke role permissions.

                                                + */ + action: UpdateAction | string | undefined; + + /** + *

                                                The role to add or revoke for the user or the group specified in users.

                                                + */ + role: Role | string | undefined; + + /** + *

                                                A structure that specifies the user or group to add or revoke the role for.

                                                + */ + users: User[] | undefined; +} + +export namespace UpdateInstruction { + /** + * @internal + */ + export const filterSensitiveLog = (obj: UpdateInstruction): any => ({ + ...obj, + }); +} + +export interface UpdatePermissionsRequest { + /** + *

                                                An array of structures that contain the permission updates to make.

                                                + */ + updateInstructionBatch: UpdateInstruction[] | undefined; + + /** + *

                                                The ID of the workspace to update.

                                                + */ + workspaceId: string | undefined; +} + +export namespace UpdatePermissionsRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: UpdatePermissionsRequest): any => ({ + ...obj, + }); +} + +/** + *

                                                A structure containing information about one error encountered while performing an + * UpdatePermissions operation.

                                                + */ +export interface UpdateError { + /** + *

                                                The error code.

                                                + */ + code: number | undefined; + + /** + *

                                                The message for this error.

                                                + */ + message: string | undefined; + + /** + *

                                                Specifies which permission update caused the error.

                                                + */ + causedBy: UpdateInstruction | undefined; +} + +export namespace UpdateError { + /** + * @internal + */ + export const filterSensitiveLog = (obj: UpdateError): any => ({ + ...obj, + }); +} + +export interface UpdatePermissionsResponse { + /** + *

                                                An array of structures that contain the errors from the operation, if any.

                                                + */ + errors: UpdateError[] | undefined; +} + +export namespace UpdatePermissionsResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: UpdatePermissionsResponse): any => ({ + ...obj, + }); +} + +export interface CreateWorkspaceRequest { + /** + *

                                                Specifies whether the workspace can access Amazon Web Services resources in this Amazon Web Services account only, or whether it can also access Amazon Web Services resources in + * other accounts in the same organization. If you specify ORGANIZATION, you must + * specify which organizational units the workspace can access in the + * workspaceOrganizationalUnits parameter.

                                                + */ + accountAccessType: AccountAccessType | string | undefined; + + /** + *

                                                A unique, case-sensitive, user-provided identifier to ensure the idempotency of the request.

                                                + */ + clientToken?: string; + + /** + *

                                                The name of an IAM role that already exists to use with Organizations to access Amazon Web Services + * data sources and notification channels in other accounts in an organization.

                                                + */ + organizationRoleName?: string; + + /** + *

                                                If you specify Service Managed, Amazon Managed Grafana automatically creates + * the IAM roles and provisions the permissions that the workspace needs to use + * Amazon Web Services data sources and notification channels.

                                                + *

                                                If you specify CUSTOMER_MANAGED, you will manage those roles and + * permissions yourself. If you are creating this workspace in a member account of an + * organization that is not a delegated administrator account, and you want the workspace to access data sources in other Amazon Web Services + * accounts in the organization, you must choose CUSTOMER_MANAGED.

                                                + *

                                                For more information, see Amazon Managed Grafana permissions and policies for + * Amazon Web Services data sources and notification channels + *

                                                + */ + permissionType: PermissionType | string | undefined; + + /** + *

                                                The name of the CloudFormation stack set to use to generate IAM roles + * to be used for this workspace.

                                                + */ + stackSetName?: string; + + /** + *

                                                Specify the Amazon Web Services data sources that you want to be queried in this + * workspace. Specifying these data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow Amazon Managed Grafana to read data from these + * sources. You must still add them as data sources in the Grafana console in the + * workspace.

                                                + *

                                                If you don't specify a data source here, you can still add it as a data source in the + * workspace console later. However, you will then have to manually configure permissions for + * it.

                                                + */ + workspaceDataSources?: (DataSourceType | string)[]; + + /** + *

                                                A description for the workspace. This is used only to help you identify this workspace.

                                                + */ + workspaceDescription?: string; + + /** + *

                                                The name for the workspace. It does not have to be unique.

                                                + */ + workspaceName?: string; + + /** + *

                                                Specify the Amazon Web Services notification channels that you plan to use in this workspace. Specifying these + * data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow + * Amazon Managed Grafana to use these channels.

                                                + */ + workspaceNotificationDestinations?: (NotificationDestinationType | string)[]; + + /** + *

                                                Specifies the organizational units that this workspace is allowed to use data sources + * from, if this workspace is in an account that is part of an organization.

                                                + */ + workspaceOrganizationalUnits?: string[]; + + /** + *

                                                The workspace needs an IAM role that grants permissions to the Amazon Web Services resources that the + * workspace will view data from. If you already have a role that you want to use, specify it here. If you omit + * this field and you specify some Amazon Web Services resources in workspaceDataSources or + * workspaceNotificationDestinations, a new IAM role with the necessary permissions is + * automatically created.

                                                + */ + workspaceRoleArn?: string; + + /** + *

                                                Specifies whether this workspace uses SAML 2.0, Amazon Web Services Single Sign On, or both to authenticate + * users for using the Grafana console within a workspace. For more information, + * see User authentication in + * Amazon Managed Grafana.

                                                + */ + authenticationProviders: (AuthenticationProviderTypes | string)[] | undefined; +} + +export namespace CreateWorkspaceRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateWorkspaceRequest): any => ({ + ...obj, + ...(obj.organizationRoleName && { organizationRoleName: SENSITIVE_STRING }), + ...(obj.workspaceDescription && { workspaceDescription: SENSITIVE_STRING }), + ...(obj.workspaceName && { workspaceName: SENSITIVE_STRING }), + ...(obj.workspaceOrganizationalUnits && { workspaceOrganizationalUnits: SENSITIVE_STRING }), + ...(obj.workspaceRoleArn && { workspaceRoleArn: SENSITIVE_STRING }), + }); +} + +export interface CreateWorkspaceResponse { + /** + *

                                                A structure containing data about the workspace that was created.

                                                + */ + workspace: WorkspaceDescription | undefined; +} + +export namespace CreateWorkspaceResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateWorkspaceResponse): any => ({ + ...obj, + ...(obj.workspace && { workspace: WorkspaceDescription.filterSensitiveLog(obj.workspace) }), + }); +} + +/** + *

                                                The request would cause a service quota to be exceeded.

                                                + */ +export interface ServiceQuotaExceededException extends __SmithyException, $MetadataBearer { + name: "ServiceQuotaExceededException"; + $fault: "client"; + /** + *

                                                A description of the error.

                                                + */ + message: string | undefined; + + /** + *

                                                The ID of the resource that is associated with the error.

                                                + */ + resourceId: string | undefined; + + /** + *

                                                The type of the resource that is associated with the error.

                                                + */ + resourceType: string | undefined; + + /** + *

                                                The value of a parameter in the request caused an error.

                                                + */ + serviceCode: string | undefined; + + /** + *

                                                The ID of the service quota that was exceeded.

                                                + */ + quotaCode: string | undefined; +} + +export namespace ServiceQuotaExceededException { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ServiceQuotaExceededException): any => ({ + ...obj, + }); +} + +export interface DeleteWorkspaceRequest { + /** + *

                                                The ID of the workspace to delete.

                                                + */ + workspaceId: string | undefined; +} + +export namespace DeleteWorkspaceRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DeleteWorkspaceRequest): any => ({ + ...obj, + }); +} + +export interface DeleteWorkspaceResponse { + /** + *

                                                A structure containing information about the workspace that was deleted.

                                                + */ + workspace: WorkspaceDescription | undefined; +} + +export namespace DeleteWorkspaceResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DeleteWorkspaceResponse): any => ({ + ...obj, + ...(obj.workspace && { workspace: WorkspaceDescription.filterSensitiveLog(obj.workspace) }), + }); +} + +export interface DescribeWorkspaceRequest { + /** + *

                                                The ID of the workspace to display information about.

                                                + */ + workspaceId: string | undefined; +} + +export namespace DescribeWorkspaceRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DescribeWorkspaceRequest): any => ({ + ...obj, + }); +} + +export interface DescribeWorkspaceResponse { + /** + *

                                                A structure containing information about the workspace.

                                                + */ + workspace: WorkspaceDescription | undefined; +} + +export namespace DescribeWorkspaceResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DescribeWorkspaceResponse): any => ({ + ...obj, + ...(obj.workspace && { workspace: WorkspaceDescription.filterSensitiveLog(obj.workspace) }), + }); +} + +export interface ListWorkspacesRequest { + /** + *

                                                The maximum number of workspaces to include in the results.

                                                + */ + maxResults?: number; + + /** + *

                                                The token for the next set of workspaces to return. (You receive this token from a + * previous ListWorkspaces operation.)

                                                + */ + nextToken?: string; +} + +export namespace ListWorkspacesRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ListWorkspacesRequest): any => ({ + ...obj, + }); +} + +/** + *

                                                A structure that contains some information about one workspace in the account.

                                                + */ +export interface WorkspaceSummary { + /** + *

                                                The date that the workspace was created.

                                                + */ + created: Date | undefined; + + /** + *

                                                The customer-entered description of the workspace.

                                                + */ + description?: string; + + /** + *

                                                The URL endpoint to use to access the Grafana console in the workspace.

                                                + */ + endpoint: string | undefined; + + /** + *

                                                The Grafana version that the workspace is running.

                                                + */ + grafanaVersion: string | undefined; + + /** + *

                                                The unique ID of the workspace.

                                                + */ + id: string | undefined; + + /** + *

                                                The most recent date that the workspace was modified.

                                                + */ + modified: Date | undefined; + + /** + *

                                                The name of the workspace.

                                                + */ + name?: string; + + /** + *

                                                The Amazon Web Services notification channels that Amazon Managed Grafana can automatically + * create IAM roles and permissions for, which allows Amazon Managed Grafana to use + * these channels.

                                                + */ + notificationDestinations?: (NotificationDestinationType | string)[]; + + /** + *

                                                The current status of the workspace.

                                                + */ + status: WorkspaceStatus | string | undefined; + + /** + *

                                                A structure containing information about the authentication methods used in + * the workspace.

                                                + */ + authentication: AuthenticationSummary | undefined; +} + +export namespace WorkspaceSummary { + /** + * @internal + */ + export const filterSensitiveLog = (obj: WorkspaceSummary): any => ({ + ...obj, + ...(obj.description && { description: SENSITIVE_STRING }), + ...(obj.name && { name: SENSITIVE_STRING }), + }); +} + +export interface ListWorkspacesResponse { + /** + *

                                                An array of structures that contain some information about the workspaces in the account.

                                                + */ + workspaces: WorkspaceSummary[] | undefined; + + /** + *

                                                The token to use when requesting the next set of workspaces.

                                                + */ + nextToken?: string; +} + +export namespace ListWorkspacesResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ListWorkspacesResponse): any => ({ + ...obj, + ...(obj.workspaces && { workspaces: obj.workspaces.map((item) => WorkspaceSummary.filterSensitiveLog(item)) }), + }); +} + +export interface UpdateWorkspaceRequest { + /** + *

                                                Specifies whether the workspace can access Amazon Web Services resources in this Amazon Web Services account only, or whether it can also access Amazon Web Services resources in + * other accounts in the same organization. If you specify ORGANIZATION, you must + * specify which organizational units the workspace can access in the + * workspaceOrganizationalUnits parameter.

                                                + */ + accountAccessType?: AccountAccessType | string; + + /** + *

                                                The name of an IAM role that already exists to use to access resources through Organizations.

                                                + */ + organizationRoleName?: string; + + /** + *

                                                If you specify Service Managed, Amazon Managed Grafana automatically creates + * the IAM roles and provisions the permissions that the workspace needs to use + * Amazon Web Services data sources and notification channels.

                                                + *

                                                If you specify CUSTOMER_MANAGED, you will manage those roles and + * permissions yourself. If you are creating this workspace in a member account of an + * organization and that account is not a delegated administrator account, and you want the workspace to access data sources in other Amazon Web Services + * accounts in the organization, you must choose CUSTOMER_MANAGED.

                                                + *

                                                For more information, see Amazon Managed Grafana permissions and policies for + * Amazon Web Services data sources and notification channels + *

                                                + */ + permissionType?: PermissionType | string; + + /** + *

                                                The name of the CloudFormation stack set to use to generate IAM roles + * to be used for this workspace.

                                                + */ + stackSetName?: string; + + /** + *

                                                Specify the Amazon Web Services data sources that you want to be queried in this + * workspace. Specifying these data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow Amazon Managed Grafana to read data from these + * sources. You must still add them as data sources in the Grafana console in the + * workspace.

                                                + *

                                                If you don't specify a data source here, you can still add it as a data source later in + * the workspace console. However, you will then have to manually configure permissions for + * it.

                                                + */ + workspaceDataSources?: (DataSourceType | string)[]; + + /** + *

                                                A description for the workspace. This is used only to help you identify this workspace.

                                                + */ + workspaceDescription?: string; + + /** + *

                                                The ID of the workspace to update.

                                                + */ + workspaceId: string | undefined; + + /** + *

                                                A new name for the workspace to update.

                                                + */ + workspaceName?: string; + + /** + *

                                                Specify the Amazon Web Services notification channels that you plan to use in this workspace. Specifying these + * data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow + * Amazon Managed Grafana to use these channels.

                                                + */ + workspaceNotificationDestinations?: (NotificationDestinationType | string)[]; + + /** + *

                                                Specifies the organizational units that this workspace is allowed to use data sources + * from, if this workspace is in an account that is part of an organization.

                                                + */ + workspaceOrganizationalUnits?: string[]; + + /** + *

                                                The workspace needs an IAM role that grants permissions to the Amazon Web Services resources that the + * workspace will view data from. If you already have a role that you want to use, specify it here. If you omit + * this field and you specify some Amazon Web Services resources in workspaceDataSources or + * workspaceNotificationDestinations, a new IAM role with the necessary permissions is + * automatically created.

                                                + */ + workspaceRoleArn?: string; +} + +export namespace UpdateWorkspaceRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: UpdateWorkspaceRequest): any => ({ + ...obj, + ...(obj.organizationRoleName && { organizationRoleName: SENSITIVE_STRING }), + ...(obj.workspaceDescription && { workspaceDescription: SENSITIVE_STRING }), + ...(obj.workspaceName && { workspaceName: SENSITIVE_STRING }), + ...(obj.workspaceOrganizationalUnits && { workspaceOrganizationalUnits: SENSITIVE_STRING }), + ...(obj.workspaceRoleArn && { workspaceRoleArn: SENSITIVE_STRING }), + }); +} + +export interface UpdateWorkspaceResponse { + /** + *

                                                A structure containing data about the workspace that was created.

                                                + */ + workspace: WorkspaceDescription | undefined; +} + +export namespace UpdateWorkspaceResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: UpdateWorkspaceResponse): any => ({ + ...obj, + ...(obj.workspace && { workspace: WorkspaceDescription.filterSensitiveLog(obj.workspace) }), + }); +} diff --git a/clients/client-grafana/src/pagination/Interfaces.ts b/clients/client-grafana/src/pagination/Interfaces.ts new file mode 100644 index 000000000000..1ee20bd85483 --- /dev/null +++ b/clients/client-grafana/src/pagination/Interfaces.ts @@ -0,0 +1,8 @@ +import { PaginationConfiguration } from "@aws-sdk/types"; + +import { Grafana } from "../Grafana"; +import { GrafanaClient } from "../GrafanaClient"; + +export interface GrafanaPaginationConfiguration extends PaginationConfiguration { + client: Grafana | GrafanaClient; +} diff --git a/clients/client-grafana/src/pagination/ListPermissionsPaginator.ts b/clients/client-grafana/src/pagination/ListPermissionsPaginator.ts new file mode 100644 index 000000000000..2f85730ce2f7 --- /dev/null +++ b/clients/client-grafana/src/pagination/ListPermissionsPaginator.ts @@ -0,0 +1,59 @@ +import { Paginator } from "@aws-sdk/types"; + +import { + ListPermissionsCommand, + ListPermissionsCommandInput, + ListPermissionsCommandOutput, +} from "../commands/ListPermissionsCommand"; +import { Grafana } from "../Grafana"; +import { GrafanaClient } from "../GrafanaClient"; +import { GrafanaPaginationConfiguration } from "./Interfaces"; + +/** + * @private + */ +const makePagedClientRequest = async ( + client: GrafanaClient, + input: ListPermissionsCommandInput, + ...args: any +): Promise => { + // @ts-ignore + return await client.send(new ListPermissionsCommand(input), ...args); +}; +/** + * @private + */ +const makePagedRequest = async ( + client: Grafana, + input: ListPermissionsCommandInput, + ...args: any +): Promise => { + // @ts-ignore + return await client.listPermissions(input, ...args); +}; +export async function* paginateListPermissions( + config: GrafanaPaginationConfiguration, + input: ListPermissionsCommandInput, + ...additionalArguments: any +): Paginator { + // ToDo: replace with actual type instead of typeof input.nextToken + let token: typeof input.nextToken | undefined = config.startingToken || undefined; + let hasNext = true; + let page: ListPermissionsCommandOutput; + while (hasNext) { + input.nextToken = token; + input["maxResults"] = config.pageSize; + if (config.client instanceof Grafana) { + page = await makePagedRequest(config.client, input, ...additionalArguments); + } else if (config.client instanceof GrafanaClient) { + page = await makePagedClientRequest(config.client, input, ...additionalArguments); + } else { + throw new Error("Invalid client, expected Grafana | GrafanaClient"); + } + yield page; + token = page.nextToken; + hasNext = !!token; + } + // @ts-ignore + return undefined; +} diff --git a/clients/client-grafana/src/pagination/ListWorkspacesPaginator.ts b/clients/client-grafana/src/pagination/ListWorkspacesPaginator.ts new file mode 100644 index 000000000000..0c745ab8a22f --- /dev/null +++ b/clients/client-grafana/src/pagination/ListWorkspacesPaginator.ts @@ -0,0 +1,59 @@ +import { Paginator } from "@aws-sdk/types"; + +import { + ListWorkspacesCommand, + ListWorkspacesCommandInput, + ListWorkspacesCommandOutput, +} from "../commands/ListWorkspacesCommand"; +import { Grafana } from "../Grafana"; +import { GrafanaClient } from "../GrafanaClient"; +import { GrafanaPaginationConfiguration } from "./Interfaces"; + +/** + * @private + */ +const makePagedClientRequest = async ( + client: GrafanaClient, + input: ListWorkspacesCommandInput, + ...args: any +): Promise => { + // @ts-ignore + return await client.send(new ListWorkspacesCommand(input), ...args); +}; +/** + * @private + */ +const makePagedRequest = async ( + client: Grafana, + input: ListWorkspacesCommandInput, + ...args: any +): Promise => { + // @ts-ignore + return await client.listWorkspaces(input, ...args); +}; +export async function* paginateListWorkspaces( + config: GrafanaPaginationConfiguration, + input: ListWorkspacesCommandInput, + ...additionalArguments: any +): Paginator { + // ToDo: replace with actual type instead of typeof input.nextToken + let token: typeof input.nextToken | undefined = config.startingToken || undefined; + let hasNext = true; + let page: ListWorkspacesCommandOutput; + while (hasNext) { + input.nextToken = token; + input["maxResults"] = config.pageSize; + if (config.client instanceof Grafana) { + page = await makePagedRequest(config.client, input, ...additionalArguments); + } else if (config.client instanceof GrafanaClient) { + page = await makePagedClientRequest(config.client, input, ...additionalArguments); + } else { + throw new Error("Invalid client, expected Grafana | GrafanaClient"); + } + yield page; + token = page.nextToken; + hasNext = !!token; + } + // @ts-ignore + return undefined; +} diff --git a/clients/client-grafana/src/protocols/Aws_restJson1.ts b/clients/client-grafana/src/protocols/Aws_restJson1.ts new file mode 100644 index 000000000000..253af50a720d --- /dev/null +++ b/clients/client-grafana/src/protocols/Aws_restJson1.ts @@ -0,0 +1,2240 @@ +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { + expectBoolean as __expectBoolean, + expectInt32 as __expectInt32, + expectNonNull as __expectNonNull, + expectNumber as __expectNumber, + expectObject as __expectObject, + expectString as __expectString, + expectUnion as __expectUnion, + extendedEncodeURIComponent as __extendedEncodeURIComponent, + parseEpochTimestamp as __parseEpochTimestamp, + strictParseInt32 as __strictParseInt32, +} from "@aws-sdk/smithy-client"; +import { + Endpoint as __Endpoint, + MetadataBearer as __MetadataBearer, + ResponseMetadata as __ResponseMetadata, + SerdeContext as __SerdeContext, + SmithyException as __SmithyException, +} from "@aws-sdk/types"; +import { v4 as generateIdempotencyToken } from "uuid"; + +import { AssociateLicenseCommandInput, AssociateLicenseCommandOutput } from "../commands/AssociateLicenseCommand"; +import { CreateWorkspaceCommandInput, CreateWorkspaceCommandOutput } from "../commands/CreateWorkspaceCommand"; +import { DeleteWorkspaceCommandInput, DeleteWorkspaceCommandOutput } from "../commands/DeleteWorkspaceCommand"; +import { + DescribeWorkspaceAuthenticationCommandInput, + DescribeWorkspaceAuthenticationCommandOutput, +} from "../commands/DescribeWorkspaceAuthenticationCommand"; +import { DescribeWorkspaceCommandInput, DescribeWorkspaceCommandOutput } from "../commands/DescribeWorkspaceCommand"; +import { + DisassociateLicenseCommandInput, + DisassociateLicenseCommandOutput, +} from "../commands/DisassociateLicenseCommand"; +import { ListPermissionsCommandInput, ListPermissionsCommandOutput } from "../commands/ListPermissionsCommand"; +import { ListWorkspacesCommandInput, ListWorkspacesCommandOutput } from "../commands/ListWorkspacesCommand"; +import { UpdatePermissionsCommandInput, UpdatePermissionsCommandOutput } from "../commands/UpdatePermissionsCommand"; +import { + UpdateWorkspaceAuthenticationCommandInput, + UpdateWorkspaceAuthenticationCommandOutput, +} from "../commands/UpdateWorkspaceAuthenticationCommand"; +import { UpdateWorkspaceCommandInput, UpdateWorkspaceCommandOutput } from "../commands/UpdateWorkspaceCommand"; +import { + AccessDeniedException, + AssertionAttributes, + AuthenticationDescription, + AuthenticationProviderTypes, + AuthenticationSummary, + AwsSsoAuthentication, + ConflictException, + DataSourceType, + IdpMetadata, + InternalServerException, + NotificationDestinationType, + PermissionEntry, + ResourceNotFoundException, + RoleValues, + SamlAuthentication, + SamlConfiguration, + ServiceQuotaExceededException, + ThrottlingException, + UpdateError, + UpdateInstruction, + User, + ValidationException, + ValidationExceptionField, + WorkspaceDescription, + WorkspaceSummary, +} from "../models/models_0"; + +export const serializeAws_restJson1AssociateLicenseCommand = async ( + input: AssociateLicenseCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const { hostname, protocol = "https", port, path: basePath } = await context.endpoint(); + const headers: any = {}; + let resolvedPath = + `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + + "/workspaces/{workspaceId}/licenses/{licenseType}"; + if (input.workspaceId !== undefined) { + const labelValue: string = input.workspaceId; + if (labelValue.length <= 0) { + throw new Error("Empty value provided for input HTTP label: workspaceId."); + } + resolvedPath = resolvedPath.replace("{workspaceId}", __extendedEncodeURIComponent(labelValue)); + } else { + throw new Error("No value provided for input HTTP label: workspaceId."); + } + if (input.licenseType !== undefined) { + const labelValue: string = input.licenseType; + if (labelValue.length <= 0) { + throw new Error("Empty value provided for input HTTP label: licenseType."); + } + resolvedPath = resolvedPath.replace("{licenseType}", __extendedEncodeURIComponent(labelValue)); + } else { + throw new Error("No value provided for input HTTP label: licenseType."); + } + let body: any; + return new __HttpRequest({ + protocol, + hostname, + port, + method: "POST", + headers, + path: resolvedPath, + body, + }); +}; + +export const serializeAws_restJson1CreateWorkspaceCommand = async ( + input: CreateWorkspaceCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const { hostname, protocol = "https", port, path: basePath } = await context.endpoint(); + const headers: any = { + "content-type": "application/json", + }; + const resolvedPath = `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + "/workspaces"; + let body: any; + body = JSON.stringify({ + ...(input.accountAccessType !== undefined && + input.accountAccessType !== null && { accountAccessType: input.accountAccessType }), + ...(input.authenticationProviders !== undefined && + input.authenticationProviders !== null && { + authenticationProviders: serializeAws_restJson1AuthenticationProviders(input.authenticationProviders, context), + }), + clientToken: input.clientToken ?? generateIdempotencyToken(), + ...(input.organizationRoleName !== undefined && + input.organizationRoleName !== null && { organizationRoleName: input.organizationRoleName }), + ...(input.permissionType !== undefined && + input.permissionType !== null && { permissionType: input.permissionType }), + ...(input.stackSetName !== undefined && input.stackSetName !== null && { stackSetName: input.stackSetName }), + ...(input.workspaceDataSources !== undefined && + input.workspaceDataSources !== null && { + workspaceDataSources: serializeAws_restJson1DataSourceTypesList(input.workspaceDataSources, context), + }), + ...(input.workspaceDescription !== undefined && + input.workspaceDescription !== null && { workspaceDescription: input.workspaceDescription }), + ...(input.workspaceName !== undefined && input.workspaceName !== null && { workspaceName: input.workspaceName }), + ...(input.workspaceNotificationDestinations !== undefined && + input.workspaceNotificationDestinations !== null && { + workspaceNotificationDestinations: serializeAws_restJson1NotificationDestinationsList( + input.workspaceNotificationDestinations, + context + ), + }), + ...(input.workspaceOrganizationalUnits !== undefined && + input.workspaceOrganizationalUnits !== null && { + workspaceOrganizationalUnits: serializeAws_restJson1OrganizationalUnitList( + input.workspaceOrganizationalUnits, + context + ), + }), + ...(input.workspaceRoleArn !== undefined && + input.workspaceRoleArn !== null && { workspaceRoleArn: input.workspaceRoleArn }), + }); + return new __HttpRequest({ + protocol, + hostname, + port, + method: "POST", + headers, + path: resolvedPath, + body, + }); +}; + +export const serializeAws_restJson1DeleteWorkspaceCommand = async ( + input: DeleteWorkspaceCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const { hostname, protocol = "https", port, path: basePath } = await context.endpoint(); + const headers: any = {}; + let resolvedPath = + `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + "/workspaces/{workspaceId}"; + if (input.workspaceId !== undefined) { + const labelValue: string = input.workspaceId; + if (labelValue.length <= 0) { + throw new Error("Empty value provided for input HTTP label: workspaceId."); + } + resolvedPath = resolvedPath.replace("{workspaceId}", __extendedEncodeURIComponent(labelValue)); + } else { + throw new Error("No value provided for input HTTP label: workspaceId."); + } + let body: any; + return new __HttpRequest({ + protocol, + hostname, + port, + method: "DELETE", + headers, + path: resolvedPath, + body, + }); +}; + +export const serializeAws_restJson1DescribeWorkspaceCommand = async ( + input: DescribeWorkspaceCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const { hostname, protocol = "https", port, path: basePath } = await context.endpoint(); + const headers: any = {}; + let resolvedPath = + `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + "/workspaces/{workspaceId}"; + if (input.workspaceId !== undefined) { + const labelValue: string = input.workspaceId; + if (labelValue.length <= 0) { + throw new Error("Empty value provided for input HTTP label: workspaceId."); + } + resolvedPath = resolvedPath.replace("{workspaceId}", __extendedEncodeURIComponent(labelValue)); + } else { + throw new Error("No value provided for input HTTP label: workspaceId."); + } + let body: any; + return new __HttpRequest({ + protocol, + hostname, + port, + method: "GET", + headers, + path: resolvedPath, + body, + }); +}; + +export const serializeAws_restJson1DescribeWorkspaceAuthenticationCommand = async ( + input: DescribeWorkspaceAuthenticationCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const { hostname, protocol = "https", port, path: basePath } = await context.endpoint(); + const headers: any = {}; + let resolvedPath = + `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + "/workspaces/{workspaceId}/authentication"; + if (input.workspaceId !== undefined) { + const labelValue: string = input.workspaceId; + if (labelValue.length <= 0) { + throw new Error("Empty value provided for input HTTP label: workspaceId."); + } + resolvedPath = resolvedPath.replace("{workspaceId}", __extendedEncodeURIComponent(labelValue)); + } else { + throw new Error("No value provided for input HTTP label: workspaceId."); + } + let body: any; + return new __HttpRequest({ + protocol, + hostname, + port, + method: "GET", + headers, + path: resolvedPath, + body, + }); +}; + +export const serializeAws_restJson1DisassociateLicenseCommand = async ( + input: DisassociateLicenseCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const { hostname, protocol = "https", port, path: basePath } = await context.endpoint(); + const headers: any = {}; + let resolvedPath = + `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + + "/workspaces/{workspaceId}/licenses/{licenseType}"; + if (input.workspaceId !== undefined) { + const labelValue: string = input.workspaceId; + if (labelValue.length <= 0) { + throw new Error("Empty value provided for input HTTP label: workspaceId."); + } + resolvedPath = resolvedPath.replace("{workspaceId}", __extendedEncodeURIComponent(labelValue)); + } else { + throw new Error("No value provided for input HTTP label: workspaceId."); + } + if (input.licenseType !== undefined) { + const labelValue: string = input.licenseType; + if (labelValue.length <= 0) { + throw new Error("Empty value provided for input HTTP label: licenseType."); + } + resolvedPath = resolvedPath.replace("{licenseType}", __extendedEncodeURIComponent(labelValue)); + } else { + throw new Error("No value provided for input HTTP label: licenseType."); + } + let body: any; + return new __HttpRequest({ + protocol, + hostname, + port, + method: "DELETE", + headers, + path: resolvedPath, + body, + }); +}; + +export const serializeAws_restJson1ListPermissionsCommand = async ( + input: ListPermissionsCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const { hostname, protocol = "https", port, path: basePath } = await context.endpoint(); + const headers: any = {}; + let resolvedPath = + `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + "/workspaces/{workspaceId}/permissions"; + if (input.workspaceId !== undefined) { + const labelValue: string = input.workspaceId; + if (labelValue.length <= 0) { + throw new Error("Empty value provided for input HTTP label: workspaceId."); + } + resolvedPath = resolvedPath.replace("{workspaceId}", __extendedEncodeURIComponent(labelValue)); + } else { + throw new Error("No value provided for input HTTP label: workspaceId."); + } + const query: any = { + ...(input.maxResults !== undefined && { maxResults: input.maxResults.toString() }), + ...(input.nextToken !== undefined && { nextToken: input.nextToken }), + ...(input.userType !== undefined && { userType: input.userType }), + ...(input.userId !== undefined && { userId: input.userId }), + ...(input.groupId !== undefined && { groupId: input.groupId }), + }; + let body: any; + return new __HttpRequest({ + protocol, + hostname, + port, + method: "GET", + headers, + path: resolvedPath, + query, + body, + }); +}; + +export const serializeAws_restJson1ListWorkspacesCommand = async ( + input: ListWorkspacesCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const { hostname, protocol = "https", port, path: basePath } = await context.endpoint(); + const headers: any = {}; + const resolvedPath = `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + "/workspaces"; + const query: any = { + ...(input.maxResults !== undefined && { maxResults: input.maxResults.toString() }), + ...(input.nextToken !== undefined && { nextToken: input.nextToken }), + }; + let body: any; + return new __HttpRequest({ + protocol, + hostname, + port, + method: "GET", + headers, + path: resolvedPath, + query, + body, + }); +}; + +export const serializeAws_restJson1UpdatePermissionsCommand = async ( + input: UpdatePermissionsCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const { hostname, protocol = "https", port, path: basePath } = await context.endpoint(); + const headers: any = { + "content-type": "application/json", + }; + let resolvedPath = + `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + "/workspaces/{workspaceId}/permissions"; + if (input.workspaceId !== undefined) { + const labelValue: string = input.workspaceId; + if (labelValue.length <= 0) { + throw new Error("Empty value provided for input HTTP label: workspaceId."); + } + resolvedPath = resolvedPath.replace("{workspaceId}", __extendedEncodeURIComponent(labelValue)); + } else { + throw new Error("No value provided for input HTTP label: workspaceId."); + } + let body: any; + body = JSON.stringify({ + ...(input.updateInstructionBatch !== undefined && + input.updateInstructionBatch !== null && { + updateInstructionBatch: serializeAws_restJson1UpdateInstructionBatch(input.updateInstructionBatch, context), + }), + }); + return new __HttpRequest({ + protocol, + hostname, + port, + method: "PATCH", + headers, + path: resolvedPath, + body, + }); +}; + +export const serializeAws_restJson1UpdateWorkspaceCommand = async ( + input: UpdateWorkspaceCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const { hostname, protocol = "https", port, path: basePath } = await context.endpoint(); + const headers: any = { + "content-type": "application/json", + }; + let resolvedPath = + `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + "/workspaces/{workspaceId}"; + if (input.workspaceId !== undefined) { + const labelValue: string = input.workspaceId; + if (labelValue.length <= 0) { + throw new Error("Empty value provided for input HTTP label: workspaceId."); + } + resolvedPath = resolvedPath.replace("{workspaceId}", __extendedEncodeURIComponent(labelValue)); + } else { + throw new Error("No value provided for input HTTP label: workspaceId."); + } + let body: any; + body = JSON.stringify({ + ...(input.accountAccessType !== undefined && + input.accountAccessType !== null && { accountAccessType: input.accountAccessType }), + ...(input.organizationRoleName !== undefined && + input.organizationRoleName !== null && { organizationRoleName: input.organizationRoleName }), + ...(input.permissionType !== undefined && + input.permissionType !== null && { permissionType: input.permissionType }), + ...(input.stackSetName !== undefined && input.stackSetName !== null && { stackSetName: input.stackSetName }), + ...(input.workspaceDataSources !== undefined && + input.workspaceDataSources !== null && { + workspaceDataSources: serializeAws_restJson1DataSourceTypesList(input.workspaceDataSources, context), + }), + ...(input.workspaceDescription !== undefined && + input.workspaceDescription !== null && { workspaceDescription: input.workspaceDescription }), + ...(input.workspaceName !== undefined && input.workspaceName !== null && { workspaceName: input.workspaceName }), + ...(input.workspaceNotificationDestinations !== undefined && + input.workspaceNotificationDestinations !== null && { + workspaceNotificationDestinations: serializeAws_restJson1NotificationDestinationsList( + input.workspaceNotificationDestinations, + context + ), + }), + ...(input.workspaceOrganizationalUnits !== undefined && + input.workspaceOrganizationalUnits !== null && { + workspaceOrganizationalUnits: serializeAws_restJson1OrganizationalUnitList( + input.workspaceOrganizationalUnits, + context + ), + }), + ...(input.workspaceRoleArn !== undefined && + input.workspaceRoleArn !== null && { workspaceRoleArn: input.workspaceRoleArn }), + }); + return new __HttpRequest({ + protocol, + hostname, + port, + method: "PUT", + headers, + path: resolvedPath, + body, + }); +}; + +export const serializeAws_restJson1UpdateWorkspaceAuthenticationCommand = async ( + input: UpdateWorkspaceAuthenticationCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const { hostname, protocol = "https", port, path: basePath } = await context.endpoint(); + const headers: any = { + "content-type": "application/json", + }; + let resolvedPath = + `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + "/workspaces/{workspaceId}/authentication"; + if (input.workspaceId !== undefined) { + const labelValue: string = input.workspaceId; + if (labelValue.length <= 0) { + throw new Error("Empty value provided for input HTTP label: workspaceId."); + } + resolvedPath = resolvedPath.replace("{workspaceId}", __extendedEncodeURIComponent(labelValue)); + } else { + throw new Error("No value provided for input HTTP label: workspaceId."); + } + let body: any; + body = JSON.stringify({ + ...(input.authenticationProviders !== undefined && + input.authenticationProviders !== null && { + authenticationProviders: serializeAws_restJson1AuthenticationProviders(input.authenticationProviders, context), + }), + ...(input.samlConfiguration !== undefined && + input.samlConfiguration !== null && { + samlConfiguration: serializeAws_restJson1SamlConfiguration(input.samlConfiguration, context), + }), + }); + return new __HttpRequest({ + protocol, + hostname, + port, + method: "POST", + headers, + path: resolvedPath, + body, + }); +}; + +export const deserializeAws_restJson1AssociateLicenseCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 202 && output.statusCode >= 300) { + return deserializeAws_restJson1AssociateLicenseCommandError(output, context); + } + const contents: AssociateLicenseCommandOutput = { + $metadata: deserializeMetadata(output), + workspace: undefined, + }; + const data: { [key: string]: any } = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + if (data.workspace !== undefined && data.workspace !== null) { + contents.workspace = deserializeAws_restJson1WorkspaceDescription(data.workspace, context); + } + return Promise.resolve(contents); +}; + +const deserializeAws_restJson1AssociateLicenseCommandError = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + const parsedOutput: any = { + ...output, + body: await parseBody(output.body, context), + }; + let response: __SmithyException & __MetadataBearer & { [key: string]: any }; + let errorCode = "UnknownError"; + errorCode = loadRestJsonErrorCode(output, parsedOutput.body); + switch (errorCode) { + case "AccessDeniedException": + case "com.amazonaws.grafana#AccessDeniedException": + response = { + ...(await deserializeAws_restJson1AccessDeniedExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "InternalServerException": + case "com.amazonaws.grafana#InternalServerException": + response = { + ...(await deserializeAws_restJson1InternalServerExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ResourceNotFoundException": + case "com.amazonaws.grafana#ResourceNotFoundException": + response = { + ...(await deserializeAws_restJson1ResourceNotFoundExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ThrottlingException": + case "com.amazonaws.grafana#ThrottlingException": + response = { + ...(await deserializeAws_restJson1ThrottlingExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ValidationException": + case "com.amazonaws.grafana#ValidationException": + response = { + ...(await deserializeAws_restJson1ValidationExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + default: + const parsedBody = parsedOutput.body; + errorCode = parsedBody.code || parsedBody.Code || errorCode; + response = { + ...parsedBody, + name: `${errorCode}`, + message: parsedBody.message || parsedBody.Message || errorCode, + $fault: "client", + $metadata: deserializeMetadata(output), + } as any; + } + const message = response.message || response.Message || errorCode; + response.message = message; + delete response.Message; + return Promise.reject(Object.assign(new Error(message), response)); +}; + +export const deserializeAws_restJson1CreateWorkspaceCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 202 && output.statusCode >= 300) { + return deserializeAws_restJson1CreateWorkspaceCommandError(output, context); + } + const contents: CreateWorkspaceCommandOutput = { + $metadata: deserializeMetadata(output), + workspace: undefined, + }; + const data: { [key: string]: any } = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + if (data.workspace !== undefined && data.workspace !== null) { + contents.workspace = deserializeAws_restJson1WorkspaceDescription(data.workspace, context); + } + return Promise.resolve(contents); +}; + +const deserializeAws_restJson1CreateWorkspaceCommandError = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + const parsedOutput: any = { + ...output, + body: await parseBody(output.body, context), + }; + let response: __SmithyException & __MetadataBearer & { [key: string]: any }; + let errorCode = "UnknownError"; + errorCode = loadRestJsonErrorCode(output, parsedOutput.body); + switch (errorCode) { + case "AccessDeniedException": + case "com.amazonaws.grafana#AccessDeniedException": + response = { + ...(await deserializeAws_restJson1AccessDeniedExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ConflictException": + case "com.amazonaws.grafana#ConflictException": + response = { + ...(await deserializeAws_restJson1ConflictExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "InternalServerException": + case "com.amazonaws.grafana#InternalServerException": + response = { + ...(await deserializeAws_restJson1InternalServerExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ServiceQuotaExceededException": + case "com.amazonaws.grafana#ServiceQuotaExceededException": + response = { + ...(await deserializeAws_restJson1ServiceQuotaExceededExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ThrottlingException": + case "com.amazonaws.grafana#ThrottlingException": + response = { + ...(await deserializeAws_restJson1ThrottlingExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ValidationException": + case "com.amazonaws.grafana#ValidationException": + response = { + ...(await deserializeAws_restJson1ValidationExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + default: + const parsedBody = parsedOutput.body; + errorCode = parsedBody.code || parsedBody.Code || errorCode; + response = { + ...parsedBody, + name: `${errorCode}`, + message: parsedBody.message || parsedBody.Message || errorCode, + $fault: "client", + $metadata: deserializeMetadata(output), + } as any; + } + const message = response.message || response.Message || errorCode; + response.message = message; + delete response.Message; + return Promise.reject(Object.assign(new Error(message), response)); +}; + +export const deserializeAws_restJson1DeleteWorkspaceCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 202 && output.statusCode >= 300) { + return deserializeAws_restJson1DeleteWorkspaceCommandError(output, context); + } + const contents: DeleteWorkspaceCommandOutput = { + $metadata: deserializeMetadata(output), + workspace: undefined, + }; + const data: { [key: string]: any } = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + if (data.workspace !== undefined && data.workspace !== null) { + contents.workspace = deserializeAws_restJson1WorkspaceDescription(data.workspace, context); + } + return Promise.resolve(contents); +}; + +const deserializeAws_restJson1DeleteWorkspaceCommandError = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + const parsedOutput: any = { + ...output, + body: await parseBody(output.body, context), + }; + let response: __SmithyException & __MetadataBearer & { [key: string]: any }; + let errorCode = "UnknownError"; + errorCode = loadRestJsonErrorCode(output, parsedOutput.body); + switch (errorCode) { + case "AccessDeniedException": + case "com.amazonaws.grafana#AccessDeniedException": + response = { + ...(await deserializeAws_restJson1AccessDeniedExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ConflictException": + case "com.amazonaws.grafana#ConflictException": + response = { + ...(await deserializeAws_restJson1ConflictExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "InternalServerException": + case "com.amazonaws.grafana#InternalServerException": + response = { + ...(await deserializeAws_restJson1InternalServerExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ResourceNotFoundException": + case "com.amazonaws.grafana#ResourceNotFoundException": + response = { + ...(await deserializeAws_restJson1ResourceNotFoundExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ThrottlingException": + case "com.amazonaws.grafana#ThrottlingException": + response = { + ...(await deserializeAws_restJson1ThrottlingExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ValidationException": + case "com.amazonaws.grafana#ValidationException": + response = { + ...(await deserializeAws_restJson1ValidationExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + default: + const parsedBody = parsedOutput.body; + errorCode = parsedBody.code || parsedBody.Code || errorCode; + response = { + ...parsedBody, + name: `${errorCode}`, + message: parsedBody.message || parsedBody.Message || errorCode, + $fault: "client", + $metadata: deserializeMetadata(output), + } as any; + } + const message = response.message || response.Message || errorCode; + response.message = message; + delete response.Message; + return Promise.reject(Object.assign(new Error(message), response)); +}; + +export const deserializeAws_restJson1DescribeWorkspaceCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return deserializeAws_restJson1DescribeWorkspaceCommandError(output, context); + } + const contents: DescribeWorkspaceCommandOutput = { + $metadata: deserializeMetadata(output), + workspace: undefined, + }; + const data: { [key: string]: any } = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + if (data.workspace !== undefined && data.workspace !== null) { + contents.workspace = deserializeAws_restJson1WorkspaceDescription(data.workspace, context); + } + return Promise.resolve(contents); +}; + +const deserializeAws_restJson1DescribeWorkspaceCommandError = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + const parsedOutput: any = { + ...output, + body: await parseBody(output.body, context), + }; + let response: __SmithyException & __MetadataBearer & { [key: string]: any }; + let errorCode = "UnknownError"; + errorCode = loadRestJsonErrorCode(output, parsedOutput.body); + switch (errorCode) { + case "AccessDeniedException": + case "com.amazonaws.grafana#AccessDeniedException": + response = { + ...(await deserializeAws_restJson1AccessDeniedExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "InternalServerException": + case "com.amazonaws.grafana#InternalServerException": + response = { + ...(await deserializeAws_restJson1InternalServerExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ResourceNotFoundException": + case "com.amazonaws.grafana#ResourceNotFoundException": + response = { + ...(await deserializeAws_restJson1ResourceNotFoundExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ThrottlingException": + case "com.amazonaws.grafana#ThrottlingException": + response = { + ...(await deserializeAws_restJson1ThrottlingExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ValidationException": + case "com.amazonaws.grafana#ValidationException": + response = { + ...(await deserializeAws_restJson1ValidationExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + default: + const parsedBody = parsedOutput.body; + errorCode = parsedBody.code || parsedBody.Code || errorCode; + response = { + ...parsedBody, + name: `${errorCode}`, + message: parsedBody.message || parsedBody.Message || errorCode, + $fault: "client", + $metadata: deserializeMetadata(output), + } as any; + } + const message = response.message || response.Message || errorCode; + response.message = message; + delete response.Message; + return Promise.reject(Object.assign(new Error(message), response)); +}; + +export const deserializeAws_restJson1DescribeWorkspaceAuthenticationCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return deserializeAws_restJson1DescribeWorkspaceAuthenticationCommandError(output, context); + } + const contents: DescribeWorkspaceAuthenticationCommandOutput = { + $metadata: deserializeMetadata(output), + authentication: undefined, + }; + const data: { [key: string]: any } = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + if (data.authentication !== undefined && data.authentication !== null) { + contents.authentication = deserializeAws_restJson1AuthenticationDescription(data.authentication, context); + } + return Promise.resolve(contents); +}; + +const deserializeAws_restJson1DescribeWorkspaceAuthenticationCommandError = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + const parsedOutput: any = { + ...output, + body: await parseBody(output.body, context), + }; + let response: __SmithyException & __MetadataBearer & { [key: string]: any }; + let errorCode = "UnknownError"; + errorCode = loadRestJsonErrorCode(output, parsedOutput.body); + switch (errorCode) { + case "AccessDeniedException": + case "com.amazonaws.grafana#AccessDeniedException": + response = { + ...(await deserializeAws_restJson1AccessDeniedExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "InternalServerException": + case "com.amazonaws.grafana#InternalServerException": + response = { + ...(await deserializeAws_restJson1InternalServerExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ResourceNotFoundException": + case "com.amazonaws.grafana#ResourceNotFoundException": + response = { + ...(await deserializeAws_restJson1ResourceNotFoundExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ThrottlingException": + case "com.amazonaws.grafana#ThrottlingException": + response = { + ...(await deserializeAws_restJson1ThrottlingExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ValidationException": + case "com.amazonaws.grafana#ValidationException": + response = { + ...(await deserializeAws_restJson1ValidationExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + default: + const parsedBody = parsedOutput.body; + errorCode = parsedBody.code || parsedBody.Code || errorCode; + response = { + ...parsedBody, + name: `${errorCode}`, + message: parsedBody.message || parsedBody.Message || errorCode, + $fault: "client", + $metadata: deserializeMetadata(output), + } as any; + } + const message = response.message || response.Message || errorCode; + response.message = message; + delete response.Message; + return Promise.reject(Object.assign(new Error(message), response)); +}; + +export const deserializeAws_restJson1DisassociateLicenseCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 202 && output.statusCode >= 300) { + return deserializeAws_restJson1DisassociateLicenseCommandError(output, context); + } + const contents: DisassociateLicenseCommandOutput = { + $metadata: deserializeMetadata(output), + workspace: undefined, + }; + const data: { [key: string]: any } = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + if (data.workspace !== undefined && data.workspace !== null) { + contents.workspace = deserializeAws_restJson1WorkspaceDescription(data.workspace, context); + } + return Promise.resolve(contents); +}; + +const deserializeAws_restJson1DisassociateLicenseCommandError = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + const parsedOutput: any = { + ...output, + body: await parseBody(output.body, context), + }; + let response: __SmithyException & __MetadataBearer & { [key: string]: any }; + let errorCode = "UnknownError"; + errorCode = loadRestJsonErrorCode(output, parsedOutput.body); + switch (errorCode) { + case "AccessDeniedException": + case "com.amazonaws.grafana#AccessDeniedException": + response = { + ...(await deserializeAws_restJson1AccessDeniedExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "InternalServerException": + case "com.amazonaws.grafana#InternalServerException": + response = { + ...(await deserializeAws_restJson1InternalServerExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ResourceNotFoundException": + case "com.amazonaws.grafana#ResourceNotFoundException": + response = { + ...(await deserializeAws_restJson1ResourceNotFoundExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ThrottlingException": + case "com.amazonaws.grafana#ThrottlingException": + response = { + ...(await deserializeAws_restJson1ThrottlingExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ValidationException": + case "com.amazonaws.grafana#ValidationException": + response = { + ...(await deserializeAws_restJson1ValidationExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + default: + const parsedBody = parsedOutput.body; + errorCode = parsedBody.code || parsedBody.Code || errorCode; + response = { + ...parsedBody, + name: `${errorCode}`, + message: parsedBody.message || parsedBody.Message || errorCode, + $fault: "client", + $metadata: deserializeMetadata(output), + } as any; + } + const message = response.message || response.Message || errorCode; + response.message = message; + delete response.Message; + return Promise.reject(Object.assign(new Error(message), response)); +}; + +export const deserializeAws_restJson1ListPermissionsCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return deserializeAws_restJson1ListPermissionsCommandError(output, context); + } + const contents: ListPermissionsCommandOutput = { + $metadata: deserializeMetadata(output), + nextToken: undefined, + permissions: undefined, + }; + const data: { [key: string]: any } = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + if (data.nextToken !== undefined && data.nextToken !== null) { + contents.nextToken = __expectString(data.nextToken); + } + if (data.permissions !== undefined && data.permissions !== null) { + contents.permissions = deserializeAws_restJson1PermissionEntryList(data.permissions, context); + } + return Promise.resolve(contents); +}; + +const deserializeAws_restJson1ListPermissionsCommandError = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + const parsedOutput: any = { + ...output, + body: await parseBody(output.body, context), + }; + let response: __SmithyException & __MetadataBearer & { [key: string]: any }; + let errorCode = "UnknownError"; + errorCode = loadRestJsonErrorCode(output, parsedOutput.body); + switch (errorCode) { + case "AccessDeniedException": + case "com.amazonaws.grafana#AccessDeniedException": + response = { + ...(await deserializeAws_restJson1AccessDeniedExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "InternalServerException": + case "com.amazonaws.grafana#InternalServerException": + response = { + ...(await deserializeAws_restJson1InternalServerExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ResourceNotFoundException": + case "com.amazonaws.grafana#ResourceNotFoundException": + response = { + ...(await deserializeAws_restJson1ResourceNotFoundExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ThrottlingException": + case "com.amazonaws.grafana#ThrottlingException": + response = { + ...(await deserializeAws_restJson1ThrottlingExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ValidationException": + case "com.amazonaws.grafana#ValidationException": + response = { + ...(await deserializeAws_restJson1ValidationExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + default: + const parsedBody = parsedOutput.body; + errorCode = parsedBody.code || parsedBody.Code || errorCode; + response = { + ...parsedBody, + name: `${errorCode}`, + message: parsedBody.message || parsedBody.Message || errorCode, + $fault: "client", + $metadata: deserializeMetadata(output), + } as any; + } + const message = response.message || response.Message || errorCode; + response.message = message; + delete response.Message; + return Promise.reject(Object.assign(new Error(message), response)); +}; + +export const deserializeAws_restJson1ListWorkspacesCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return deserializeAws_restJson1ListWorkspacesCommandError(output, context); + } + const contents: ListWorkspacesCommandOutput = { + $metadata: deserializeMetadata(output), + nextToken: undefined, + workspaces: undefined, + }; + const data: { [key: string]: any } = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + if (data.nextToken !== undefined && data.nextToken !== null) { + contents.nextToken = __expectString(data.nextToken); + } + if (data.workspaces !== undefined && data.workspaces !== null) { + contents.workspaces = deserializeAws_restJson1WorkspaceList(data.workspaces, context); + } + return Promise.resolve(contents); +}; + +const deserializeAws_restJson1ListWorkspacesCommandError = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + const parsedOutput: any = { + ...output, + body: await parseBody(output.body, context), + }; + let response: __SmithyException & __MetadataBearer & { [key: string]: any }; + let errorCode = "UnknownError"; + errorCode = loadRestJsonErrorCode(output, parsedOutput.body); + switch (errorCode) { + case "AccessDeniedException": + case "com.amazonaws.grafana#AccessDeniedException": + response = { + ...(await deserializeAws_restJson1AccessDeniedExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "InternalServerException": + case "com.amazonaws.grafana#InternalServerException": + response = { + ...(await deserializeAws_restJson1InternalServerExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ThrottlingException": + case "com.amazonaws.grafana#ThrottlingException": + response = { + ...(await deserializeAws_restJson1ThrottlingExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + default: + const parsedBody = parsedOutput.body; + errorCode = parsedBody.code || parsedBody.Code || errorCode; + response = { + ...parsedBody, + name: `${errorCode}`, + message: parsedBody.message || parsedBody.Message || errorCode, + $fault: "client", + $metadata: deserializeMetadata(output), + } as any; + } + const message = response.message || response.Message || errorCode; + response.message = message; + delete response.Message; + return Promise.reject(Object.assign(new Error(message), response)); +}; + +export const deserializeAws_restJson1UpdatePermissionsCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return deserializeAws_restJson1UpdatePermissionsCommandError(output, context); + } + const contents: UpdatePermissionsCommandOutput = { + $metadata: deserializeMetadata(output), + errors: undefined, + }; + const data: { [key: string]: any } = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + if (data.errors !== undefined && data.errors !== null) { + contents.errors = deserializeAws_restJson1UpdateErrorList(data.errors, context); + } + return Promise.resolve(contents); +}; + +const deserializeAws_restJson1UpdatePermissionsCommandError = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + const parsedOutput: any = { + ...output, + body: await parseBody(output.body, context), + }; + let response: __SmithyException & __MetadataBearer & { [key: string]: any }; + let errorCode = "UnknownError"; + errorCode = loadRestJsonErrorCode(output, parsedOutput.body); + switch (errorCode) { + case "AccessDeniedException": + case "com.amazonaws.grafana#AccessDeniedException": + response = { + ...(await deserializeAws_restJson1AccessDeniedExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "InternalServerException": + case "com.amazonaws.grafana#InternalServerException": + response = { + ...(await deserializeAws_restJson1InternalServerExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ResourceNotFoundException": + case "com.amazonaws.grafana#ResourceNotFoundException": + response = { + ...(await deserializeAws_restJson1ResourceNotFoundExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ThrottlingException": + case "com.amazonaws.grafana#ThrottlingException": + response = { + ...(await deserializeAws_restJson1ThrottlingExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ValidationException": + case "com.amazonaws.grafana#ValidationException": + response = { + ...(await deserializeAws_restJson1ValidationExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + default: + const parsedBody = parsedOutput.body; + errorCode = parsedBody.code || parsedBody.Code || errorCode; + response = { + ...parsedBody, + name: `${errorCode}`, + message: parsedBody.message || parsedBody.Message || errorCode, + $fault: "client", + $metadata: deserializeMetadata(output), + } as any; + } + const message = response.message || response.Message || errorCode; + response.message = message; + delete response.Message; + return Promise.reject(Object.assign(new Error(message), response)); +}; + +export const deserializeAws_restJson1UpdateWorkspaceCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 202 && output.statusCode >= 300) { + return deserializeAws_restJson1UpdateWorkspaceCommandError(output, context); + } + const contents: UpdateWorkspaceCommandOutput = { + $metadata: deserializeMetadata(output), + workspace: undefined, + }; + const data: { [key: string]: any } = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + if (data.workspace !== undefined && data.workspace !== null) { + contents.workspace = deserializeAws_restJson1WorkspaceDescription(data.workspace, context); + } + return Promise.resolve(contents); +}; + +const deserializeAws_restJson1UpdateWorkspaceCommandError = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + const parsedOutput: any = { + ...output, + body: await parseBody(output.body, context), + }; + let response: __SmithyException & __MetadataBearer & { [key: string]: any }; + let errorCode = "UnknownError"; + errorCode = loadRestJsonErrorCode(output, parsedOutput.body); + switch (errorCode) { + case "AccessDeniedException": + case "com.amazonaws.grafana#AccessDeniedException": + response = { + ...(await deserializeAws_restJson1AccessDeniedExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ConflictException": + case "com.amazonaws.grafana#ConflictException": + response = { + ...(await deserializeAws_restJson1ConflictExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "InternalServerException": + case "com.amazonaws.grafana#InternalServerException": + response = { + ...(await deserializeAws_restJson1InternalServerExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ResourceNotFoundException": + case "com.amazonaws.grafana#ResourceNotFoundException": + response = { + ...(await deserializeAws_restJson1ResourceNotFoundExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ThrottlingException": + case "com.amazonaws.grafana#ThrottlingException": + response = { + ...(await deserializeAws_restJson1ThrottlingExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ValidationException": + case "com.amazonaws.grafana#ValidationException": + response = { + ...(await deserializeAws_restJson1ValidationExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + default: + const parsedBody = parsedOutput.body; + errorCode = parsedBody.code || parsedBody.Code || errorCode; + response = { + ...parsedBody, + name: `${errorCode}`, + message: parsedBody.message || parsedBody.Message || errorCode, + $fault: "client", + $metadata: deserializeMetadata(output), + } as any; + } + const message = response.message || response.Message || errorCode; + response.message = message; + delete response.Message; + return Promise.reject(Object.assign(new Error(message), response)); +}; + +export const deserializeAws_restJson1UpdateWorkspaceAuthenticationCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode !== 200 && output.statusCode >= 300) { + return deserializeAws_restJson1UpdateWorkspaceAuthenticationCommandError(output, context); + } + const contents: UpdateWorkspaceAuthenticationCommandOutput = { + $metadata: deserializeMetadata(output), + authentication: undefined, + }; + const data: { [key: string]: any } = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); + if (data.authentication !== undefined && data.authentication !== null) { + contents.authentication = deserializeAws_restJson1AuthenticationDescription(data.authentication, context); + } + return Promise.resolve(contents); +}; + +const deserializeAws_restJson1UpdateWorkspaceAuthenticationCommandError = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + const parsedOutput: any = { + ...output, + body: await parseBody(output.body, context), + }; + let response: __SmithyException & __MetadataBearer & { [key: string]: any }; + let errorCode = "UnknownError"; + errorCode = loadRestJsonErrorCode(output, parsedOutput.body); + switch (errorCode) { + case "AccessDeniedException": + case "com.amazonaws.grafana#AccessDeniedException": + response = { + ...(await deserializeAws_restJson1AccessDeniedExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ConflictException": + case "com.amazonaws.grafana#ConflictException": + response = { + ...(await deserializeAws_restJson1ConflictExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "InternalServerException": + case "com.amazonaws.grafana#InternalServerException": + response = { + ...(await deserializeAws_restJson1InternalServerExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ResourceNotFoundException": + case "com.amazonaws.grafana#ResourceNotFoundException": + response = { + ...(await deserializeAws_restJson1ResourceNotFoundExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ThrottlingException": + case "com.amazonaws.grafana#ThrottlingException": + response = { + ...(await deserializeAws_restJson1ThrottlingExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "ValidationException": + case "com.amazonaws.grafana#ValidationException": + response = { + ...(await deserializeAws_restJson1ValidationExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + default: + const parsedBody = parsedOutput.body; + errorCode = parsedBody.code || parsedBody.Code || errorCode; + response = { + ...parsedBody, + name: `${errorCode}`, + message: parsedBody.message || parsedBody.Message || errorCode, + $fault: "client", + $metadata: deserializeMetadata(output), + } as any; + } + const message = response.message || response.Message || errorCode; + response.message = message; + delete response.Message; + return Promise.reject(Object.assign(new Error(message), response)); +}; + +const deserializeAws_restJson1AccessDeniedExceptionResponse = async ( + parsedOutput: any, + context: __SerdeContext +): Promise => { + const contents: AccessDeniedException = { + name: "AccessDeniedException", + $fault: "client", + $metadata: deserializeMetadata(parsedOutput), + message: undefined, + }; + const data: any = parsedOutput.body; + if (data.message !== undefined && data.message !== null) { + contents.message = __expectString(data.message); + } + return contents; +}; + +const deserializeAws_restJson1ConflictExceptionResponse = async ( + parsedOutput: any, + context: __SerdeContext +): Promise => { + const contents: ConflictException = { + name: "ConflictException", + $fault: "client", + $metadata: deserializeMetadata(parsedOutput), + message: undefined, + resourceId: undefined, + resourceType: undefined, + }; + const data: any = parsedOutput.body; + if (data.message !== undefined && data.message !== null) { + contents.message = __expectString(data.message); + } + if (data.resourceId !== undefined && data.resourceId !== null) { + contents.resourceId = __expectString(data.resourceId); + } + if (data.resourceType !== undefined && data.resourceType !== null) { + contents.resourceType = __expectString(data.resourceType); + } + return contents; +}; + +const deserializeAws_restJson1InternalServerExceptionResponse = async ( + parsedOutput: any, + context: __SerdeContext +): Promise => { + const contents: InternalServerException = { + name: "InternalServerException", + $fault: "server", + $retryable: {}, + $metadata: deserializeMetadata(parsedOutput), + message: undefined, + retryAfterSeconds: undefined, + }; + if (parsedOutput.headers["retry-after"] !== undefined) { + contents.retryAfterSeconds = __strictParseInt32(parsedOutput.headers["retry-after"]); + } + const data: any = parsedOutput.body; + if (data.message !== undefined && data.message !== null) { + contents.message = __expectString(data.message); + } + return contents; +}; + +const deserializeAws_restJson1ResourceNotFoundExceptionResponse = async ( + parsedOutput: any, + context: __SerdeContext +): Promise => { + const contents: ResourceNotFoundException = { + name: "ResourceNotFoundException", + $fault: "client", + $metadata: deserializeMetadata(parsedOutput), + message: undefined, + resourceId: undefined, + resourceType: undefined, + }; + const data: any = parsedOutput.body; + if (data.message !== undefined && data.message !== null) { + contents.message = __expectString(data.message); + } + if (data.resourceId !== undefined && data.resourceId !== null) { + contents.resourceId = __expectString(data.resourceId); + } + if (data.resourceType !== undefined && data.resourceType !== null) { + contents.resourceType = __expectString(data.resourceType); + } + return contents; +}; + +const deserializeAws_restJson1ServiceQuotaExceededExceptionResponse = async ( + parsedOutput: any, + context: __SerdeContext +): Promise => { + const contents: ServiceQuotaExceededException = { + name: "ServiceQuotaExceededException", + $fault: "client", + $metadata: deserializeMetadata(parsedOutput), + message: undefined, + quotaCode: undefined, + resourceId: undefined, + resourceType: undefined, + serviceCode: undefined, + }; + const data: any = parsedOutput.body; + if (data.message !== undefined && data.message !== null) { + contents.message = __expectString(data.message); + } + if (data.quotaCode !== undefined && data.quotaCode !== null) { + contents.quotaCode = __expectString(data.quotaCode); + } + if (data.resourceId !== undefined && data.resourceId !== null) { + contents.resourceId = __expectString(data.resourceId); + } + if (data.resourceType !== undefined && data.resourceType !== null) { + contents.resourceType = __expectString(data.resourceType); + } + if (data.serviceCode !== undefined && data.serviceCode !== null) { + contents.serviceCode = __expectString(data.serviceCode); + } + return contents; +}; + +const deserializeAws_restJson1ThrottlingExceptionResponse = async ( + parsedOutput: any, + context: __SerdeContext +): Promise => { + const contents: ThrottlingException = { + name: "ThrottlingException", + $fault: "client", + $retryable: {}, + $metadata: deserializeMetadata(parsedOutput), + message: undefined, + quotaCode: undefined, + retryAfterSeconds: undefined, + serviceCode: undefined, + }; + if (parsedOutput.headers["retry-after"] !== undefined) { + contents.retryAfterSeconds = __strictParseInt32(parsedOutput.headers["retry-after"]); + } + const data: any = parsedOutput.body; + if (data.message !== undefined && data.message !== null) { + contents.message = __expectString(data.message); + } + if (data.quotaCode !== undefined && data.quotaCode !== null) { + contents.quotaCode = __expectString(data.quotaCode); + } + if (data.serviceCode !== undefined && data.serviceCode !== null) { + contents.serviceCode = __expectString(data.serviceCode); + } + return contents; +}; + +const deserializeAws_restJson1ValidationExceptionResponse = async ( + parsedOutput: any, + context: __SerdeContext +): Promise => { + const contents: ValidationException = { + name: "ValidationException", + $fault: "client", + $metadata: deserializeMetadata(parsedOutput), + fieldList: undefined, + message: undefined, + reason: undefined, + }; + const data: any = parsedOutput.body; + if (data.fieldList !== undefined && data.fieldList !== null) { + contents.fieldList = deserializeAws_restJson1ValidationExceptionFieldList(data.fieldList, context); + } + if (data.message !== undefined && data.message !== null) { + contents.message = __expectString(data.message); + } + if (data.reason !== undefined && data.reason !== null) { + contents.reason = __expectString(data.reason); + } + return contents; +}; + +const serializeAws_restJson1AllowedOrganizations = (input: string[], context: __SerdeContext): any => { + return input + .filter((e: any) => e != null) + .map((entry) => { + if (entry === null) { + return null as any; + } + return entry; + }); +}; + +const serializeAws_restJson1AssertionAttributes = (input: AssertionAttributes, context: __SerdeContext): any => { + return { + ...(input.email !== undefined && input.email !== null && { email: input.email }), + ...(input.groups !== undefined && input.groups !== null && { groups: input.groups }), + ...(input.login !== undefined && input.login !== null && { login: input.login }), + ...(input.name !== undefined && input.name !== null && { name: input.name }), + ...(input.org !== undefined && input.org !== null && { org: input.org }), + ...(input.role !== undefined && input.role !== null && { role: input.role }), + }; +}; + +const serializeAws_restJson1AuthenticationProviders = ( + input: (AuthenticationProviderTypes | string)[], + context: __SerdeContext +): any => { + return input + .filter((e: any) => e != null) + .map((entry) => { + if (entry === null) { + return null as any; + } + return entry; + }); +}; + +const serializeAws_restJson1DataSourceTypesList = ( + input: (DataSourceType | string)[], + context: __SerdeContext +): any => { + return input + .filter((e: any) => e != null) + .map((entry) => { + if (entry === null) { + return null as any; + } + return entry; + }); +}; + +const serializeAws_restJson1IdpMetadata = (input: IdpMetadata, context: __SerdeContext): any => { + return IdpMetadata.visit(input, { + url: (value) => ({ url: value }), + xml: (value) => ({ xml: value }), + _: (name, value) => ({ name: value } as any), + }); +}; + +const serializeAws_restJson1NotificationDestinationsList = ( + input: (NotificationDestinationType | string)[], + context: __SerdeContext +): any => { + return input + .filter((e: any) => e != null) + .map((entry) => { + if (entry === null) { + return null as any; + } + return entry; + }); +}; + +const serializeAws_restJson1OrganizationalUnitList = (input: string[], context: __SerdeContext): any => { + return input + .filter((e: any) => e != null) + .map((entry) => { + if (entry === null) { + return null as any; + } + return entry; + }); +}; + +const serializeAws_restJson1RoleValueList = (input: string[], context: __SerdeContext): any => { + return input + .filter((e: any) => e != null) + .map((entry) => { + if (entry === null) { + return null as any; + } + return entry; + }); +}; + +const serializeAws_restJson1RoleValues = (input: RoleValues, context: __SerdeContext): any => { + return { + ...(input.admin !== undefined && + input.admin !== null && { admin: serializeAws_restJson1RoleValueList(input.admin, context) }), + ...(input.editor !== undefined && + input.editor !== null && { editor: serializeAws_restJson1RoleValueList(input.editor, context) }), + }; +}; + +const serializeAws_restJson1SamlConfiguration = (input: SamlConfiguration, context: __SerdeContext): any => { + return { + ...(input.allowedOrganizations !== undefined && + input.allowedOrganizations !== null && { + allowedOrganizations: serializeAws_restJson1AllowedOrganizations(input.allowedOrganizations, context), + }), + ...(input.assertionAttributes !== undefined && + input.assertionAttributes !== null && { + assertionAttributes: serializeAws_restJson1AssertionAttributes(input.assertionAttributes, context), + }), + ...(input.idpMetadata !== undefined && + input.idpMetadata !== null && { idpMetadata: serializeAws_restJson1IdpMetadata(input.idpMetadata, context) }), + ...(input.loginValidityDuration !== undefined && + input.loginValidityDuration !== null && { loginValidityDuration: input.loginValidityDuration }), + ...(input.roleValues !== undefined && + input.roleValues !== null && { roleValues: serializeAws_restJson1RoleValues(input.roleValues, context) }), + }; +}; + +const serializeAws_restJson1UpdateInstruction = (input: UpdateInstruction, context: __SerdeContext): any => { + return { + ...(input.action !== undefined && input.action !== null && { action: input.action }), + ...(input.role !== undefined && input.role !== null && { role: input.role }), + ...(input.users !== undefined && + input.users !== null && { users: serializeAws_restJson1UserList(input.users, context) }), + }; +}; + +const serializeAws_restJson1UpdateInstructionBatch = (input: UpdateInstruction[], context: __SerdeContext): any => { + return input + .filter((e: any) => e != null) + .map((entry) => { + if (entry === null) { + return null as any; + } + return serializeAws_restJson1UpdateInstruction(entry, context); + }); +}; + +const serializeAws_restJson1User = (input: User, context: __SerdeContext): any => { + return { + ...(input.id !== undefined && input.id !== null && { id: input.id }), + ...(input.type !== undefined && input.type !== null && { type: input.type }), + }; +}; + +const serializeAws_restJson1UserList = (input: User[], context: __SerdeContext): any => { + return input + .filter((e: any) => e != null) + .map((entry) => { + if (entry === null) { + return null as any; + } + return serializeAws_restJson1User(entry, context); + }); +}; + +const deserializeAws_restJson1AllowedOrganizations = (output: any, context: __SerdeContext): string[] => { + return (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return __expectString(entry) as any; + }); +}; + +const deserializeAws_restJson1AssertionAttributes = (output: any, context: __SerdeContext): AssertionAttributes => { + return { + email: __expectString(output.email), + groups: __expectString(output.groups), + login: __expectString(output.login), + name: __expectString(output.name), + org: __expectString(output.org), + role: __expectString(output.role), + } as any; +}; + +const deserializeAws_restJson1AuthenticationDescription = ( + output: any, + context: __SerdeContext +): AuthenticationDescription => { + return { + awsSso: + output.awsSso !== undefined && output.awsSso !== null + ? deserializeAws_restJson1AwsSsoAuthentication(output.awsSso, context) + : undefined, + providers: + output.providers !== undefined && output.providers !== null + ? deserializeAws_restJson1AuthenticationProviders(output.providers, context) + : undefined, + saml: + output.saml !== undefined && output.saml !== null + ? deserializeAws_restJson1SamlAuthentication(output.saml, context) + : undefined, + } as any; +}; + +const deserializeAws_restJson1AuthenticationProviders = ( + output: any, + context: __SerdeContext +): (AuthenticationProviderTypes | string)[] => { + return (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return __expectString(entry) as any; + }); +}; + +const deserializeAws_restJson1AuthenticationSummary = (output: any, context: __SerdeContext): AuthenticationSummary => { + return { + providers: + output.providers !== undefined && output.providers !== null + ? deserializeAws_restJson1AuthenticationProviders(output.providers, context) + : undefined, + samlConfigurationStatus: __expectString(output.samlConfigurationStatus), + } as any; +}; + +const deserializeAws_restJson1AwsSsoAuthentication = (output: any, context: __SerdeContext): AwsSsoAuthentication => { + return { + ssoClientId: __expectString(output.ssoClientId), + } as any; +}; + +const deserializeAws_restJson1DataSourceTypesList = ( + output: any, + context: __SerdeContext +): (DataSourceType | string)[] => { + return (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return __expectString(entry) as any; + }); +}; + +const deserializeAws_restJson1IdpMetadata = (output: any, context: __SerdeContext): IdpMetadata => { + if (__expectString(output.url) !== undefined) { + return { url: __expectString(output.url) as any }; + } + if (__expectString(output.xml) !== undefined) { + return { xml: __expectString(output.xml) as any }; + } + return { $unknown: Object.entries(output)[0] }; +}; + +const deserializeAws_restJson1NotificationDestinationsList = ( + output: any, + context: __SerdeContext +): (NotificationDestinationType | string)[] => { + return (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return __expectString(entry) as any; + }); +}; + +const deserializeAws_restJson1OrganizationalUnitList = (output: any, context: __SerdeContext): string[] => { + return (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return __expectString(entry) as any; + }); +}; + +const deserializeAws_restJson1PermissionEntry = (output: any, context: __SerdeContext): PermissionEntry => { + return { + role: __expectString(output.role), + user: + output.user !== undefined && output.user !== null + ? deserializeAws_restJson1User(output.user, context) + : undefined, + } as any; +}; + +const deserializeAws_restJson1PermissionEntryList = (output: any, context: __SerdeContext): PermissionEntry[] => { + return (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return deserializeAws_restJson1PermissionEntry(entry, context); + }); +}; + +const deserializeAws_restJson1RoleValueList = (output: any, context: __SerdeContext): string[] => { + return (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return __expectString(entry) as any; + }); +}; + +const deserializeAws_restJson1RoleValues = (output: any, context: __SerdeContext): RoleValues => { + return { + admin: + output.admin !== undefined && output.admin !== null + ? deserializeAws_restJson1RoleValueList(output.admin, context) + : undefined, + editor: + output.editor !== undefined && output.editor !== null + ? deserializeAws_restJson1RoleValueList(output.editor, context) + : undefined, + } as any; +}; + +const deserializeAws_restJson1SamlAuthentication = (output: any, context: __SerdeContext): SamlAuthentication => { + return { + configuration: + output.configuration !== undefined && output.configuration !== null + ? deserializeAws_restJson1SamlConfiguration(output.configuration, context) + : undefined, + status: __expectString(output.status), + } as any; +}; + +const deserializeAws_restJson1SamlConfiguration = (output: any, context: __SerdeContext): SamlConfiguration => { + return { + allowedOrganizations: + output.allowedOrganizations !== undefined && output.allowedOrganizations !== null + ? deserializeAws_restJson1AllowedOrganizations(output.allowedOrganizations, context) + : undefined, + assertionAttributes: + output.assertionAttributes !== undefined && output.assertionAttributes !== null + ? deserializeAws_restJson1AssertionAttributes(output.assertionAttributes, context) + : undefined, + idpMetadata: + output.idpMetadata !== undefined && output.idpMetadata !== null + ? deserializeAws_restJson1IdpMetadata(__expectUnion(output.idpMetadata), context) + : undefined, + loginValidityDuration: __expectInt32(output.loginValidityDuration), + roleValues: + output.roleValues !== undefined && output.roleValues !== null + ? deserializeAws_restJson1RoleValues(output.roleValues, context) + : undefined, + } as any; +}; + +const deserializeAws_restJson1UpdateError = (output: any, context: __SerdeContext): UpdateError => { + return { + causedBy: + output.causedBy !== undefined && output.causedBy !== null + ? deserializeAws_restJson1UpdateInstruction(output.causedBy, context) + : undefined, + code: __expectInt32(output.code), + message: __expectString(output.message), + } as any; +}; + +const deserializeAws_restJson1UpdateErrorList = (output: any, context: __SerdeContext): UpdateError[] => { + return (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return deserializeAws_restJson1UpdateError(entry, context); + }); +}; + +const deserializeAws_restJson1UpdateInstruction = (output: any, context: __SerdeContext): UpdateInstruction => { + return { + action: __expectString(output.action), + role: __expectString(output.role), + users: + output.users !== undefined && output.users !== null + ? deserializeAws_restJson1UserList(output.users, context) + : undefined, + } as any; +}; + +const deserializeAws_restJson1User = (output: any, context: __SerdeContext): User => { + return { + id: __expectString(output.id), + type: __expectString(output.type), + } as any; +}; + +const deserializeAws_restJson1UserList = (output: any, context: __SerdeContext): User[] => { + return (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return deserializeAws_restJson1User(entry, context); + }); +}; + +const deserializeAws_restJson1ValidationExceptionField = ( + output: any, + context: __SerdeContext +): ValidationExceptionField => { + return { + message: __expectString(output.message), + name: __expectString(output.name), + } as any; +}; + +const deserializeAws_restJson1ValidationExceptionFieldList = ( + output: any, + context: __SerdeContext +): ValidationExceptionField[] => { + return (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return deserializeAws_restJson1ValidationExceptionField(entry, context); + }); +}; + +const deserializeAws_restJson1WorkspaceDescription = (output: any, context: __SerdeContext): WorkspaceDescription => { + return { + accountAccessType: __expectString(output.accountAccessType), + authentication: + output.authentication !== undefined && output.authentication !== null + ? deserializeAws_restJson1AuthenticationSummary(output.authentication, context) + : undefined, + created: + output.created !== undefined && output.created !== null + ? __expectNonNull(__parseEpochTimestamp(__expectNumber(output.created))) + : undefined, + dataSources: + output.dataSources !== undefined && output.dataSources !== null + ? deserializeAws_restJson1DataSourceTypesList(output.dataSources, context) + : undefined, + description: __expectString(output.description), + endpoint: __expectString(output.endpoint), + freeTrialConsumed: __expectBoolean(output.freeTrialConsumed), + freeTrialExpiration: + output.freeTrialExpiration !== undefined && output.freeTrialExpiration !== null + ? __expectNonNull(__parseEpochTimestamp(__expectNumber(output.freeTrialExpiration))) + : undefined, + grafanaVersion: __expectString(output.grafanaVersion), + id: __expectString(output.id), + licenseExpiration: + output.licenseExpiration !== undefined && output.licenseExpiration !== null + ? __expectNonNull(__parseEpochTimestamp(__expectNumber(output.licenseExpiration))) + : undefined, + licenseType: __expectString(output.licenseType), + modified: + output.modified !== undefined && output.modified !== null + ? __expectNonNull(__parseEpochTimestamp(__expectNumber(output.modified))) + : undefined, + name: __expectString(output.name), + notificationDestinations: + output.notificationDestinations !== undefined && output.notificationDestinations !== null + ? deserializeAws_restJson1NotificationDestinationsList(output.notificationDestinations, context) + : undefined, + organizationRoleName: __expectString(output.organizationRoleName), + organizationalUnits: + output.organizationalUnits !== undefined && output.organizationalUnits !== null + ? deserializeAws_restJson1OrganizationalUnitList(output.organizationalUnits, context) + : undefined, + permissionType: __expectString(output.permissionType), + stackSetName: __expectString(output.stackSetName), + status: __expectString(output.status), + workspaceRoleArn: __expectString(output.workspaceRoleArn), + } as any; +}; + +const deserializeAws_restJson1WorkspaceList = (output: any, context: __SerdeContext): WorkspaceSummary[] => { + return (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return deserializeAws_restJson1WorkspaceSummary(entry, context); + }); +}; + +const deserializeAws_restJson1WorkspaceSummary = (output: any, context: __SerdeContext): WorkspaceSummary => { + return { + authentication: + output.authentication !== undefined && output.authentication !== null + ? deserializeAws_restJson1AuthenticationSummary(output.authentication, context) + : undefined, + created: + output.created !== undefined && output.created !== null + ? __expectNonNull(__parseEpochTimestamp(__expectNumber(output.created))) + : undefined, + description: __expectString(output.description), + endpoint: __expectString(output.endpoint), + grafanaVersion: __expectString(output.grafanaVersion), + id: __expectString(output.id), + modified: + output.modified !== undefined && output.modified !== null + ? __expectNonNull(__parseEpochTimestamp(__expectNumber(output.modified))) + : undefined, + name: __expectString(output.name), + notificationDestinations: + output.notificationDestinations !== undefined && output.notificationDestinations !== null + ? deserializeAws_restJson1NotificationDestinationsList(output.notificationDestinations, context) + : undefined, + status: __expectString(output.status), + } as any; +}; + +const deserializeMetadata = (output: __HttpResponse): __ResponseMetadata => ({ + httpStatusCode: output.statusCode, + requestId: output.headers["x-amzn-requestid"] ?? output.headers["x-amzn-request-id"], + extendedRequestId: output.headers["x-amz-id-2"], + cfId: output.headers["x-amz-cf-id"], +}); + +// Collect low-level response body stream to Uint8Array. +const collectBody = (streamBody: any = new Uint8Array(), context: __SerdeContext): Promise => { + if (streamBody instanceof Uint8Array) { + return Promise.resolve(streamBody); + } + return context.streamCollector(streamBody) || Promise.resolve(new Uint8Array()); +}; + +// Encode Uint8Array data into string with utf-8. +const collectBodyString = (streamBody: any, context: __SerdeContext): Promise => + collectBody(streamBody, context).then((body) => context.utf8Encoder(body)); + +const isSerializableHeaderValue = (value: any): boolean => + value !== undefined && + value !== null && + value !== "" && + (!Object.getOwnPropertyNames(value).includes("length") || value.length != 0) && + (!Object.getOwnPropertyNames(value).includes("size") || value.size != 0); + +const parseBody = (streamBody: any, context: __SerdeContext): any => + collectBodyString(streamBody, context).then((encoded) => { + if (encoded.length) { + return JSON.parse(encoded); + } + return {}; + }); + +/** + * Load an error code for the aws.rest-json-1.1 protocol. + */ +const loadRestJsonErrorCode = (output: __HttpResponse, data: any): string => { + const findKey = (object: any, key: string) => Object.keys(object).find((k) => k.toLowerCase() === key.toLowerCase()); + + const sanitizeErrorCode = (rawValue: string): string => { + let cleanValue = rawValue; + if (cleanValue.indexOf(":") >= 0) { + cleanValue = cleanValue.split(":")[0]; + } + if (cleanValue.indexOf("#") >= 0) { + cleanValue = cleanValue.split("#")[1]; + } + return cleanValue; + }; + + const headerKey = findKey(output.headers, "x-amzn-errortype"); + if (headerKey !== undefined) { + return sanitizeErrorCode(output.headers[headerKey]); + } + + if (data.code !== undefined) { + return sanitizeErrorCode(data.code); + } + + if (data["__type"] !== undefined) { + return sanitizeErrorCode(data["__type"]); + } + + return ""; +}; diff --git a/clients/client-grafana/src/runtimeConfig.browser.ts b/clients/client-grafana/src/runtimeConfig.browser.ts new file mode 100644 index 000000000000..af3776989af8 --- /dev/null +++ b/clients/client-grafana/src/runtimeConfig.browser.ts @@ -0,0 +1,41 @@ +// @ts-ignore: package.json will be imported from dist folders +import packageInfo from "../package.json"; // eslint-disable-line + +import { Sha256 } from "@aws-crypto/sha256-browser"; +import { FetchHttpHandler, streamCollector } from "@aws-sdk/fetch-http-handler"; +import { invalidProvider } from "@aws-sdk/invalid-dependency"; +import { DEFAULT_MAX_ATTEMPTS, DEFAULT_RETRY_MODE } from "@aws-sdk/middleware-retry"; +import { fromBase64, toBase64 } from "@aws-sdk/util-base64-browser"; +import { calculateBodyLength } from "@aws-sdk/util-body-length-browser"; +import { defaultUserAgent } from "@aws-sdk/util-user-agent-browser"; +import { fromUtf8, toUtf8 } from "@aws-sdk/util-utf8-browser"; +import { GrafanaClientConfig } from "./GrafanaClient"; +import { getRuntimeConfig as getSharedRuntimeConfig } from "./runtimeConfig.shared"; + +/** + * @internal + */ +export const getRuntimeConfig = (config: GrafanaClientConfig) => { + const clientSharedValues = getSharedRuntimeConfig(config); + return { + ...clientSharedValues, + ...config, + runtime: "browser", + base64Decoder: config?.base64Decoder ?? fromBase64, + base64Encoder: config?.base64Encoder ?? toBase64, + bodyLengthChecker: config?.bodyLengthChecker ?? calculateBodyLength, + credentialDefaultProvider: + config?.credentialDefaultProvider ?? ((_: unknown) => () => Promise.reject(new Error("Credential is missing"))), + defaultUserAgentProvider: + config?.defaultUserAgentProvider ?? + defaultUserAgent({ serviceId: clientSharedValues.serviceId, clientVersion: packageInfo.version }), + maxAttempts: config?.maxAttempts ?? DEFAULT_MAX_ATTEMPTS, + region: config?.region ?? invalidProvider("Region is missing"), + requestHandler: config?.requestHandler ?? new FetchHttpHandler(), + retryMode: config?.retryMode ?? (() => Promise.resolve(DEFAULT_RETRY_MODE)), + sha256: config?.sha256 ?? Sha256, + streamCollector: config?.streamCollector ?? streamCollector, + utf8Decoder: config?.utf8Decoder ?? fromUtf8, + utf8Encoder: config?.utf8Encoder ?? toUtf8, + }; +}; diff --git a/clients/client-grafana/src/runtimeConfig.native.ts b/clients/client-grafana/src/runtimeConfig.native.ts new file mode 100644 index 000000000000..11c8368d1c4a --- /dev/null +++ b/clients/client-grafana/src/runtimeConfig.native.ts @@ -0,0 +1,17 @@ +import { Sha256 } from "@aws-crypto/sha256-js"; + +import { GrafanaClientConfig } from "./GrafanaClient"; +import { getRuntimeConfig as getBrowserRuntimeConfig } from "./runtimeConfig.browser"; + +/** + * @internal + */ +export const getRuntimeConfig = (config: GrafanaClientConfig) => { + const browserDefaults = getBrowserRuntimeConfig(config); + return { + ...browserDefaults, + ...config, + runtime: "react-native", + sha256: config?.sha256 ?? Sha256, + }; +}; diff --git a/clients/client-grafana/src/runtimeConfig.shared.ts b/clients/client-grafana/src/runtimeConfig.shared.ts new file mode 100644 index 000000000000..437cd32fe13a --- /dev/null +++ b/clients/client-grafana/src/runtimeConfig.shared.ts @@ -0,0 +1,17 @@ +import { Logger as __Logger } from "@aws-sdk/types"; +import { parseUrl } from "@aws-sdk/url-parser"; + +import { defaultRegionInfoProvider } from "./endpoints"; +import { GrafanaClientConfig } from "./GrafanaClient"; + +/** + * @internal + */ +export const getRuntimeConfig = (config: GrafanaClientConfig) => ({ + apiVersion: "2020-08-18", + disableHostPrefix: config?.disableHostPrefix ?? false, + logger: config?.logger ?? ({} as __Logger), + regionInfoProvider: config?.regionInfoProvider ?? defaultRegionInfoProvider, + serviceId: config?.serviceId ?? "grafana", + urlParser: config?.urlParser ?? parseUrl, +}); diff --git a/clients/client-grafana/src/runtimeConfig.ts b/clients/client-grafana/src/runtimeConfig.ts new file mode 100644 index 000000000000..dae6954f8484 --- /dev/null +++ b/clients/client-grafana/src/runtimeConfig.ts @@ -0,0 +1,46 @@ +// @ts-ignore: package.json will be imported from dist folders +import packageInfo from "../package.json"; // eslint-disable-line + +import { decorateDefaultCredentialProvider } from "@aws-sdk/client-sts"; +import { NODE_REGION_CONFIG_FILE_OPTIONS, NODE_REGION_CONFIG_OPTIONS } from "@aws-sdk/config-resolver"; +import { defaultProvider as credentialDefaultProvider } from "@aws-sdk/credential-provider-node"; +import { Hash } from "@aws-sdk/hash-node"; +import { NODE_MAX_ATTEMPT_CONFIG_OPTIONS, NODE_RETRY_MODE_CONFIG_OPTIONS } from "@aws-sdk/middleware-retry"; +import { loadConfig as loadNodeConfig } from "@aws-sdk/node-config-provider"; +import { NodeHttpHandler, streamCollector } from "@aws-sdk/node-http-handler"; +import { fromBase64, toBase64 } from "@aws-sdk/util-base64-node"; +import { calculateBodyLength } from "@aws-sdk/util-body-length-node"; +import { defaultUserAgent } from "@aws-sdk/util-user-agent-node"; +import { fromUtf8, toUtf8 } from "@aws-sdk/util-utf8-node"; +import { GrafanaClientConfig } from "./GrafanaClient"; +import { getRuntimeConfig as getSharedRuntimeConfig } from "./runtimeConfig.shared"; +import { emitWarningIfUnsupportedVersion } from "@aws-sdk/smithy-client"; + +/** + * @internal + */ +export const getRuntimeConfig = (config: GrafanaClientConfig) => { + emitWarningIfUnsupportedVersion(process.version); + const clientSharedValues = getSharedRuntimeConfig(config); + return { + ...clientSharedValues, + ...config, + runtime: "node", + base64Decoder: config?.base64Decoder ?? fromBase64, + base64Encoder: config?.base64Encoder ?? toBase64, + bodyLengthChecker: config?.bodyLengthChecker ?? calculateBodyLength, + credentialDefaultProvider: + config?.credentialDefaultProvider ?? decorateDefaultCredentialProvider(credentialDefaultProvider), + defaultUserAgentProvider: + config?.defaultUserAgentProvider ?? + defaultUserAgent({ serviceId: clientSharedValues.serviceId, clientVersion: packageInfo.version }), + maxAttempts: config?.maxAttempts ?? loadNodeConfig(NODE_MAX_ATTEMPT_CONFIG_OPTIONS), + region: config?.region ?? loadNodeConfig(NODE_REGION_CONFIG_OPTIONS, NODE_REGION_CONFIG_FILE_OPTIONS), + requestHandler: config?.requestHandler ?? new NodeHttpHandler(), + retryMode: config?.retryMode ?? loadNodeConfig(NODE_RETRY_MODE_CONFIG_OPTIONS), + sha256: config?.sha256 ?? Hash.bind(null, "sha256"), + streamCollector: config?.streamCollector ?? streamCollector, + utf8Decoder: config?.utf8Decoder ?? fromUtf8, + utf8Encoder: config?.utf8Encoder ?? toUtf8, + }; +}; diff --git a/clients/client-grafana/tsconfig.es.json b/clients/client-grafana/tsconfig.es.json new file mode 100644 index 000000000000..4c72364cd1a0 --- /dev/null +++ b/clients/client-grafana/tsconfig.es.json @@ -0,0 +1,10 @@ +{ + "extends": "./tsconfig", + "compilerOptions": { + "target": "es5", + "module": "esnext", + "moduleResolution": "node", + "lib": ["dom", "es5", "es2015.promise", "es2015.collection", "es2015.iterable", "es2015.symbol.wellknown"], + "outDir": "dist-es" + } +} diff --git a/clients/client-grafana/tsconfig.json b/clients/client-grafana/tsconfig.json new file mode 100644 index 000000000000..7db748cb9a62 --- /dev/null +++ b/clients/client-grafana/tsconfig.json @@ -0,0 +1,32 @@ +{ + "compilerOptions": { + "rootDir": "./src", + "alwaysStrict": true, + "target": "ES2018", + "module": "commonjs", + "strict": true, + "downlevelIteration": true, + "importHelpers": true, + "noEmitHelpers": true, + "incremental": true, + "resolveJsonModule": true, + "esModuleInterop": true, + "outDir": "dist-cjs", + "removeComments": true + }, + "typedocOptions": { + "exclude": ["**/node_modules/**", "**/*.spec.ts", "**/protocols/*.ts", "**/e2e/*.ts", "**/endpoints.ts"], + "excludeNotExported": true, + "excludePrivate": true, + "hideGenerator": true, + "ignoreCompilerErrors": true, + "includeDeclarations": true, + "stripInternal": true, + "readme": "README.md", + "mode": "file", + "out": "docs", + "theme": "minimal", + "plugin": ["@aws-sdk/client-documentation-generator"] + }, + "exclude": ["test/**/*"] +} diff --git a/clients/client-grafana/tsconfig.types.json b/clients/client-grafana/tsconfig.types.json new file mode 100644 index 000000000000..b7018298d8ae --- /dev/null +++ b/clients/client-grafana/tsconfig.types.json @@ -0,0 +1,9 @@ +{ + "extends": "./tsconfig", + "compilerOptions": { + "removeComments": false, + "declaration": true, + "declarationDir": "dist-types" + }, + "exclude": ["test/**/*", "dist-types/**/*"] +} diff --git a/clients/client-kendra/src/Kendra.ts b/clients/client-kendra/src/Kendra.ts index ee123844666c..d497d1fff431 100644 --- a/clients/client-kendra/src/Kendra.ts +++ b/clients/client-kendra/src/Kendra.ts @@ -340,11 +340,10 @@ export class Kendra extends KendraClient { } /** - *

                                                Creates a data source that you use to with an Amazon Kendra index.

                                                + *

                                                Creates a data source that you want to use with an Amazon Kendra index.

                                                *

                                                You specify a name, data source connector type and description for - * your data source. You also specify configuration information such as - * document metadata (author, source URI, and so on) and user context - * information.

                                                + * your data source. You also specify configuration information for the + * data source connector.

                                                *

                                                * CreateDataSource is a synchronous operation. The * operation returns 200 if the data source was successfully created. @@ -1221,13 +1220,15 @@ export class Kendra extends KendraClient { } /** - *

                                                Maps users to their groups. You can also map sub groups to groups. + *

                                                Maps users to their groups so that you only need to provide + * the user ID when you issue the query.

                                                + *

                                                You can also map sub groups to groups. * For example, the group "Company Intellectual Property Teams" includes * sub groups "Research" and "Engineering". These sub groups include their * own list of users or people who work in these teams. Only users who work * in research and engineering, and therefore belong in the intellectual * property group, can see top-secret company documents in their search - * results.

                                                + * results.

                                                *

                                                You map users to their groups when you want to filter search results * for different users based on their group’s access to documents. For more * information on filtering search results for different users, see diff --git a/clients/client-kendra/src/commands/CreateDataSourceCommand.ts b/clients/client-kendra/src/commands/CreateDataSourceCommand.ts index cc060133fdc3..122b9317abf5 100644 --- a/clients/client-kendra/src/commands/CreateDataSourceCommand.ts +++ b/clients/client-kendra/src/commands/CreateDataSourceCommand.ts @@ -22,11 +22,10 @@ export interface CreateDataSourceCommandInput extends CreateDataSourceRequest {} export interface CreateDataSourceCommandOutput extends CreateDataSourceResponse, __MetadataBearer {} /** - *

                                                Creates a data source that you use to with an Amazon Kendra index.

                                                + *

                                                Creates a data source that you want to use with an Amazon Kendra index.

                                                *

                                                You specify a name, data source connector type and description for - * your data source. You also specify configuration information such as - * document metadata (author, source URI, and so on) and user context - * information.

                                                + * your data source. You also specify configuration information for the + * data source connector.

                                                *

                                                * CreateDataSource is a synchronous operation. The * operation returns 200 if the data source was successfully created. diff --git a/clients/client-kendra/src/commands/PutPrincipalMappingCommand.ts b/clients/client-kendra/src/commands/PutPrincipalMappingCommand.ts index 6da32b5ef28d..9733b7bd5625 100644 --- a/clients/client-kendra/src/commands/PutPrincipalMappingCommand.ts +++ b/clients/client-kendra/src/commands/PutPrincipalMappingCommand.ts @@ -22,13 +22,15 @@ export interface PutPrincipalMappingCommandInput extends PutPrincipalMappingRequ export interface PutPrincipalMappingCommandOutput extends __MetadataBearer {} /** - *

                                                Maps users to their groups. You can also map sub groups to groups. + *

                                                Maps users to their groups so that you only need to provide + * the user ID when you issue the query.

                                                + *

                                                You can also map sub groups to groups. * For example, the group "Company Intellectual Property Teams" includes * sub groups "Research" and "Engineering". These sub groups include their * own list of users or people who work in these teams. Only users who work * in research and engineering, and therefore belong in the intellectual * property group, can see top-secret company documents in their search - * results.

                                                + * results.

                                                *

                                                You map users to their groups when you want to filter search results * for different users based on their group’s access to documents. For more * information on filtering search results for different users, see diff --git a/clients/client-kendra/src/endpoints.ts b/clients/client-kendra/src/endpoints.ts index 982122bdd59d..2897ee2a4c52 100644 --- a/clients/client-kendra/src/endpoints.ts +++ b/clients/client-kendra/src/endpoints.ts @@ -1,7 +1,20 @@ import { getRegionInfo, PartitionHash, RegionHash } from "@aws-sdk/config-resolver"; import { RegionInfoProvider } from "@aws-sdk/types"; -const regionHash: RegionHash = {}; +const regionHash: RegionHash = { + "fips-us-east-1": { + hostname: "kendra-fips.us-east-1.amazonaws.com", + signingRegion: "us-east-1", + }, + "fips-us-east-2": { + hostname: "kendra-fips.us-east-2.amazonaws.com", + signingRegion: "us-east-2", + }, + "fips-us-west-2": { + hostname: "kendra-fips.us-west-2.amazonaws.com", + signingRegion: "us-west-2", + }, +}; const partitionHash: PartitionHash = { aws: { @@ -21,6 +34,9 @@ const partitionHash: PartitionHash = { "eu-west-1", "eu-west-2", "eu-west-3", + "fips-us-east-1", + "fips-us-east-2", + "fips-us-west-2", "me-south-1", "sa-east-1", "us-east-1", diff --git a/clients/client-kendra/src/models/models_0.ts b/clients/client-kendra/src/models/models_0.ts index 36acf5343ab1..02b8d2610093 100644 --- a/clients/client-kendra/src/models/models_0.ts +++ b/clients/client-kendra/src/models/models_0.ts @@ -2856,6 +2856,9 @@ export namespace SiteMapsConfiguration { /** *

                                                Provides the configuration information of the URLs to crawl.

                                                + *

                                                You can only crawl websites that use the secure communication protocol, + * Hypertext Transfer Protocol Secure (HTTPS). If you receive an error when + * crawling a website, it could be that the website is blocked from crawling.

                                                *

                                                * When selecting websites to index, you must adhere to * the Amazon Acceptable Use Policy @@ -2902,6 +2905,9 @@ export interface WebCrawlerConfiguration { * websites or the sitemap URLs of the websites you want to crawl.

                                                *

                                                You can include website subdomains. You can list up to 100 seed * URLs and up to three sitemap URLs.

                                                + *

                                                You can only crawl websites that use the secure communication protocol, + * Hypertext Transfer Protocol Secure (HTTPS). If you receive an error when + * crawling a website, it could be that the website is blocked from crawling.

                                                *

                                                * When selecting websites to index, you must adhere to * the Amazon Acceptable Use Policy @@ -3262,6 +3268,15 @@ export interface CreateDataSourceRequest { * the same client token will create only one data source.

                                                */ ClientToken?: string; + + /** + *

                                                The code for a language. This allows you to support a language for all + * documents when creating the data source. English is supported + * by default. For more information on supported languages, including their codes, + * see Adding + * documents in languages other than English.

                                                + */ + LanguageCode?: string; } export namespace CreateDataSourceRequest { @@ -3363,6 +3378,15 @@ export interface CreateFaqRequest { * one FAQ.

                                                */ ClientToken?: string; + + /** + *

                                                The code for a language. This allows you to support a language + * for the FAQ document. English is supported by default. + * For more information on supported languages, including their codes, + * see Adding + * documents in languages other than English.

                                                + */ + LanguageCode?: string; } export namespace CreateFaqRequest { @@ -3423,6 +3447,46 @@ export enum UserContextPolicy { USER_TOKEN = "USER_TOKEN", } +export enum UserGroupResolutionMode { + AWS_SSO = "AWS_SSO", + NONE = "NONE", +} + +/** + *

                                                Provides the configuration information to fetch access levels + * of groups and users from an AWS Single Sign-On identity + * source. This is useful for setting up user context filtering, where + * Amazon Kendra filters search results for different users based on their + * group's access to documents. You can also map your users to their + * groups for user context filtering using the + * PutPrincipalMapping + * operation.

                                                + *

                                                To set up an AWS SSO identity source in the console to use with + * Amazon Kendra, see Getting started + * with an AWS SSO identity source. You must also grant the required + * permissions to use AWS SSO with Amazon Kendra. For more information, see + * IAM roles for + * AWS Single Sign-On.

                                                + */ +export interface UserGroupResolutionConfiguration { + /** + *

                                                The identity store provider (mode) you want to use to fetch access levels of groups and + * users. AWS Single Sign-On is currently the only available mode. Your users and groups + * must + * exist in an AWS SSO identity source in order to use this mode.

                                                + */ + UserGroupResolutionMode: UserGroupResolutionMode | string | undefined; +} + +export namespace UserGroupResolutionConfiguration { + /** + * @internal + */ + export const filterSensitiveLog = (obj: UserGroupResolutionConfiguration): any => ({ + ...obj, + }); +} + /** *

                                                Configuration information for the JSON token type.

                                                */ @@ -3590,21 +3654,30 @@ export interface CreateIndexRequest { *
                                                ATTRIBUTE_FILTER
                                                *
                                                *

                                                All indexed content is searchable and displayable - * for all users. If there is an access control list, it - * is ignored. You can filter on user and group attributes. + * for all users. If you want to filter search results on + * user context, you can use the attribute filters of + * _user_id and _group_ids or + * you can provide user and group information in UserContext. *

                                                *
                                                *
                                                USER_TOKEN
                                                *
                                                - *

                                                Enables SSO and token-based user access control. - * All documents with no access control and all documents - * accessible to the user will be searchable and - * displayable. + *

                                                Enables token-based user access control to filter + * search results on user context. All documents with no + * access control and all documents accessible to the user + * will be searchable and displayable. *

                                                *
                                                * */ UserContextPolicy?: UserContextPolicy | string; + + /** + *

                                                Enables fetching access levels of groups and users from an AWS Single Sign-On + * identity source. To configure this, see + * UserGroupResolutionConfiguration.

                                                + */ + UserGroupResolutionConfiguration?: UserGroupResolutionConfiguration; } export namespace CreateIndexRequest { @@ -3757,7 +3830,7 @@ export interface CreateThesaurusRequest { /** *

                                                A token that you provide to identify the request to create a * thesaurus. Multiple calls to the CreateThesaurus operation - * with the same client token will create only one index. + * with the same client token will create only one thesaurus. *

                                                */ ClientToken?: string; @@ -4039,6 +4112,15 @@ export interface DescribeDataSourceResponse { * caused the data source to fail.

                                                */ ErrorMessage?: string; + + /** + *

                                                The code for a language. This shows a supported language for all + * documents in the data source. English is supported by + * default. For more information on supported languages, including their codes, + * see Adding + * documents in languages other than English.

                                                + */ + LanguageCode?: string; } export namespace DescribeDataSourceResponse { @@ -4138,6 +4220,15 @@ export interface DescribeFaqResponse { *

                                                The file format used by the input files for the FAQ.

                                                */ FileFormat?: FaqFileFormat | string; + + /** + *

                                                The code for a language. This shows a supported language + * for the FAQ document. English is supported by default. + * For more information on supported languages, including their codes, + * see Adding + * documents in languages other than English.

                                                + */ + LanguageCode?: string; } export namespace DescribeFaqResponse { @@ -4543,6 +4634,12 @@ export interface DescribeIndexResponse { *

                                                The user context policy for the Amazon Kendra index.

                                                */ UserContextPolicy?: UserContextPolicy | string; + + /** + *

                                                Shows whether you have enabled the configuration for fetching access + * levels of groups and users from an AWS Single Sign-On identity source.

                                                + */ + UserGroupResolutionConfiguration?: UserGroupResolutionConfiguration; } export namespace DescribeIndexResponse { @@ -4771,7 +4868,7 @@ export interface DescribeQuerySuggestionsBlockListResponse { ErrorMessage?: string; /** - *

                                                Shows the date-time a block list for query suggestions was last created.

                                                + *

                                                Shows the date-time a block list for query suggestions was created.

                                                */ CreatedAt?: Date; @@ -5256,6 +5353,15 @@ export interface DataSourceSummary { * ACTIVE the data source is ready to use.

                                                */ Status?: DataSourceStatus | string; + + /** + *

                                                The code for a language. This shows a supported language for all documents + * in the data source. English is supported by default. + * For more information on supported languages, including their codes, + * see Adding + * documents in languages other than English.

                                                + */ + LanguageCode?: string; } export namespace DataSourceSummary { @@ -5336,9 +5442,9 @@ export interface ListDataSourceSyncJobsRequest { IndexId: string | undefined; /** - *

                                                If the result of the previous request to - * GetDataSourceSyncJobHistory was truncated, include the - * NextToken to fetch the next set of jobs.

                                                + *

                                                If the previous response was incomplete (because there is more data to retrieve), + * Amazon Kendra returns a pagination token in the response. You can use this pagination token + * to retrieve the next set of jobs.

                                                */ NextToken?: string; @@ -5492,12 +5598,8 @@ export interface ListDataSourceSyncJobsResponse { History?: DataSourceSyncJob[]; /** - *

                                                The GetDataSourceSyncJobHistory operation returns a page - * of vocabularies at a time. The maximum size of the page is set by the - * MaxResults parameter. If there are more jobs in the list - * than the page size, Amazon Kendra returns the NextPage token. Include the - * token in the next request to the GetDataSourceSyncJobHistory - * operation to return in the next page of jobs.

                                                + *

                                                If the response is truncated, Amazon Kendra returns this token that you + * can use in the subsequent request to retrieve the next set of jobs.

                                                */ NextToken?: string; } @@ -5518,8 +5620,9 @@ export interface ListFaqsRequest { IndexId: string | undefined; /** - *

                                                If the result of the previous request to ListFaqs was truncated, include - * the NextToken to fetch the next set of FAQs.

                                                + *

                                                If the previous response was incomplete (because there is more data to retrieve), + * Amazon Kendra returns a pagination token in the response. You can use this pagination token + * to retrieve the next set of FAQs.

                                                */ NextToken?: string; @@ -5575,6 +5678,15 @@ export interface FaqSummary { *

                                                The file type used to create the FAQ.

                                                */ FileFormat?: FaqFileFormat | string; + + /** + *

                                                The code for a language. This shows a supported language for the FAQ document + * as part of the summary information for FAQs. English is supported by default. + * For more information on supported languages, including their codes, + * see Adding + * documents in languages other than English.

                                                + */ + LanguageCode?: string; } export namespace FaqSummary { @@ -5588,11 +5700,8 @@ export namespace FaqSummary { export interface ListFaqsResponse { /** - *

                                                The ListFaqs operation returns a page of FAQs at a time. The maximum size - * of the page is set by the MaxResults parameter. If there are more jobs in - * the list than the page size, Amazon Kendra returns the NextPage token. - * Include the token in the next request to the ListFaqs operation to return - * the next page of FAQs.

                                                + *

                                                If the response is truncated, Amazon Kendra returns this token that you can use + * in the subsequent request to retrieve the next set of FAQs.

                                                */ NextToken?: string; @@ -5632,14 +5741,17 @@ export interface ListGroupsOlderThanOrderingIdRequest { /** *

                                                - * The next items in the list of groups that go beyond the maximum. + * If the previous response was incomplete (because there is more data to retrieve), + * Amazon Kendra returns a pagination token in the response. You can use this pagination + * token to retrieve the next set of groups that are mapped to users before a + * given ordering or timestamp identifier. *

                                                */ NextToken?: string; /** *

                                                - * The maximum results shown for a list of groups that are mapped to users before a + * The maximum number of returned groups that are mapped to users before a * given ordering or timestamp identifier. *

                                                */ @@ -5697,7 +5809,9 @@ export interface ListGroupsOlderThanOrderingIdResponse { /** *

                                                - * The next items in the list of groups that go beyond the maximum. + * If the response is truncated, Amazon Kendra returns this token that you can use + * in the subsequent request to retrieve the next set of groups that are + * mapped to users before a given ordering or timestamp identifier. *

                                                */ NextToken?: string; @@ -6001,7 +6115,7 @@ export namespace ListThesauriRequest { } /** - *

                                                An array of summary information for one or more thesauruses.

                                                + *

                                                An array of summary information for a thesaurus or multiple thesauri.

                                                */ export interface ThesaurusSummary { /** @@ -6049,7 +6163,7 @@ export interface ListThesauriResponse { NextToken?: string; /** - *

                                                An array of summary information for one or more thesauruses.

                                                + *

                                                An array of summary information for a thesaurus or multiple thesauri.

                                                */ ThesaurusSummaryItems?: ThesaurusSummary[]; } @@ -6132,6 +6246,12 @@ export interface GroupMembers { * groups for a group. Your sub groups can contain more than 1000 users, but * the list of sub groups that belong to a group (and/or users) must be no * more than 1000.

                                                + *

                                                You can download this + * example + * S3 file that uses the correct format for listing group members. Note, + * dataSourceId is optional. The value of type + * for a group is always GROUP and for a user it is + * always USER.

                                                */ S3PathforGroupMembers?: S3Path; } @@ -6372,7 +6492,9 @@ export namespace DataSourceGroup { } /** - *

                                                Provides information about the user context for a Amazon Kendra index.

                                                + *

                                                Provides information about the user context for + * an + * Amazon Kendra index.

                                                *

                                                This is used for filtering search results for different users based on their access * to documents.

                                                *

                                                You provide one of the following:

                                                @@ -6381,8 +6503,8 @@ export namespace DataSourceGroup { *

                                                User token

                                                * *
                                              • - *

                                                User ID, the groups the user belongs to, and the data sources - * the groups can access

                                                + *

                                                User ID, the groups the user belongs to, and any data sources the groups can + * access.

                                                *
                                                • *
                                              *

                                              If you provide both, an exception is thrown.

                                              @@ -6493,6 +6615,7 @@ export enum ScoreConfidence { HIGH = "HIGH", LOW = "LOW", MEDIUM = "MEDIUM", + NOT_AVAILABLE = "NOT_AVAILABLE", VERY_HIGH = "VERY_HIGH", } @@ -6920,6 +7043,15 @@ export interface UpdateDataSourceRequest { * source is accessing resources on your behalf.

                                              */ RoleArn?: string; + + /** + *

                                              The code for a language. This allows you to support a language for all + * documents when updating the data source. English is supported + * by default. For more information on supported languages, including their codes, + * see Adding + * documents in languages other than English.

                                              + */ + LanguageCode?: string; } export namespace UpdateDataSourceRequest { @@ -6974,9 +7106,16 @@ export interface UpdateIndexRequest { UserTokenConfigurations?: UserTokenConfiguration[]; /** - *

                                              The user user token context policy.

                                              + *

                                              The user context policy.

                                              */ UserContextPolicy?: UserContextPolicy | string; + + /** + *

                                              Enables fetching access levels of groups and users from an AWS Single Sign-On + * identity source. To configure this, see + * UserGroupResolutionConfiguration.

                                              + */ + UserGroupResolutionConfiguration?: UserGroupResolutionConfiguration; } export namespace UpdateIndexRequest { @@ -7172,10 +7311,11 @@ export namespace UpdateThesaurusRequest { * *

                                              If you use more than 2 layers, you receive a * ValidationException exception with the message - * "AttributeFilter cannot have a depth of more than - * 2."

                                              - *

                                              If you use more than 10 attribute filters, you receive a - * ValidationException exception with the message + * "AttributeFilter cannot have a depth of more + * than 2."

                                              + *

                                              If you use more than 10 attribute filters in a given list for + * AndAllFilters or OrAllFilters, you receive + * a ValidationException with the message * "AttributeFilter cannot have a length of more than 10".

                                              */ export interface AttributeFilter { @@ -7218,28 +7358,28 @@ export interface AttributeFilter { /** *

                                              Performs a greater than operation on two document attributes. Use - * with a document attribute of type Integer or + * with a document attribute of type Date or * Long.

                                              */ GreaterThan?: DocumentAttribute; /** *

                                              Performs a greater or equals than operation on two document - * attributes. Use with a document attribute of type Integer + * attributes. Use with a document attribute of type Date * or Long.

                                              */ GreaterThanOrEquals?: DocumentAttribute; /** *

                                              Performs a less than operation on two document attributes. Use with - * a document attribute of type Integer or + * a document attribute of type Date or * Long.

                                              */ LessThan?: DocumentAttribute; /** *

                                              Performs a less than or equals operation on two document attributes. - * Use with a document attribute of type Integer or + * Use with a document attribute of type Date or * Long.

                                              */ LessThanOrEquals?: DocumentAttribute; @@ -7352,7 +7492,7 @@ export interface QueryRequest { SortingConfiguration?: SortingConfiguration; /** - *

                                              The user context token.

                                              + *

                                              The user context token or user and group information.

                                              */ UserContext?: UserContext; diff --git a/clients/client-kendra/src/protocols/Aws_json1_1.ts b/clients/client-kendra/src/protocols/Aws_json1_1.ts index f1d9588e2f58..a0e7d4c9f462 100644 --- a/clients/client-kendra/src/protocols/Aws_json1_1.ts +++ b/clients/client-kendra/src/protocols/Aws_json1_1.ts @@ -300,6 +300,7 @@ import { UpdateThesaurusRequest, Urls, UserContext, + UserGroupResolutionConfiguration, UserTokenConfiguration, ValidationException, WebCrawlerConfiguration, @@ -5430,6 +5431,7 @@ const serializeAws_json1_1CreateDataSourceRequest = (input: CreateDataSourceRequ }), ...(input.Description !== undefined && input.Description !== null && { Description: input.Description }), ...(input.IndexId !== undefined && input.IndexId !== null && { IndexId: input.IndexId }), + ...(input.LanguageCode !== undefined && input.LanguageCode !== null && { LanguageCode: input.LanguageCode }), ...(input.Name !== undefined && input.Name !== null && { Name: input.Name }), ...(input.RoleArn !== undefined && input.RoleArn !== null && { RoleArn: input.RoleArn }), ...(input.Schedule !== undefined && input.Schedule !== null && { Schedule: input.Schedule }), @@ -5444,6 +5446,7 @@ const serializeAws_json1_1CreateFaqRequest = (input: CreateFaqRequest, context: ...(input.Description !== undefined && input.Description !== null && { Description: input.Description }), ...(input.FileFormat !== undefined && input.FileFormat !== null && { FileFormat: input.FileFormat }), ...(input.IndexId !== undefined && input.IndexId !== null && { IndexId: input.IndexId }), + ...(input.LanguageCode !== undefined && input.LanguageCode !== null && { LanguageCode: input.LanguageCode }), ...(input.Name !== undefined && input.Name !== null && { Name: input.Name }), ...(input.RoleArn !== undefined && input.RoleArn !== null && { RoleArn: input.RoleArn }), ...(input.S3Path !== undefined && @@ -5469,6 +5472,13 @@ const serializeAws_json1_1CreateIndexRequest = (input: CreateIndexRequest, conte ...(input.Tags !== undefined && input.Tags !== null && { Tags: serializeAws_json1_1TagList(input.Tags, context) }), ...(input.UserContextPolicy !== undefined && input.UserContextPolicy !== null && { UserContextPolicy: input.UserContextPolicy }), + ...(input.UserGroupResolutionConfiguration !== undefined && + input.UserGroupResolutionConfiguration !== null && { + UserGroupResolutionConfiguration: serializeAws_json1_1UserGroupResolutionConfiguration( + input.UserGroupResolutionConfiguration, + context + ), + }), ...(input.UserTokenConfigurations !== undefined && input.UserTokenConfigurations !== null && { UserTokenConfigurations: serializeAws_json1_1UserTokenConfigurationList(input.UserTokenConfigurations, context), @@ -7000,6 +7010,7 @@ const serializeAws_json1_1UpdateDataSourceRequest = (input: UpdateDataSourceRequ ...(input.Description !== undefined && input.Description !== null && { Description: input.Description }), ...(input.Id !== undefined && input.Id !== null && { Id: input.Id }), ...(input.IndexId !== undefined && input.IndexId !== null && { IndexId: input.IndexId }), + ...(input.LanguageCode !== undefined && input.LanguageCode !== null && { LanguageCode: input.LanguageCode }), ...(input.Name !== undefined && input.Name !== null && { Name: input.Name }), ...(input.RoleArn !== undefined && input.RoleArn !== null && { RoleArn: input.RoleArn }), ...(input.Schedule !== undefined && input.Schedule !== null && { Schedule: input.Schedule }), @@ -7025,6 +7036,13 @@ const serializeAws_json1_1UpdateIndexRequest = (input: UpdateIndexRequest, conte ...(input.RoleArn !== undefined && input.RoleArn !== null && { RoleArn: input.RoleArn }), ...(input.UserContextPolicy !== undefined && input.UserContextPolicy !== null && { UserContextPolicy: input.UserContextPolicy }), + ...(input.UserGroupResolutionConfiguration !== undefined && + input.UserGroupResolutionConfiguration !== null && { + UserGroupResolutionConfiguration: serializeAws_json1_1UserGroupResolutionConfiguration( + input.UserGroupResolutionConfiguration, + context + ), + }), ...(input.UserTokenConfigurations !== undefined && input.UserTokenConfigurations !== null && { UserTokenConfigurations: serializeAws_json1_1UserTokenConfigurationList(input.UserTokenConfigurations, context), @@ -7109,6 +7127,16 @@ const serializeAws_json1_1UserContext = (input: UserContext, context: __SerdeCon }; }; +const serializeAws_json1_1UserGroupResolutionConfiguration = ( + input: UserGroupResolutionConfiguration, + context: __SerdeContext +): any => { + return { + ...(input.UserGroupResolutionMode !== undefined && + input.UserGroupResolutionMode !== null && { UserGroupResolutionMode: input.UserGroupResolutionMode }), + }; +}; + const serializeAws_json1_1UserTokenConfiguration = (input: UserTokenConfiguration, context: __SerdeContext): any => { return { ...(input.JsonTokenTypeConfiguration !== undefined && @@ -7827,6 +7855,7 @@ const deserializeAws_json1_1DataSourceSummary = (output: any, context: __SerdeCo ? __expectNonNull(__parseEpochTimestamp(__expectNumber(output.CreatedAt))) : undefined, Id: __expectString(output.Id), + LanguageCode: __expectString(output.LanguageCode), Name: __expectString(output.Name), Status: __expectString(output.Status), Type: __expectString(output.Type), @@ -7955,6 +7984,7 @@ const deserializeAws_json1_1DescribeDataSourceResponse = ( ErrorMessage: __expectString(output.ErrorMessage), Id: __expectString(output.Id), IndexId: __expectString(output.IndexId), + LanguageCode: __expectString(output.LanguageCode), Name: __expectString(output.Name), RoleArn: __expectString(output.RoleArn), Schedule: __expectString(output.Schedule), @@ -7978,6 +8008,7 @@ const deserializeAws_json1_1DescribeFaqResponse = (output: any, context: __Serde FileFormat: __expectString(output.FileFormat), Id: __expectString(output.Id), IndexId: __expectString(output.IndexId), + LanguageCode: __expectString(output.LanguageCode), Name: __expectString(output.Name), RoleArn: __expectString(output.RoleArn), S3Path: @@ -8026,6 +8057,10 @@ const deserializeAws_json1_1DescribeIndexResponse = (output: any, context: __Ser ? __expectNonNull(__parseEpochTimestamp(__expectNumber(output.UpdatedAt))) : undefined, UserContextPolicy: __expectString(output.UserContextPolicy), + UserGroupResolutionConfiguration: + output.UserGroupResolutionConfiguration !== undefined && output.UserGroupResolutionConfiguration !== null + ? deserializeAws_json1_1UserGroupResolutionConfiguration(output.UserGroupResolutionConfiguration, context) + : undefined, UserTokenConfigurations: output.UserTokenConfigurations !== undefined && output.UserTokenConfigurations !== null ? deserializeAws_json1_1UserTokenConfigurationList(output.UserTokenConfigurations, context) @@ -8330,6 +8365,7 @@ const deserializeAws_json1_1FaqSummary = (output: any, context: __SerdeContext): : undefined, FileFormat: __expectString(output.FileFormat), Id: __expectString(output.Id), + LanguageCode: __expectString(output.LanguageCode), Name: __expectString(output.Name), Status: __expectString(output.Status), UpdatedAt: @@ -9451,6 +9487,15 @@ const deserializeAws_json1_1Urls = (output: any, context: __SerdeContext): Urls } as any; }; +const deserializeAws_json1_1UserGroupResolutionConfiguration = ( + output: any, + context: __SerdeContext +): UserGroupResolutionConfiguration => { + return { + UserGroupResolutionMode: __expectString(output.UserGroupResolutionMode), + } as any; +}; + const deserializeAws_json1_1UserTokenConfiguration = (output: any, context: __SerdeContext): UserTokenConfiguration => { return { JsonTokenTypeConfiguration: diff --git a/clients/client-kms/README.md b/clients/client-kms/README.md index 68939fd128a3..eb229a50f4cf 100644 --- a/clients/client-kms/README.md +++ b/clients/client-kms/README.md @@ -41,10 +41,11 @@ security credentials that you can use to sign requests.

                                              Logging API Requests

                                              -

                                              KMS supports CloudTrail, a service that logs Amazon Web Services API calls and related events for your Amazon Web Services account and delivers them to an Amazon S3 bucket that you specify. By using the information -collected by CloudTrail, you can determine what requests were made to KMS, who made the request, -when it was made, and so on. To learn more about CloudTrail, including how to turn it on and find -your log files, see the CloudTrail User Guide.

                                              +

                                              KMS supports CloudTrail, a service that logs Amazon Web Services API calls and related events for your +Amazon Web Services account and delivers them to an Amazon S3 bucket that you specify. By using the +information collected by CloudTrail, you can determine what requests were made to KMS, who made +the request, when it was made, and so on. To learn more about CloudTrail, including how to turn it +on and find your log files, see the CloudTrail User Guide.

                                              Additional Resources

                                              @@ -52,9 +53,9 @@ your log files, see the Amazon Web Services Security -Credentials - This topic provides general information about the types of -credentials used to access Amazon Web Services.

                                              +Amazon Web Services +Security Credentials - This topic provides general information about the types +of credentials used to access Amazon Web Services.

                                            • diff --git a/clients/client-kms/src/KMS.ts b/clients/client-kms/src/KMS.ts index 2a06e6dada25..a93c27896aa4 100644 --- a/clients/client-kms/src/KMS.ts +++ b/clients/client-kms/src/KMS.ts @@ -200,10 +200,11 @@ import { KMSClient } from "./KMSClient"; *

                                              * Logging API Requests *

                                              - *

                                              KMS supports CloudTrail, a service that logs Amazon Web Services API calls and related events for your Amazon Web Services account and delivers them to an Amazon S3 bucket that you specify. By using the information - * collected by CloudTrail, you can determine what requests were made to KMS, who made the request, - * when it was made, and so on. To learn more about CloudTrail, including how to turn it on and find - * your log files, see the CloudTrail User Guide.

                                              + *

                                              KMS supports CloudTrail, a service that logs Amazon Web Services API calls and related events for your + * Amazon Web Services account and delivers them to an Amazon S3 bucket that you specify. By using the + * information collected by CloudTrail, you can determine what requests were made to KMS, who made + * the request, when it was made, and so on. To learn more about CloudTrail, including how to turn it + * on and find your log files, see the CloudTrail User Guide.

                                              *

                                              * Additional Resources *

                                              @@ -211,9 +212,9 @@ import { KMSClient } from "./KMSClient"; *
                                                *
                                              • *

                                                - * Amazon Web Services Security - * Credentials - This topic provides general information about the types of - * credentials used to access Amazon Web Services.

                                                + * Amazon Web Services + * Security Credentials - This topic provides general information about the types + * of credentials used to access Amazon Web Services.

                                                *
                                                • *
                                              • *

                                                @@ -259,13 +260,15 @@ import { KMSClient } from "./KMSClient"; */ export class KMS extends KMSClient { /** - *

                                                Cancels the deletion of a KMS key. When this operation succeeds, the key - * state of the KMS key is Disabled. To enable the KMS key, use EnableKey.

                                                - *

                                                For more information about scheduling and canceling deletion of a KMS key, see Deleting KMS keys in the Key Management Service Developer Guide.

                                                + *

                                                Cancels the deletion of a KMS key. When this operation succeeds, the key state of the KMS + * key is Disabled. To enable the KMS key, use EnableKey.

                                                + *

                                                For more information about scheduling and canceling deletion of a KMS key, see Deleting KMS keys in the + * Key Management Service Developer Guide.

                                                *

                                                The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                *

                                                - * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                + * Cross-account + * use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                *

                                                * Required permissions: kms:CancelKeyDeletion (key policy)

                                                *

                                                @@ -303,9 +306,9 @@ export class KMS extends KMSClient { /** *

                                                Connects or reconnects a custom key store to its associated CloudHSM cluster.

                                                - *

                                                The custom key store must be connected before you can create KMS keys - * in the key store or use the KMS keys it contains. You can disconnect and reconnect a custom key - * store at any time.

                                                + *

                                                The custom key store must be connected before you can create KMS keys in the key store or + * use the KMS keys it contains. You can disconnect and reconnect a custom key store at any + * time.

                                                *

                                                To connect a custom key store, its associated CloudHSM cluster must have at least one active * HSM. To get the number of active HSMs in a cluster, use the DescribeClusters operation. To add HSMs * to the cluster, use the CreateHsm operation. Also, the @@ -400,11 +403,12 @@ export class KMS extends KMSClient { *

                                                Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                * *

                                                You can use an alias to identify a KMS key in the KMS console, in the DescribeKey operation and in cryptographic operations, such as Encrypt and - * GenerateDataKey. You can also change the KMS key that's associated with the - * alias (UpdateAlias) or delete the alias (DeleteAlias) at - * any time. These operations don't affect the underlying KMS key.

                                                + * GenerateDataKey. You can also change the KMS key that's associated with + * the alias (UpdateAlias) or delete the alias (DeleteAlias) + * at any time. These operations don't affect the underlying KMS key.

                                                *

                                                You can associate the alias with any customer managed key in the same Amazon Web Services Region. Each - * alias is associated with only one KMS key at a time, but a KMS key can have multiple aliases. A valid KMS key is required. You can't create an alias without a KMS key.

                                                + * alias is associated with only one KMS key at a time, but a KMS key can have multiple aliases. + * A valid KMS key is required. You can't create an alias without a KMS key.

                                                *

                                                The alias must be unique in the account and Region, but you can have aliases with the same * name in different Regions. For detailed information about aliases, see Using aliases in the * Key Management Service Developer Guide.

                                                @@ -421,14 +425,17 @@ export class KMS extends KMSClient { * - *

                                                For details, see Controlling access to aliases in the Key Management Service Developer Guide.

                                                + *

                                                For details, see Controlling access to aliases in the + * Key Management Service Developer Guide.

                                                *

                                                * Related operations: *

                                                @@ -556,7 +563,9 @@ export class KMS extends KMSClient { /** *

                                                Adds a grant to a KMS key.

                                                - *

                                                A grant is a policy instrument that allows Amazon Web Services principals to use KMS keys in cryptographic operations. It also can allow them to view a KMS key (DescribeKey) and create and manage grants. When authorizing access to a KMS key, grants are considered along with key policies and IAM policies. Grants are often used for + *

                                                A grant is a policy instrument that allows Amazon Web Services principals to use + * KMS keys in cryptographic operations. It also can allow them to view a KMS key (DescribeKey) and create and manage grants. When authorizing access to a KMS key, + * grants are considered along with key policies and IAM policies. Grants are often used for * temporary permissions because you can create one, use its permissions, and delete it without * changing your key policies or IAM policies.

                                                *

                                                For detailed information about grants, including grant terminology, see Using grants in the @@ -565,28 +574,29 @@ export class KMS extends KMSClient { * . For examples of working with grants in several * programming languages, see Programming grants.

                                                *

                                                The CreateGrant operation returns a GrantToken and a - * GrantId.

                                                + * GrantId.

                                                *
                                                  *
                                                • - *

                                                  When you create, retire, or revoke a grant, there might be a brief delay, usually less than five minutes, until the grant is available throughout KMS. This state is known as eventual consistency. Once the grant has achieved eventual consistency, the grantee principal - * can use the permissions in the grant without identifying the grant.

                                                  + *

                                                  When you create, retire, or revoke a grant, there might be a brief delay, usually less than five minutes, until the grant is available throughout KMS. This state is known as eventual consistency. Once the grant has achieved eventual consistency, the grantee + * principal can use the permissions in the grant without identifying the grant.

                                                  *

                                                  However, to use the permissions in the grant immediately, use the - * GrantToken that CreateGrant returns. For details, see Using a grant - * token in the + * GrantToken that CreateGrant returns. For details, see Using a + * grant token in the * Key Management Service Developer Guide * .

                                                  *
                                                  • *
                                                • - *

                                                  The CreateGrant operation also returns a GrantId. You can use the - * GrantId and a key identifier to identify the grant in the RetireGrant and RevokeGrant operations. To find the grant - * ID, use the ListGrants or ListRetirableGrants - * operations.

                                                  + *

                                                  The CreateGrant operation also returns a GrantId. You can + * use the GrantId and a key identifier to identify the grant in the RetireGrant and RevokeGrant operations. To find the grant + * ID, use the ListGrants or ListRetirableGrants + * operations.

                                                  *
                                                  • *
                                                *

                                                The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                *

                                                - * Cross-account use: Yes. To perform this operation on a KMS key in a different Amazon Web Services account, specify the key + * Cross-account use: Yes. + * To perform this operation on a KMS key in a different Amazon Web Services account, specify the key * ARN in the value of the KeyId parameter.

                                                *

                                                * Required permissions: kms:CreateGrant (key policy)

                                                @@ -640,20 +650,21 @@ export class KMS extends KMSClient { } /** - *

                                                Creates a unique customer managed KMS key in your Amazon Web Services account and Region.

                                                + *

                                                Creates a unique customer managed KMS key in your Amazon Web Services account and + * Region.

                                                * *

                                                KMS is replacing the term customer master key (CMK) with KMS key and KMS key. The concept has not changed. To prevent breaking changes, KMS is keeping some variations of this term.

                                                *                                                 * - *

                                                You can use the CreateKey operation to create symmetric or asymmetric KMS keys.

                                                + *

                                                You can use the CreateKey operation to create symmetric or asymmetric KMS + * keys.

                                                *
                                                  *
                                                • *

                                                  - * Symmetric KMS keys contain a 256-bit symmetric key that - * never leaves KMS unencrypted. To use the KMS key, you must call KMS. You can use a - * symmetric KMS key to encrypt and decrypt small amounts of data, but they are typically used to - * generate data - * keys and data keys pairs. For details, + * Symmetric KMS keys contain a 256-bit symmetric key + * that never leaves KMS unencrypted. To use the KMS key, you must call KMS. You can use + * a symmetric KMS key to encrypt and decrypt small amounts of data, but they are typically + * used to generate data keys and data keys pairs. For details, * see GenerateDataKey and GenerateDataKeyPair.

                                                  *
                                                  • *
                                                • @@ -661,9 +672,9 @@ export class KMS extends KMSClient { * Asymmetric KMS keys can contain an RSA key pair or an * Elliptic Curve (ECC) key pair. The private key in an asymmetric KMS key never leaves KMS * unencrypted. However, you can use the GetPublicKey operation to download - * the public key so it can be used outside of KMS. KMS keys with RSA key pairs can be used to - * encrypt or decrypt data or sign and verify messages (but not both). KMS keys with ECC key - * pairs can be used only to sign and verify messages.

                                                  + * the public key so it can be used outside of KMS. KMS keys with RSA key pairs can be used + * to encrypt or decrypt data or sign and verify messages (but not both). KMS keys with ECC + * key pairs can be used only to sign and verify messages.

                                                  *
                                                  • *
                                                *

                                                For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                @@ -694,8 +705,8 @@ export class KMS extends KMSClient { *
                                                *

                                                To create a multi-Region primary key in the local Amazon Web Services Region, * use the MultiRegion parameter with a value of True. To create - * a multi-Region replica key, that is, a KMS key with the same key ID and - * key material as a primary key, but in a different Amazon Web Services Region, use the ReplicateKey operation. To change a replica key to a primary key, and its + * a multi-Region replica key, that is, a KMS key with the same key ID + * and key material as a primary key, but in a different Amazon Web Services Region, use the ReplicateKey operation. To change a replica key to a primary key, and its * primary key to a replica key, use the UpdatePrimaryRegion * operation.

                                                *

                                                This operation supports multi-Region keys, an KMS feature that lets you create multiple @@ -736,13 +747,14 @@ export class KMS extends KMSClient { *

                                                * *

                                                - * Cross-account use: No. You cannot use this operation to + * Cross-account use: No. You cannot use this operation to * create a KMS key in a different Amazon Web Services account.

                                                * *

                                                * Required permissions: kms:CreateKey (IAM policy). To use the * Tags parameter, kms:TagResource (IAM policy). For examples and information about related - * permissions, see Allow a user to create KMS keys in the Key Management Service Developer Guide.

                                                + * permissions, see Allow a user to create + * KMS keys in the Key Management Service Developer Guide.

                                                *

                                                * Related operations: *

                                                @@ -788,8 +800,8 @@ export class KMS extends KMSClient { } /** - *

                                                Decrypts ciphertext that was encrypted by a KMS key using any of - * the following operations:

                                                + *

                                                Decrypts ciphertext that was encrypted by a KMS key using any of the following + * operations:

                                                *
                                                  *
                                                • *

                                                  @@ -818,33 +830,36 @@ export class KMS extends KMSClient { *

                                                  • *
                                                *

                                                You can use this operation to decrypt ciphertext that was encrypted under a symmetric or - * asymmetric KMS key. When the KMS key is asymmetric, you must specify the KMS key and the encryption - * algorithm that was used to encrypt the ciphertext. For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                + * asymmetric KMS key. When the KMS key is asymmetric, you must specify the KMS key and the + * encryption algorithm that was used to encrypt the ciphertext. For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                *

                                                The Decrypt operation also decrypts ciphertext that was encrypted outside of KMS by the - * public key in an KMS asymmetric KMS key. However, it cannot decrypt ciphertext produced by other - * libraries, such as the Amazon Web Services Encryption - * SDK or Amazon S3 client-side encryption. These libraries return a ciphertext format that - * is incompatible with KMS.

                                                - *

                                                If the ciphertext was encrypted under a symmetric KMS key, the KeyId parameter is - * optional. KMS can get this information from metadata that it adds to the symmetric - * ciphertext blob. This feature adds durability to your implementation by ensuring that - * authorized users can decrypt ciphertext decades after it was encrypted, even if they've lost - * track of the key ID. However, specifying the KMS key is always recommended as a best practice. - * When you use the KeyId parameter to specify a KMS key, KMS only uses the KMS key you - * specify. If the ciphertext was encrypted under a different KMS key, the Decrypt - * operation fails. This practice ensures that you use the KMS key that you intend.

                                                + * public key in an KMS asymmetric KMS key. However, it cannot decrypt ciphertext produced by + * other libraries, such as the Amazon Web Services + * Encryption SDK or Amazon S3 client-side encryption. + * These libraries return a ciphertext format that is incompatible with KMS.

                                                + *

                                                If the ciphertext was encrypted under a symmetric KMS key, the KeyId + * parameter is optional. KMS can get this information from metadata that it adds to the + * symmetric ciphertext blob. This feature adds durability to your implementation by ensuring + * that authorized users can decrypt ciphertext decades after it was encrypted, even if they've + * lost track of the key ID. However, specifying the KMS key is always recommended as a best + * practice. When you use the KeyId parameter to specify a KMS key, KMS only uses + * the KMS key you specify. If the ciphertext was encrypted under a different KMS key, the + * Decrypt operation fails. This practice ensures that you use the KMS key that + * you intend.

                                                *

                                                Whenever possible, use key policies to give users permission to call the * Decrypt operation on a particular KMS key, instead of using IAM policies. * Otherwise, you might create an IAM user policy that gives the user Decrypt - * permission on all KMS keys. This user could decrypt ciphertext that was encrypted by KMS keys in other - * accounts if the key policy for the cross-account KMS key permits it. If you must use an IAM policy - * for Decrypt permissions, limit the user to particular KMS keys or particular trusted - * accounts. For details, see Best practices for IAM policies in the Key Management Service Developer Guide.

                                                + * permission on all KMS keys. This user could decrypt ciphertext that was encrypted by KMS keys + * in other accounts if the key policy for the cross-account KMS key permits it. If you must use + * an IAM policy for Decrypt permissions, limit the user to particular KMS keys or + * particular trusted accounts. For details, see Best practices for IAM + * policies in the Key Management Service Developer Guide.

                                                *

                                                Applications in Amazon Web Services Nitro Enclaves can call this operation by using the Amazon Web Services Nitro Enclaves Development Kit. For information about the supporting parameters, see How Amazon Web Services Nitro Enclaves use KMS in the Key Management Service Developer Guide.

                                                *

                                                The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                *

                                                - * Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify + * Cross-account + * use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify * the key ARN or alias ARN in the value of the KeyId parameter.

                                                * *

                                                @@ -899,14 +914,15 @@ export class KMS extends KMSClient { } /** - *

                                                Deletes the specified alias.

                                                + *

                                                Deletes the specified alias.

                                                * *

                                                Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                *                                                 - *

                                                Because an alias is not a property of a KMS key, you can delete and change the aliases of a KMS key without affecting the KMS key. Also, aliases do not appear in the response from the DescribeKey operation. To get the aliases of all KMS keys, use the ListAliases operation.

                                                + *

                                                Because an alias is not a property of a KMS key, you can delete and change the aliases of + * a KMS key without affecting the KMS key. Also, aliases do not appear in the response from the + * DescribeKey operation. To get the aliases of all KMS keys, use the ListAliases operation.

                                                *

                                                Each KMS key can have multiple aliases. To change the alias of a KMS key, use DeleteAlias to delete the current alias and CreateAlias to - * create a new alias. To associate an existing alias with a different KMS key, - * call UpdateAlias.

                                                + * create a new alias. To associate an existing alias with a different KMS key, call UpdateAlias.

                                                *

                                                * Cross-account use: No. You cannot perform this operation on an alias in a different Amazon Web Services account.

                                                *

                                                @@ -915,14 +931,17 @@ export class KMS extends KMSClient { *

                                                - *

                                                For details, see Controlling access to aliases in the Key Management Service Developer Guide.

                                                + *

                                                For details, see Controlling access to aliases in the + * Key Management Service Developer Guide.

                                                *

                                                * Related operations: *

                                                @@ -970,16 +989,15 @@ export class KMS extends KMSClient { /** *

                                                Deletes a custom key store. This operation does not delete the CloudHSM cluster that is * associated with the custom key store, or affect any users or keys in the cluster.

                                                - *

                                                The custom key store that you delete cannot contain any KMS KMS keys. Before - * deleting the key store, verify that you will never need to use any of the KMS keys in the key - * store for any cryptographic operations. Then, use ScheduleKeyDeletion to delete the - * KMS keys from the key store. When the scheduled waiting period - * expires, the ScheduleKeyDeletion operation deletes the KMS keys. Then it makes a best - * effort to delete the key material from the associated cluster. However, you might need to - * manually delete the orphaned key + *

                                                The custom key store that you delete cannot contain any KMS KMS keys. Before deleting the key store, + * verify that you will never need to use any of the KMS keys in the key store for any + * cryptographic operations. Then, use ScheduleKeyDeletion to delete the KMS keys from the + * key store. When the scheduled waiting period expires, the ScheduleKeyDeletion + * operation deletes the KMS keys. Then it makes a best effort to delete the key material from + * the associated cluster. However, you might need to manually delete the orphaned key * material from the cluster and its backups.

                                                - *

                                                After all KMS keys are deleted from KMS, use DisconnectCustomKeyStore to - * disconnect the key store from KMS. Then, you can delete the custom key store.

                                                + *

                                                After all KMS keys are deleted from KMS, use DisconnectCustomKeyStore + * to disconnect the key store from KMS. Then, you can delete the custom key store.

                                                *

                                                Instead of deleting the custom key store, consider using DisconnectCustomKeyStore to disconnect it from KMS. While the key store is * disconnected, you cannot create or use the KMS keys in the key store. But, you do not need to * delete KMS keys and you can reconnect a disconnected custom key store at any time.

                                                @@ -988,9 +1006,9 @@ export class KMS extends KMSClient { *

                                                This operation is part of the Custom Key Store feature feature in KMS, which * combines the convenience and extensive integration of KMS with the isolation and control of a * single-tenant key store.

                                                - * *

                                                - * Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.

                                                + * Cross-account use: No. + * You cannot perform this operation on a custom key store in a different Amazon Web Services account.

                                                * *

                                                * Required permissions: kms:DeleteCustomKeyStore (IAM policy)

                                                @@ -1055,12 +1073,11 @@ export class KMS extends KMSClient { } /** - *

                                                Deletes key material that you previously imported. This operation makes the specified - * KMS key unusable. For more information about importing key material into - * KMS, see Importing Key - * Material in the Key Management Service Developer Guide.

                                                - *

                                                When the specified KMS key is in the PendingDeletion state, this operation does - * not change the KMS key's state. Otherwise, it changes the KMS key's state to + *

                                                Deletes key material that you previously imported. This operation makes the specified KMS + * key unusable. For more information about importing key material into KMS, see Importing Key Material + * in the Key Management Service Developer Guide.

                                                + *

                                                When the specified KMS key is in the PendingDeletion state, this operation + * does not change the KMS key's state. Otherwise, it changes the KMS key's state to * PendingImport.

                                                *

                                                After you delete key material, you can use ImportKeyMaterial to reimport * the same key material into the KMS key.

                                                @@ -1121,10 +1138,10 @@ export class KMS extends KMSClient { *

                                                This operation is part of the Custom Key Store feature feature in KMS, which * combines the convenience and extensive integration of KMS with the isolation and control of a * single-tenant key store.

                                                - *

                                                By default, this operation returns information about all custom key stores in the account and - * Region. To get only information about a particular custom key store, use either the - * CustomKeyStoreName or CustomKeyStoreId parameter (but not - * both).

                                                + *

                                                By default, this operation returns information about all custom key + * stores in the account and Region. To get only information about a particular custom key store, + * use either the CustomKeyStoreName or CustomKeyStoreId parameter (but + * not both).

                                                *

                                                To determine whether the custom key store is connected to its CloudHSM cluster, use the * ConnectionState element in the response. If an attempt to connect the custom * key store failed, the ConnectionState value is FAILED and the @@ -1202,16 +1219,17 @@ export class KMS extends KMSClient { } /** - *

                                                Provides detailed information about a KMS key. You can run - * DescribeKey on a customer managed key or an Amazon Web Services managed key.

                                                + *

                                                Provides detailed information about a KMS key. You can run DescribeKey on a + * customer managed + * key or an Amazon Web Services managed key.

                                                *

                                                This detailed information includes the key ARN, creation date (and deletion date, if * applicable), the key state, and the origin and expiration date (if any) of the key material. * It includes fields, like KeySpec, that help you distinguish symmetric from * asymmetric KMS keys. It also provides information that is particularly important to asymmetric * keys, such as the key usage (encryption or signing) and the encryption algorithms or signing - * algorithms that the KMS key supports. For KMS keys in custom key stores, it includes information about - * the custom key store, such as the key store ID and the CloudHSM cluster ID. For multi-Region - * keys, it displays the primary key and all related replica keys.

                                                + * algorithms that the KMS key supports. For KMS keys in custom key stores, it includes + * information about the custom key store, such as the key store ID and the CloudHSM cluster ID. For + * multi-Region keys, it displays the primary key and all related replica keys.

                                                *

                                                * DescribeKey does not return the following information:

                                                *
                                                  @@ -1220,8 +1238,8 @@ export class KMS extends KMSClient { * *
                                                • *

                                                  Whether automatic key rotation is enabled on the KMS key. To get this information, use - * GetKeyRotationStatus. Also, some key states prevent a KMS key from being - * automatically rotated. For details, see How Automatic Key Rotation + * GetKeyRotationStatus. Also, some key states prevent a KMS key from + * being automatically rotated. For details, see How Automatic Key Rotation * Works in Key Management Service Developer Guide.

                                                  *
                                                  • *
                                                • @@ -1231,9 +1249,10 @@ export class KMS extends KMSClient { *

                                                  Key policies and grants on the KMS key. To get this information, use GetKeyPolicy and ListGrants.

                                                  *
                                                  • *
                                                - *

                                                If you call the DescribeKey operation on a predefined Amazon Web Services alias, that is, an Amazon Web Services alias with no key ID, KMS creates an Amazon Web Services managed key. - * Then, it associates the alias with the new KMS key, and returns the KeyId and - * Arn of the new KMS key in the response.

                                                + *

                                                If you call the DescribeKey operation on a predefined Amazon Web Services + * alias, that is, an Amazon Web Services alias with no key ID, KMS creates an Amazon Web Services managed + * key. Then, it associates the alias with the new KMS key, and returns the + * KeyId and Arn of the new KMS key in the response.

                                                *

                                                * Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify * the key ARN or alias ARN in the value of the KeyId parameter.

                                                @@ -1305,14 +1324,15 @@ export class KMS extends KMSClient { } /** - *

                                                Sets the state of a KMS key to disabled. This change temporarily - * prevents use of the KMS key for cryptographic operations.

                                                - *

                                                For more information about how key state affects the use of a KMS key, see Key state: Effect on your KMS key in the + *

                                                Sets the state of a KMS key to disabled. This change temporarily prevents use of the KMS + * key for cryptographic operations.

                                                + *

                                                For more information about how key state affects the use of a KMS key, see Key state: Effect on your KMS + * key in the * Key Management Service Developer Guide * .

                                                *

                                                The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                - *

                                                + *

                                                * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                * *

                                                @@ -1351,7 +1371,8 @@ export class KMS extends KMSClient { *

                                                The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                *

                                                - * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                + * Cross-account + * use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                * *

                                                * Required permissions: kms:DisableKeyRotation (key policy)

                                                @@ -1402,8 +1423,9 @@ export class KMS extends KMSClient { /** *

                                                Disconnects the custom key store from its associated CloudHSM cluster. While a custom key - * store is disconnected, you can manage the custom key store and its KMS keys, but you cannot create or use KMS keys in the custom key store. You can reconnect the - * custom key store at any time.

                                                + * store is disconnected, you can manage the custom key store and its KMS keys, but you cannot + * create or use KMS keys in the custom key store. You can reconnect the custom key store at any + * time.

                                                * *

                                                While a custom key store is disconnected, all attempts to create KMS keys in the custom key store or to use existing KMS keys in cryptographic operations will * fail. This action can prevent users from storing and accessing sensitive data.

                                                @@ -1417,8 +1439,9 @@ export class KMS extends KMSClient { * combines the convenience and extensive integration of KMS with the isolation and control of a * single-tenant key store.

                                                * - *

                                                - * Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.

                                                + *

                                                + * Cross-account use: No. + * You cannot perform this operation on a custom key store in a different Amazon Web Services account.

                                                * *

                                                * Required permissions: kms:DisconnectCustomKeyStore (IAM policy)

                                                @@ -1483,11 +1506,13 @@ export class KMS extends KMSClient { } /** - *

                                                Sets the key state of a KMS key to enabled. This allows you to use the KMS key for cryptographic operations.

                                                + *

                                                Sets the key state of a KMS key to enabled. This allows you to use the KMS key for + * cryptographic operations.

                                                *

                                                The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                *

                                                - * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                + * Cross-account + * use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                * *

                                                * Required permissions: kms:EnableKey (key policy)

                                                @@ -1525,7 +1550,8 @@ export class KMS extends KMSClient { *

                                                The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                *

                                                - * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                + * Cross-account + * use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                * *

                                                * Required permissions: kms:EnableKeyRotation (key policy)

                                                @@ -1575,19 +1601,20 @@ export class KMS extends KMSClient { } /** - *

                                                Encrypts plaintext into ciphertext by using a KMS key. The - * Encrypt operation has two primary use cases:

                                                + *

                                                Encrypts plaintext into ciphertext by using a KMS key. The Encrypt operation + * has two primary use cases:

                                                *
                                                  *
                                                • *

                                                  You can encrypt small amounts of arbitrary data, such as a personal identifier or * database password, or other sensitive information.

                                                  *
                                                  • *
                                                • - *

                                                  You can use the Encrypt operation to move encrypted data from one Amazon Web Services Region to another. For example, in Region A, generate a data key and use the plaintext key to encrypt - * your data. Then, in Region A, use the Encrypt operation to encrypt the - * plaintext data key under a KMS key in Region B. Now, you can move the encrypted data and the - * encrypted data key to Region B. When necessary, you can decrypt the encrypted data key and - * the encrypted data entirely within in Region B.

                                                  + *

                                                  You can use the Encrypt operation to move encrypted data from one Amazon Web Services + * Region to another. For example, in Region A, generate a data key and use the plaintext key + * to encrypt your data. Then, in Region A, use the Encrypt operation to encrypt + * the plaintext data key under a KMS key in Region B. Now, you can move the encrypted data + * and the encrypted data key to Region B. When necessary, you can decrypt the encrypted data + * key and the encrypted data entirely within in Region B.

                                                  *
                                                  • *
                                                * @@ -1598,10 +1625,10 @@ export class KMS extends KMSClient { * encryption operation. The KMS key must have a KeyUsage value of * ENCRYPT_DECRYPT. To find the KeyUsage of a KMS key, use the DescribeKey operation.

                                                * - *

                                                If you use a symmetric KMS key, you can use an encryption context to add additional security - * to your encryption operation. If you specify an EncryptionContext when encrypting - * data, you must specify the same encryption context (a case-sensitive exact match) when - * decrypting the data. Otherwise, the request to decrypt fails with an + *

                                                If you use a symmetric KMS key, you can use an encryption context to add additional + * security to your encryption operation. If you specify an EncryptionContext when + * encrypting data, you must specify the same encryption context (a case-sensitive exact match) + * when decrypting the data. Otherwise, the request to decrypt fails with an * InvalidCiphertextException. For more information, see Encryption * Context in the Key Management Service Developer Guide.

                                                *

                                                If you specify an asymmetric KMS key, you must also specify the encryption algorithm. The @@ -1673,7 +1700,8 @@ export class KMS extends KMSClient { *

                                                The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                *

                                                - * Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify + * Cross-account use: Yes. + * To perform this operation with a KMS key in a different Amazon Web Services account, specify * the key ARN or alias ARN in the value of the KeyId parameter.

                                                * *

                                                @@ -1724,19 +1752,19 @@ export class KMS extends KMSClient { /** *

                                                Generates a unique symmetric data key for client-side encryption. This operation returns a - * plaintext copy of the data key and a copy that is encrypted under a KMS key - * that you specify. You can use the plaintext key to encrypt your data outside of KMS and - * store the encrypted data key with the encrypted data.

                                                + * plaintext copy of the data key and a copy that is encrypted under a KMS key that you specify. + * You can use the plaintext key to encrypt your data outside of KMS and store the encrypted + * data key with the encrypted data.

                                                * *

                                                * GenerateDataKey returns a unique data key for each request. The bytes in the * plaintext key are not related to the caller or the KMS key.

                                                * - *

                                                To generate a data key, specify the symmetric KMS key that will be used to encrypt the data - * key. You cannot use an asymmetric KMS key to generate data keys. To get the type of your KMS key, use - * the DescribeKey operation. You must also specify the length of the data key. - * Use either the KeySpec or NumberOfBytes parameters (but not both). - * For 128-bit and 256-bit data keys, use the KeySpec parameter.

                                                + *

                                                To generate a data key, specify the symmetric KMS key that will be used to encrypt the + * data key. You cannot use an asymmetric KMS key to generate data keys. To get the type of your + * KMS key, use the DescribeKey operation. You must also specify the length of + * the data key. Use either the KeySpec or NumberOfBytes parameters + * (but not both). For 128-bit and 256-bit data keys, use the KeySpec parameter.

                                                * *

                                                To get only an encrypted copy of the data key, use GenerateDataKeyWithoutPlaintext. To generate an asymmetric data key pair, use * the GenerateDataKeyPair or GenerateDataKeyPairWithoutPlaintext operation. To get a cryptographically secure @@ -1751,11 +1779,14 @@ export class KMS extends KMSClient { *

                                                The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                *

                                                - * How to use your data key + * How to use your data + * key *

                                                - *

                                                We recommend that you use the following pattern to encrypt data locally in your application. - * You can write your own code or use a client-side encryption library, such as the Amazon Web Services Encryption SDK, the Amazon DynamoDB Encryption Client, or - * Amazon S3 + *

                                                We recommend that you use the following pattern to encrypt data locally in your + * application. You can write your own code or use a client-side encryption library, such as the + * Amazon Web Services Encryption SDK, the + * Amazon DynamoDB Encryption Client, + * or Amazon S3 * client-side encryption to do these tasks for you.

                                                *

                                                To encrypt data outside of KMS:

                                                *
                                                  @@ -1851,20 +1882,21 @@ export class KMS extends KMSClient { /** *

                                                  Generates a unique asymmetric data key pair. The GenerateDataKeyPair * operation returns a plaintext public key, a plaintext private key, and a copy of the private - * key that is encrypted under the symmetric KMS key you specify. You can use the data key pair to - * perform asymmetric cryptography and implement digital signatures outside of KMS.

                                                  + * key that is encrypted under the symmetric KMS key you specify. You can use the data key pair + * to perform asymmetric cryptography and implement digital signatures outside of KMS.

                                                  * *

                                                  You can use the public key that GenerateDataKeyPair returns to encrypt data * or verify a signature outside of KMS. Then, store the encrypted private key with the data. * When you are ready to decrypt data or sign a message, you can use the Decrypt operation to decrypt the encrypted private key.

                                                  * - *

                                                  To generate a data key pair, you must specify a symmetric KMS key to - * encrypt the private key in a data key pair. You cannot use an asymmetric KMS key or a KMS key in a - * custom key store. To get the type and origin of your KMS key, use the DescribeKey operation.

                                                  + *

                                                  To generate a data key pair, you must specify a symmetric KMS key to encrypt the private + * key in a data key pair. You cannot use an asymmetric KMS key or a KMS key in a custom key + * store. To get the type and origin of your KMS key, use the DescribeKey + * operation.

                                                  *

                                                  Use the KeyPairSpec parameter to choose an RSA or Elliptic Curve (ECC) data - * key pair. KMS recommends that your use ECC key pairs for signing, and use RSA key pairs - * for either encryption or signing, but not both. However, KMS cannot enforce any restrictions - * on the use of data key pairs outside of KMS.

                                                  + * key pair. KMS recommends that your use ECC key pairs for signing, and use RSA key pairs for + * either encryption or signing, but not both. However, KMS cannot enforce any restrictions on + * the use of data key pairs outside of KMS.

                                                  * *

                                                  If you are using the data key pair to encrypt data, or for any operation where you don't * immediately need a private key, consider using the GenerateDataKeyPairWithoutPlaintext operation. @@ -1876,10 +1908,10 @@ export class KMS extends KMSClient { * *

                                                  * GenerateDataKeyPair returns a unique data key pair for each request. The - * bytes in the keys are not related to the caller or the KMS key that is used to encrypt the private - * key. The public key is a DER-encoded X.509 SubjectPublicKeyInfo, as specified in RFC 5280. The - * private key is a DER-encoded PKCS8 PrivateKeyInfo, as specified in RFC - * 5958.

                                                  + * bytes in the keys are not related to the caller or the KMS key that is used to encrypt the + * private key. The public key is a DER-encoded X.509 SubjectPublicKeyInfo, as specified in + * RFC 5280. The private key is a + * DER-encoded PKCS8 PrivateKeyInfo, as specified in RFC 5958.

                                                  * *

                                                  You can use the optional encryption context to add additional security to the encryption * operation. If you specify an EncryptionContext, you must specify the same @@ -1889,7 +1921,8 @@ export class KMS extends KMSClient { *

                                                  The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                  *

                                                  - * Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify + * Cross-account + * use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify * the key ARN or alias ARN in the value of the KeyId parameter.

                                                  * *

                                                  @@ -1957,23 +1990,24 @@ export class KMS extends KMSClient { /** *

                                                  Generates a unique asymmetric data key pair. The * GenerateDataKeyPairWithoutPlaintext operation returns a plaintext public key - * and a copy of the private key that is encrypted under the symmetric KMS key you specify. Unlike - * GenerateDataKeyPair, this operation does not return a plaintext private - * key.

                                                  + * and a copy of the private key that is encrypted under the symmetric KMS key you specify. + * Unlike GenerateDataKeyPair, this operation does not return a plaintext + * private key.

                                                  *

                                                  You can use the public key that GenerateDataKeyPairWithoutPlaintext returns * to encrypt data or verify a signature outside of KMS. Then, store the encrypted private key * with the data. When you are ready to decrypt data or sign a message, you can use the Decrypt operation to decrypt the encrypted private key.

                                                  - *

                                                  To generate a data key pair, you must specify a symmetric KMS key to - * encrypt the private key in a data key pair. You cannot use an asymmetric KMS key or a KMS key in a - * custom key store. To get the type and origin of your KMS key, use the DescribeKey operation.

                                                  + *

                                                  To generate a data key pair, you must specify a symmetric KMS key to encrypt the private + * key in a data key pair. You cannot use an asymmetric KMS key or a KMS key in a custom key + * store. To get the type and origin of your KMS key, use the DescribeKey + * operation.

                                                  *

                                                  Use the KeyPairSpec parameter to choose an RSA or Elliptic Curve (ECC) data - * key pair. KMS recommends that your use ECC key pairs for signing, and use RSA key pairs - * for either encryption or signing, but not both. However, KMS cannot enforce any restrictions - * on the use of data key pairs outside of KMS.

                                                  + * key pair. KMS recommends that your use ECC key pairs for signing, and use RSA key pairs for + * either encryption or signing, but not both. However, KMS cannot enforce any restrictions on + * the use of data key pairs outside of KMS.

                                                  *

                                                  * GenerateDataKeyPairWithoutPlaintext returns a unique data key pair for each - * request. The bytes in the key are not related to the caller or KMS key that is used to encrypt the - * private key. The public key is a DER-encoded X.509 SubjectPublicKeyInfo, as specified in + * request. The bytes in the key are not related to the caller or KMS key that is used to encrypt + * the private key. The public key is a DER-encoded X.509 SubjectPublicKeyInfo, as specified in * RFC 5280.

                                                  * *

                                                  You can use the optional encryption context to add additional security to the encryption @@ -1984,11 +2018,13 @@ export class KMS extends KMSClient { *

                                                  The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                  *

                                                  - * Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify + * Cross-account + * use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify * the key ARN or alias ARN in the value of the KeyId parameter.

                                                  * *

                                                  - * Required permissions: kms:GenerateDataKeyPairWithoutPlaintext (key policy)

                                                  + * Required permissions: kms:GenerateDataKeyPairWithoutPlaintext (key + * policy)

                                                  *

                                                  * Related operations: *

                                                  @@ -2051,8 +2087,8 @@ export class KMS extends KMSClient { /** *

                                                  Generates a unique symmetric data key. This operation returns a data key that is encrypted - * under a KMS key that you specify. To request an asymmetric data key pair, - * use the GenerateDataKeyPair or GenerateDataKeyPairWithoutPlaintext operations.

                                                  + * under a KMS key that you specify. To request an asymmetric data key pair, use the GenerateDataKeyPair or GenerateDataKeyPairWithoutPlaintext + * operations.

                                                  *

                                                  * GenerateDataKeyWithoutPlaintext is identical to the GenerateDataKey operation except that returns only the encrypted copy of the * data key. This operation is useful for systems that need to encrypt data at some point, but @@ -2067,12 +2103,12 @@ export class KMS extends KMSClient { * plaintext data key.

                                                  *

                                                  * GenerateDataKeyWithoutPlaintext returns a unique data key for each request. - * The bytes in the keys are not related to the caller or KMS key that is used to encrypt the private - * key.

                                                  + * The bytes in the keys are not related to the caller or KMS key that is used to encrypt the + * private key.

                                                  * - *

                                                  To generate a data key, you must specify the symmetric KMS key that is - * used to encrypt the data key. You cannot use an asymmetric KMS key to generate a data key. To get - * the type of your KMS key, use the DescribeKey operation.

                                                  + *

                                                  To generate a data key, you must specify the symmetric KMS key that is used to encrypt the + * data key. You cannot use an asymmetric KMS key to generate a data key. To get the type of your + * KMS key, use the DescribeKey operation.

                                                  * *

                                                  If the operation succeeds, you will find the encrypted copy of the data key in the * CiphertextBlob field.

                                                  @@ -2085,11 +2121,13 @@ export class KMS extends KMSClient { *

                                                  The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                  *

                                                  - * Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify + * Cross-account + * use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify * the key ARN or alias ARN in the value of the KeyId parameter.

                                                  * *

                                                  - * Required permissions: kms:GenerateDataKeyWithoutPlaintext (key policy)

                                                  + * Required permissions: kms:GenerateDataKeyWithoutPlaintext (key + * policy)

                                                  *

                                                  * Related operations: *

                                                  @@ -2156,7 +2194,8 @@ export class KMS extends KMSClient { * the CloudHSM cluster that is associated with a custom key store, specify the custom key store * ID.

                                                  *

                                                  Applications in Amazon Web Services Nitro Enclaves can call this operation by using the Amazon Web Services Nitro Enclaves Development Kit. For information about the supporting parameters, see How Amazon Web Services Nitro Enclaves use KMS in the Key Management Service Developer Guide.

                                                  - *

                                                  For more information about entropy and random number generation, see Key Management Service Cryptographic Details.

                                                  + *

                                                  For more information about entropy and random number generation, see + * Key Management Service Cryptographic Details.

                                                  * *

                                                  * Required permissions: kms:GenerateRandom (IAM policy)

                                                  @@ -2230,7 +2269,8 @@ export class KMS extends KMSClient { /** *

                                                  Gets a Boolean value that indicates whether automatic rotation of the key material is * enabled for the specified KMS key.

                                                  - *

                                                  You cannot enable automatic rotation of asymmetric KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key. The key rotation status for these KMS keys is always false.

                                                  + *

                                                  You cannot enable automatic rotation of asymmetric KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key. The key rotation status for these KMS keys is always + * false.

                                                  *

                                                  The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                  *
                                                    @@ -2296,16 +2336,15 @@ export class KMS extends KMSClient { } /** - *

                                                    Returns the items you need to import key material into a symmetric, customer managed - * KMS key. For more information about importing key material into KMS, see - * Importing Key - * Material in the Key Management Service Developer Guide.

                                                    + *

                                                    Returns the items you need to import key material into a symmetric, customer managed KMS + * key. For more information about importing key material into KMS, see Importing Key Material + * in the Key Management Service Developer Guide.

                                                    *

                                                    This operation returns a public key and an import token. Use the public key to encrypt the * symmetric key material. Store the import token to send with a subsequent ImportKeyMaterial request.

                                                    - *

                                                    You must specify the key ID of the symmetric KMS key into which you will import key material. - * This KMS key's Origin must be EXTERNAL. You must also specify the - * wrapping algorithm and type of wrapping key (public key) that you will use to encrypt the key - * material. You cannot perform this operation on an asymmetric KMS key or on any KMS key in a different Amazon Web Services account.

                                                    + *

                                                    You must specify the key ID of the symmetric KMS key into which you will import key + * material. This KMS key's Origin must be EXTERNAL. You must also + * specify the wrapping algorithm and type of wrapping key (public key) that you will use to + * encrypt the key material. You cannot perform this operation on an asymmetric KMS key or on any KMS key in a different Amazon Web Services account.

                                                    *

                                                    To import key material, you must use the public key and import token from the same * response. These items are valid for 24 hours. The expiration date and time appear in the * GetParametersForImport response. You cannot use an expired token in an ImportKeyMaterial request. If your key and token expire, send another @@ -2363,10 +2402,11 @@ export class KMS extends KMSClient { } /** - *

                                                    Returns the public key of an asymmetric KMS key. Unlike the private key of a asymmetric KMS key, - * which never leaves KMS unencrypted, callers with kms:GetPublicKey permission - * can download the public key of an asymmetric KMS key. You can share the public key to allow others - * to encrypt messages and verify signatures outside of KMS. For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                    + *

                                                    Returns the public key of an asymmetric KMS key. Unlike the private key of a asymmetric + * KMS key, which never leaves KMS unencrypted, callers with kms:GetPublicKey + * permission can download the public key of an asymmetric KMS key. You can share the public key + * to allow others to encrypt messages and verify signatures outside of KMS. + * For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                    *

                                                    You do not need to download the public key. Instead, you can use the public key within * KMS by calling the Encrypt, ReEncrypt, or Verify operations with the identifier of an asymmetric KMS key. When you use the * public key within KMS, you benefit from the authentication, authorization, and logging that @@ -2400,7 +2440,8 @@ export class KMS extends KMSClient { *

                                                    The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                    *

                                                    - * Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify + * Cross-account use: + * Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify * the key ARN or alias ARN in the value of the KeyId parameter.

                                                    * *

                                                    @@ -2436,12 +2477,12 @@ export class KMS extends KMSClient { } /** - *

                                                    Imports key material into an existing symmetric KMS KMS key that was - * created without key material. After you successfully import key material into a KMS key, you can - * reimport the same key material into that KMS key, but you cannot import different key + *

                                                    Imports key material into an existing symmetric KMS KMS key that was created without key + * material. After you successfully import key material into a KMS key, you can reimport + * the same key material into that KMS key, but you cannot import different key * material.

                                                    - *

                                                    You cannot perform this operation on an asymmetric KMS key or on any KMS key in a different Amazon Web Services account. For more information about creating KMS keys with no key material and - * then importing key material, see Importing Key Material in the + *

                                                    You cannot perform this operation on an asymmetric KMS key or on any KMS key in a different Amazon Web Services account. For more information about creating KMS keys with no key material + * and then importing key material, see Importing Key Material in the * Key Management Service Developer Guide.

                                                    *

                                                    Before using this operation, call GetParametersForImport. Its response * includes a public key and an import token. Use the public key to encrypt the key material. @@ -2450,8 +2491,8 @@ export class KMS extends KMSClient { *

                                                    When calling this operation, you must specify the following values:

                                                    *
                                                      *
                                                    • - *

                                                      The key ID or key ARN of a KMS key with no key material. Its Origin must be - * EXTERNAL.

                                                      + *

                                                      The key ID or key ARN of a KMS key with no key material. Its Origin must + * be EXTERNAL.

                                                      *

                                                      To create a KMS key with no key material, call CreateKey and set the * value of its Origin parameter to EXTERNAL. To get the * Origin of a KMS key, call DescribeKey.)

                                                      @@ -2466,17 +2507,17 @@ export class KMS extends KMSClient { *
                                                      • *
                                                    • *

                                                      Whether the key material expires and if so, when. If you set an expiration date, KMS - * deletes the key material from the KMS key on the specified date, and the KMS key becomes unusable. - * To use the KMS key again, you must reimport the same key material. The only way to change an - * expiration date is by reimporting the same key material and specifying a new expiration - * date.

                                                      + * deletes the key material from the KMS key on the specified date, and the KMS key becomes + * unusable. To use the KMS key again, you must reimport the same key material. The only way + * to change an expiration date is by reimporting the same key material and specifying a new + * expiration date.

                                                      *
                                                      • *
                                                    *

                                                    When this operation is successful, the key state of the KMS key changes from * PendingImport to Enabled, and you can use the KMS key.

                                                    *

                                                    If this operation fails, use the exception to help determine the problem. If the error is - * related to the key material, the import token, or wrapping key, use GetParametersForImport to get a new public key and import token for the KMS key and - * repeat the import procedure. For help, see How To Import Key + * related to the key material, the import token, or wrapping key, use GetParametersForImport to get a new public key and import token for the KMS key + * and repeat the import procedure. For help, see How To Import Key * Material in the Key Management Service Developer Guide.

                                                    *

                                                    The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                    @@ -2531,26 +2572,29 @@ export class KMS extends KMSClient { } /** - *

                                                    Gets a list of aliases in the caller's Amazon Web Services account and region. For more information about - * aliases, see CreateAlias.

                                                    + *

                                                    Gets a list of aliases in the caller's Amazon Web Services account and region. For more information + * about aliases, see CreateAlias.

                                                    *

                                                    By default, the ListAliases operation returns all aliases in the account and - * region. To get only the aliases associated with a particular KMS key, use - * the KeyId parameter.

                                                    + * region. To get only the aliases associated with a particular KMS key, use the + * KeyId parameter.

                                                    *

                                                    The ListAliases response can include aliases that you created and associated - * with your customer managed keys, and aliases that Amazon Web Services created and associated with Amazon Web Services managed keys in your account. You can recognize Amazon Web Services aliases because their names have the format - * aws/, such as aws/dynamodb.

                                                    + * with your customer managed keys, and aliases that Amazon Web Services created and associated with Amazon Web Services + * managed keys in your account. You can recognize Amazon Web Services aliases because their names have the + * format aws/, such as aws/dynamodb.

                                                    *

                                                    The response might also include aliases that have no TargetKeyId field. These - * are predefined aliases that Amazon Web Services has created but has not yet associated with a KMS key. Aliases - * that Amazon Web Services creates in your account, including predefined aliases, do not count against your - * KMS aliases + * are predefined aliases that Amazon Web Services has created but has not yet associated with a KMS key. + * Aliases that Amazon Web Services creates in your account, including predefined aliases, do not count against + * your KMS aliases * quota.

                                                    *

                                                    * Cross-account use: No. ListAliases does not * return aliases in other Amazon Web Services accounts.

                                                    * + * *

                                                    * Required permissions: kms:ListAliases (IAM policy)

                                                    - *

                                                    For details, see Controlling access to aliases in the Key Management Service Developer Guide.

                                                    + *

                                                    For details, see Controlling access to aliases in the + * Key Management Service Developer Guide.

                                                    *

                                                    * Related operations: *

                                                    @@ -2597,8 +2641,8 @@ export class KMS extends KMSClient { /** *

                                                    Gets a list of all grants for the specified KMS key.

                                                    - *

                                                    You must specify the KMS key in all requests. You can filter the grant list by grant ID - * or grantee principal.

                                                    + *

                                                    You must specify the KMS key in all requests. You can filter the grant list by grant ID or + * grantee principal.

                                                    *

                                                    For detailed information about grants, including grant terminology, see Using grants in the * * Key Management Service Developer Guide @@ -2667,9 +2711,9 @@ export class KMS extends KMSClient { } /** - *

                                                    Gets the names of the key policies that are attached to a KMS key. This - * operation is designed to get policy names that you can use in a GetKeyPolicy - * operation. However, the only valid policy name is default.

                                                    + *

                                                    Gets the names of the key policies that are attached to a KMS key. This operation is + * designed to get policy names that you can use in a GetKeyPolicy operation. + * However, the only valid policy name is default.

                                                    *

                                                    * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                    * @@ -2721,8 +2765,7 @@ export class KMS extends KMSClient { } /** - *

                                                    Gets a list of all KMS keys in the caller's Amazon Web Services account and - * Region.

                                                    + *

                                                    Gets a list of all KMS keys in the caller's Amazon Web Services account and Region.

                                                    *

                                                    * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                    * @@ -2844,11 +2887,11 @@ export class KMS extends KMSClient { } /** - *

                                                    Returns information about all grants in the Amazon Web Services account and Region that have the specified - * retiring principal.

                                                    + *

                                                    Returns information about all grants in the Amazon Web Services account and Region that have the + * specified retiring principal.

                                                    *

                                                    You can specify any principal in your Amazon Web Services account. The grants that are returned include - * grants for KMS keys in your Amazon Web Services account and other Amazon Web Services accounts. You might use this operation to - * determine which grants you may retire. To retire a grant, use the RetireGrant operation.

                                                    + * grants for KMS keys in your Amazon Web Services account and other Amazon Web Services accounts. You might use this + * operation to determine which grants you may retire. To retire a grant, use the RetireGrant operation.

                                                    *

                                                    For detailed information about grants, including grant terminology, see Using grants in the * * Key Management Service Developer Guide @@ -2857,11 +2900,12 @@ export class KMS extends KMSClient { *

                                                    * Cross-account use: You must specify a principal in your * Amazon Web Services account. However, this operation can return grants in any Amazon Web Services account. You do not need - * kms:ListRetirableGrants permission (or any other additional permission) in any + * kms:ListRetirableGrants permission (or any other additional permission) in any * Amazon Web Services account other than your own.

                                                    * *

                                                    - * Required permissions: kms:ListRetirableGrants (IAM policy) in your Amazon Web Services account.

                                                    + * Required permissions: kms:ListRetirableGrants (IAM policy) in your + * Amazon Web Services account.

                                                    *

                                                    * Related operations: *

                                                    @@ -2961,39 +3005,45 @@ export class KMS extends KMSClient { /** *

                                                    Decrypts ciphertext and then reencrypts it entirely within KMS. You can use this - * operation to change the KMS key under which data is encrypted, such as when - * you manually rotate a KMS key or change the KMS key that protects a ciphertext. You can also - * use it to reencrypt ciphertext under the same KMS key, such as to change the encryption + * operation to change the KMS key under which data is encrypted, such as when you manually + * rotate a KMS key or change the KMS key that protects a ciphertext. You can also use + * it to reencrypt ciphertext under the same KMS key, such as to change the encryption * context of a ciphertext.

                                                    *

                                                    The ReEncrypt operation can decrypt ciphertext that was encrypted by using an * KMS KMS key in an KMS operation, such as Encrypt or GenerateDataKey. It can also decrypt ciphertext that was encrypted by using the - * public key of an asymmetric KMS key outside of KMS. However, it cannot decrypt ciphertext - * produced by other libraries, such as the Amazon Web Services Encryption SDK or Amazon S3 client-side encryption. - * These libraries return a ciphertext format that is incompatible with KMS.

                                                    + * public key of an asymmetric KMS key + * outside of KMS. However, it cannot decrypt ciphertext produced by other libraries, such as + * the Amazon Web Services Encryption SDK or + * Amazon S3 + * client-side encryption. These libraries return a ciphertext format that is + * incompatible with KMS.

                                                    *

                                                    When you use the ReEncrypt operation, you need to provide information for the * decrypt operation and the subsequent encrypt operation.

                                                    *
                                                      *
                                                    • *

                                                      If your ciphertext was encrypted under an asymmetric KMS key, you must use the - * SourceKeyId parameter to identify the KMS key that encrypted the ciphertext. - * You must also supply the encryption algorithm that was used. This information is required - * to decrypt the data.

                                                      + * SourceKeyId parameter to identify the KMS key that encrypted the + * ciphertext. You must also supply the encryption algorithm that was used. This information + * is required to decrypt the data.

                                                      *
                                                      • *
                                                    • - *

                                                      If your ciphertext was encrypted under a symmetric KMS key, the SourceKeyId - * parameter is optional. KMS can get this information from metadata that it adds to the - * symmetric ciphertext blob. This feature adds durability to your implementation by ensuring - * that authorized users can decrypt ciphertext decades after it was encrypted, even if - * they've lost track of the key ID. However, specifying the source KMS key is always recommended - * as a best practice. When you use the SourceKeyId parameter to specify a KMS key, - * KMS uses only the KMS key you specify. If the ciphertext was encrypted under a different KMS key, the ReEncrypt operation fails. This practice ensures that you use the KMS key that you intend.

                                                      + *

                                                      If your ciphertext was encrypted under a symmetric KMS key, the + * SourceKeyId parameter is optional. KMS can get this information from + * metadata that it adds to the symmetric ciphertext blob. This feature adds durability to + * your implementation by ensuring that authorized users can decrypt ciphertext decades after + * it was encrypted, even if they've lost track of the key ID. However, specifying the source + * KMS key is always recommended as a best practice. When you use the + * SourceKeyId parameter to specify a KMS key, KMS uses only the KMS key you + * specify. If the ciphertext was encrypted under a different KMS key, the + * ReEncrypt operation fails. This practice ensures that you use the KMS key + * that you intend.

                                                      *
                                                      • *
                                                    • *

                                                      To reencrypt the data, you must use the DestinationKeyId parameter * specify the KMS key that re-encrypts the data after it is decrypted. You can select a - * symmetric or asymmetric KMS key. If the destination KMS key is an asymmetric KMS key, you must also - * provide the encryption algorithm. The algorithm that you choose must be compatible with - * the KMS key.

                                                      + * symmetric or asymmetric KMS key. If the destination KMS key is an asymmetric KMS key, you + * must also provide the encryption algorithm. The algorithm that you choose must be + * compatible with the KMS key.

                                                      * * *

                                                      When you use an asymmetric KMS key to encrypt or reencrypt data, be sure to record the KMS key and encryption algorithm that you choose. You will be required to provide the same KMS key and encryption algorithm when you decrypt the data. If the KMS key and algorithm do not match the values used to encrypt the data, the decrypt operation fails.

                                                      @@ -3001,26 +3051,26 @@ export class KMS extends KMSClient { *                                                       *
                                                      • *
                                                    - * - * - * *

                                                    The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                    *

                                                    - * Cross-account use: Yes. The source KMS key and destination KMS key can be in different Amazon Web Services accounts. Either or both KMS keys can be in a different account than - * the caller. To specify a KMS key in a different account, you must use its key ARN or alias - * ARN.

                                                    + * Cross-account use: Yes. + * The source KMS key and destination KMS key can be in different Amazon Web Services accounts. Either or both + * KMS keys can be in a different account than the caller. To specify a KMS key in a different + * account, you must use its key ARN or alias ARN.

                                                    * *

                                                    * Required permissions:

                                                    * *

                                                    To permit reencryption from or to a KMS key, include the "kms:ReEncrypt*" @@ -3109,7 +3159,7 @@ export class KMS extends KMSClient { * details about the Creating key state, see Key state: Effect on your KMS key in the * Key Management Service Developer Guide.

                                                    *

                                                    The CloudTrail log of a ReplicateKey operation records a - * ReplicateKey operation in the primary key's Region and a CreateKey operation in the replica key's Region.

                                                    + * ReplicateKey operation in the primary key's Region and a CreateKey operation in the replica key's Region.

                                                    *

                                                    If you replicate a multi-Region primary key with imported key material, the replica key is * created with no key material. You must import the same key material that you imported into the * primary key. For details, see Importing key material into multi-Region keys in the Key Management Service Developer Guide.

                                                    @@ -3117,8 +3167,8 @@ export class KMS extends KMSClient { * operation.

                                                    * *

                                                    - * ReplicateKey uses different default values for the KeyPolicy and - * Tags parameters than those used in the KMS console. For details, see the + * ReplicateKey uses different default values for the KeyPolicy + * and Tags parameters than those used in the KMS console. For details, see the * parameter descriptions.

                                                    *                                                     *

                                                    @@ -3129,8 +3179,8 @@ export class KMS extends KMSClient { *

                                                      *
                                                    • *

                                                      - * kms:ReplicateKey on the primary key (in the primary key's Region). Include this - * permission in the primary key's key policy.

                                                      + * kms:ReplicateKey on the primary key (in the primary key's Region). + * Include this permission in the primary key's key policy.

                                                      *
                                                      • *
                                                    • *

                                                      @@ -3186,12 +3236,13 @@ export class KMS extends KMSClient { /** *

                                                      Deletes a grant. Typically, you retire a grant when you no longer need its permissions. To * identify the grant to retire, use a grant token, or both the grant ID and a - * key identifier (key ID or key ARN) of the KMS key. The CreateGrant operation returns both values.

                                                      + * key identifier (key ID or key ARN) of the KMS key. The CreateGrant operation + * returns both values.

                                                      *

                                                      This operation can be called by the retiring principal for a grant, * by the grantee principal if the grant allows the RetireGrant * operation, and by the Amazon Web Services account (root user) in which the grant is created. It can also be * called by principals to whom permission for retiring a grant is delegated. For details, see - * Retiring and + * Retiring and * revoking grants in the Key Management Service Developer Guide.

                                                      *

                                                      For detailed information about grants, including grant terminology, see Using grants in the * @@ -3199,11 +3250,12 @@ export class KMS extends KMSClient { * . For examples of working with grants in several * programming languages, see Programming grants.

                                                      *

                                                      - * Cross-account use: Yes. You can retire a grant on a KMS key - * in a different Amazon Web Services account.

                                                      + * Cross-account use: Yes. You can retire a grant on a KMS + * key in a different Amazon Web Services account.

                                                      *

                                                      * Required permissions::Permission to retire a grant is - * determined primarily by the grant. For details, see Retiring and revoking grants in the Key Management Service Developer Guide.

                                                      + * determined primarily by the grant. For details, see Retiring and revoking grants in + * the Key Management Service Developer Guide.

                                                      *

                                                      * Related operations: *

                                                      @@ -3255,8 +3307,7 @@ export class KMS extends KMSClient { /** *

                                                      Deletes the specified grant. You revoke a grant to terminate the permissions that the - * grant allows. For more - * information, see Retiring and revoking grants in + * grant allows. For more information, see Retiring and revoking grants in * the * Key Management Service Developer Guide * .

                                                      @@ -3324,22 +3375,24 @@ export class KMS extends KMSClient { } /** - *

                                                      Schedules the deletion of a KMS key. By default, KMS applies a waiting - * period of 30 days, but you can specify a waiting period of 7-30 days. When this operation is - * successful, the key state of the KMS key changes to PendingDeletion and the key can't - * be used in any cryptographic operations. It remains in this state for the duration of the - * waiting period. Before the waiting period ends, you can use CancelKeyDeletion to cancel the deletion of the KMS key. After the waiting period ends, KMS deletes the KMS key, + *

                                                      Schedules the deletion of a KMS key. By default, KMS applies a waiting period of 30 + * days, but you can specify a waiting period of 7-30 days. When this operation is successful, + * the key state of the KMS key changes to PendingDeletion and the key can't be used + * in any cryptographic operations. It remains in this state for the duration of the waiting + * period. Before the waiting period ends, you can use CancelKeyDeletion to + * cancel the deletion of the KMS key. After the waiting period ends, KMS deletes the KMS key, * its key material, and all KMS data associated with it, including all aliases that refer to * it.

                                                      * - *

                                                      Deleting a KMS key is a destructive and potentially dangerous operation. When a KMS key is - * deleted, all data that was encrypted under the KMS key is unrecoverable. (The only exception is - * a multi-Region replica key.) To prevent the use of a KMS key without deleting it, use DisableKey.

                                                      + *

                                                      Deleting a KMS key is a destructive and potentially dangerous operation. When a KMS key + * is deleted, all data that was encrypted under the KMS key is unrecoverable. (The only + * exception is a multi-Region replica key.) To prevent the use of a KMS key without deleting + * it, use DisableKey.

                                                      *                                                       *

                                                      If you schedule deletion of a KMS key from a custom key store, when the waiting period - * expires, ScheduleKeyDeletion deletes the KMS key from KMS. Then KMS makes a best - * effort to delete the key material from the associated CloudHSM cluster. However, you might need - * to manually delete the orphaned key + * expires, ScheduleKeyDeletion deletes the KMS key from KMS. Then KMS makes a + * best effort to delete the key material from the associated CloudHSM cluster. However, you might + * need to manually delete the orphaned key * material from the cluster and its backups.

                                                      *

                                                      You can schedule the deletion of a multi-Region primary key and its replica keys at any * time. However, KMS will not delete a multi-Region primary key with existing replica keys. If @@ -3348,18 +3401,20 @@ export class KMS extends KMSClient { * operations. This status can continue indefinitely. When the last of its replicas keys is * deleted (not just scheduled), the key state of the primary key changes to * PendingDeletion and its waiting period (PendingWindowInDays) - * begins. For details, see Deleting multi-Region keys in the Key Management Service Developer Guide.

                                                      + * begins. For details, see Deleting multi-Region keys in the + * Key Management Service Developer Guide.

                                                      *

                                                      For more information about scheduling a KMS key for deletion, see Deleting KMS keys in the * Key Management Service Developer Guide.

                                                      *

                                                      The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                      - * *

                                                      - * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                      + * Cross-account + * use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                      * * *

                                                      - * Required permissions: kms:ScheduleKeyDeletion (key policy)

                                                      + * Required permissions: kms:ScheduleKeyDeletion (key + * policy)

                                                      *

                                                      * Related operations *

                                                      @@ -3407,20 +3462,21 @@ export class KMS extends KMSClient { /** *

                                                      Creates a digital - * signature for a message or message digest by using the private key in an asymmetric KMS key. To verify the signature, use the Verify operation, or use the public - * key in the same asymmetric KMS key outside of KMS. For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                      + * signature for a message or message digest by using the private key in an asymmetric + * KMS key. To verify the signature, use the Verify operation, or use the + * public key in the same asymmetric KMS key outside of KMS. For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                      *

                                                      Digital signatures are generated and verified by using asymmetric key pair, such as an RSA - * or ECC pair that is represented by an asymmetric KMS key. The key owner (or - * an authorized user) uses their private key to sign a message. Anyone with the public key can - * verify that the message was signed with that particular private key and that the message - * hasn't changed since it was signed.

                                                      + * or ECC pair that is represented by an asymmetric KMS key. The key owner (or an authorized + * user) uses their private key to sign a message. Anyone with the public key can verify that the + * message was signed with that particular private key and that the message hasn't changed since + * it was signed.

                                                      *

                                                      To use the Sign operation, provide the following information:

                                                      *
                                                        *
                                                      • *

                                                        Use the KeyId parameter to identify an asymmetric KMS key with a * KeyUsage value of SIGN_VERIFY. To get the - * KeyUsage value of a KMS key, use the DescribeKey operation. - * The caller must have kms:Sign permission on the KMS key.

                                                        + * KeyUsage value of a KMS key, use the DescribeKey + * operation. The caller must have kms:Sign permission on the KMS key.

                                                        *
                                                        • *
                                                      • *

                                                        Use the Message parameter to specify the message or message digest to @@ -3442,7 +3498,7 @@ export class KMS extends KMSClient { * then use the public key to verify the signature outside of KMS.

                                                        *

                                                        The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                        - *

                                                        + *

                                                        * Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify * the key ARN or alias ARN in the value of the KeyId parameter.

                                                        * @@ -3484,16 +3540,18 @@ export class KMS extends KMSClient { * The tag value can be an empty (null) string. To add a tag, specify a new tag key and a tag * value. To edit a tag, specify an existing tag key and a new tag value.

                                                        *

                                                        You can use this operation to tag a customer managed key, but you cannot - * tag an Amazon Web Services managed key, an Amazon Web Services owned key, a custom key store, or - * an alias.

                                                        - *

                                                        You can also add tags to a KMS key while creating it (CreateKey) or replicating it (ReplicateKey).

                                                        + * tag an Amazon Web Services + * managed key, an Amazon Web Services owned key, a custom key + * store, or an alias.

                                                        + *

                                                        You can also add tags to a KMS key while creating it (CreateKey) or + * replicating it (ReplicateKey).

                                                        *

                                                        For information about using tags in KMS, see Tagging keys. For general information about * tags, including the format and syntax, see Tagging Amazon Web Services resources in the Amazon * Web Services General Reference.

                                                        *

                                                        The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                        *

                                                        - * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                        + * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                        * *

                                                        * Required permissions: kms:TagResource (key policy)

                                                        @@ -3553,8 +3611,8 @@ export class KMS extends KMSClient { *

                                                        Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                        * *

                                                        When it succeeds, the UntagResource operation doesn't return any output. - * Also, if the specified tag key isn't found on the KMS key, it doesn't throw an exception or return - * a response. To confirm that the operation worked, use the ListResourceTags operation.

                                                        + * Also, if the specified tag key isn't found on the KMS key, it doesn't throw an exception or + * return a response. To confirm that the operation worked, use the ListResourceTags operation.

                                                        * *

                                                        For information about using tags in KMS, see Tagging keys. For general information about * tags, including the format and syntax, see Tagging Amazon Web Services resources in the Amazon @@ -3562,7 +3620,7 @@ export class KMS extends KMSClient { *

                                                        The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                        *

                                                        - * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                        + * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                        * *

                                                        * Required permissions: kms:UntagResource (key policy)

                                                        @@ -3622,9 +3680,9 @@ export class KMS extends KMSClient { } /** - *

                                                        Associates an existing KMS alias with a different KMS key. Each alias - * is associated with only one KMS key at a time, although a KMS key can have multiple aliases. The alias - * and the KMS key must be in the same Amazon Web Services account and Region.

                                                        + *

                                                        Associates an existing KMS alias with a different KMS key. Each alias is associated with + * only one KMS key at a time, although a KMS key can have multiple aliases. The alias and the + * KMS key must be in the same Amazon Web Services account and Region.

                                                        * *

                                                        Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                        *                                                         @@ -3636,12 +3694,12 @@ export class KMS extends KMSClient { * use DeleteAlias to delete the old alias and CreateAlias to * create a new alias.

                                                        *

                                                        Because an alias is not a property of a KMS key, you can create, update, and delete the - * aliases of a KMS key without affecting the KMS key. Also, aliases do not appear in the response from - * the DescribeKey operation. To get the aliases of all KMS keys in the account, - * use the ListAliases operation.

                                                        + * aliases of a KMS key without affecting the KMS key. Also, aliases do not appear in the + * response from the DescribeKey operation. To get the aliases of all KMS keys + * in the account, use the ListAliases operation.

                                                        *

                                                        The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                        - *

                                                        + *

                                                        * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                        *

                                                        * Required permissions @@ -3649,18 +3707,22 @@ export class KMS extends KMSClient { *

                                                        - *

                                                        For details, see Controlling access to aliases in the Key Management Service Developer Guide.

                                                        + *

                                                        For details, see Controlling access to aliases in the + * Key Management Service Developer Guide.

                                                        *

                                                        * Related operations: *

                                                        @@ -3714,29 +3776,29 @@ export class KMS extends KMSClient { * the update completes, use ConnectCustomKeyStore. To find the connection * state of a custom key store, use the DescribeCustomKeyStores * operation.

                                                        - *

                                                        Use the parameters of UpdateCustomKeyStore to edit your keystore - * settings.

                                                        + *

                                                        The CustomKeyStoreId parameter is required in all commands. Use the other + * parameters of UpdateCustomKeyStore to edit your key store settings.

                                                        *
                                                          *
                                                        • - *

                                                          Use the NewCustomKeyStoreName parameter to change the - * friendly name of the custom key store to the value that you specify.

                                                          + *

                                                          Use the NewCustomKeyStoreName parameter to change the friendly name of + * the custom key store to the value that you specify.

                                                          *

                                                          *
                                                          • *
                                                        • - *

                                                          Use the KeyStorePassword parameter tell KMS the - * current password of the - * kmsuser crypto - * user (CU) in the associated CloudHSM cluster. You can use this parameter to fix - * connection failures that occur when KMS cannot log into the associated cluster - * because the kmsuser password has changed. This value does not change the - * password in the CloudHSM cluster.

                                                          + *

                                                          Use the KeyStorePassword parameter tell KMS the current password of the + * + * kmsuser crypto user (CU) in the associated CloudHSM cluster. You + * can use this parameter to fix connection + * failures that occur when KMS cannot log into the associated cluster because + * the kmsuser password has changed. This value does not change the password in + * the CloudHSM cluster.

                                                          *

                                                          *
                                                          • *
                                                        • - *

                                                          Use the CloudHsmClusterId parameter to associate the - * custom key store with a different, but related, CloudHSM cluster. You can use this parameter - * to repair a custom key store if its CloudHSM cluster becomes corrupted or is deleted, or when - * you need to create or restore a cluster from a backup.

                                                          + *

                                                          Use the CloudHsmClusterId parameter to associate the custom key store + * with a different, but related, CloudHSM cluster. You can use this parameter to repair a + * custom key store if its CloudHSM cluster becomes corrupted or is deleted, or when you need to + * create or restore a cluster from a backup.

                                                          *
                                                          • *
                                                        *

                                                        If the operation succeeds, it returns a JSON object with no @@ -3744,9 +3806,9 @@ export class KMS extends KMSClient { *

                                                        This operation is part of the Custom Key Store feature feature in KMS, which * combines the convenience and extensive integration of KMS with the isolation and control of a * single-tenant key store.

                                                        - * *

                                                        - * Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.

                                                        + * Cross-account + * use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.

                                                        *

                                                        * Required permissions: kms:UpdateCustomKeyStore (IAM policy)

                                                        *

                                                        @@ -3810,12 +3872,12 @@ export class KMS extends KMSClient { } /** - *

                                                        Updates the description of a KMS key. To see the description of a KMS key, - * use DescribeKey.

                                                        + *

                                                        Updates the description of a KMS key. To see the description of a KMS key, use DescribeKey.

                                                        *

                                                        The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                        *

                                                        - * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                        + * Cross-account + * use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                        * *

                                                        * Required permissions: kms:UpdateKeyDescription (key policy)

                                                        @@ -3880,7 +3942,7 @@ export class KMS extends KMSClient { * that are always shared by primary and replica keys, including the key material, key ID, key spec, key usage, key material * origin, and automatic * key rotation. It's the only key that can be replicated. You cannot delete the primary - * key until all replica keys are deleted.

                                                        + * key until all replica keys are deleted.

                                                        *

                                                        The key ID and primary Region that you specify uniquely identify the replica key that will * become the primary key. The primary Region must already have a replica key. This operation * does not create a KMS key in the specified Region. To find the replica keys, use the DescribeKey operation on the primary key or any replica key. To create a replica @@ -3964,9 +4026,9 @@ export class KMS extends KMSClient { /** *

                                                        Verifies a digital signature that was generated by the Sign operation.

                                                        *

                                                        - *

                                                        Verification confirms that an authorized user signed the message with the specified KMS key - * and signing algorithm, and the message hasn't changed since it was signed. If the signature is - * verified, the value of the SignatureValid field in the response is + *

                                                        Verification confirms that an authorized user signed the message with the specified KMS + * key and signing algorithm, and the message hasn't changed since it was signed. If the + * signature is verified, the value of the SignatureValid field in the response is * True. If the signature verification fails, the Verify operation * fails with an KMSInvalidSignatureException exception.

                                                        *

                                                        A digital signature is generated by using the private key in an asymmetric KMS key. The @@ -3975,8 +4037,8 @@ export class KMS extends KMSClient { *

                                                        To verify a digital signature, you can use the Verify operation. Specify the * same asymmetric KMS key, message, and signing algorithm that were used to produce the * signature.

                                                        - *

                                                        You can also verify the digital signature by using the public key of the KMS key outside of - * KMS. Use the GetPublicKey operation to download the public key in the + *

                                                        You can also verify the digital signature by using the public key of the KMS key outside + * of KMS. Use the GetPublicKey operation to download the public key in the * asymmetric KMS key and then use the public key to verify the signature outside of KMS. The * advantage of using the Verify operation is that it is performed within KMS. As * a result, it's easy to call, the operation is performed within the FIPS boundary, it is logged diff --git a/clients/client-kms/src/KMSClient.ts b/clients/client-kms/src/KMSClient.ts index 224b3a5c18bb..5976cc11f4e9 100644 --- a/clients/client-kms/src/KMSClient.ts +++ b/clients/client-kms/src/KMSClient.ts @@ -419,10 +419,11 @@ export interface KMSClientResolvedConfig extends KMSClientResolvedConfigType {} *

                                                        * Logging API Requests *

                                                        - *

                                                        KMS supports CloudTrail, a service that logs Amazon Web Services API calls and related events for your Amazon Web Services account and delivers them to an Amazon S3 bucket that you specify. By using the information - * collected by CloudTrail, you can determine what requests were made to KMS, who made the request, - * when it was made, and so on. To learn more about CloudTrail, including how to turn it on and find - * your log files, see the CloudTrail User Guide.

                                                        + *

                                                        KMS supports CloudTrail, a service that logs Amazon Web Services API calls and related events for your + * Amazon Web Services account and delivers them to an Amazon S3 bucket that you specify. By using the + * information collected by CloudTrail, you can determine what requests were made to KMS, who made + * the request, when it was made, and so on. To learn more about CloudTrail, including how to turn it + * on and find your log files, see the CloudTrail User Guide.

                                                        *

                                                        * Additional Resources *

                                                        @@ -430,9 +431,9 @@ export interface KMSClientResolvedConfig extends KMSClientResolvedConfigType {} *
                                                          *
                                                        • *

                                                          - * Amazon Web Services Security - * Credentials - This topic provides general information about the types of - * credentials used to access Amazon Web Services.

                                                          + * Amazon Web Services + * Security Credentials - This topic provides general information about the types + * of credentials used to access Amazon Web Services.

                                                          *
                                                          • *
                                                        • *

                                                          diff --git a/clients/client-kms/src/commands/CancelKeyDeletionCommand.ts b/clients/client-kms/src/commands/CancelKeyDeletionCommand.ts index 475e77fd7ea7..d9c3fb318b58 100644 --- a/clients/client-kms/src/commands/CancelKeyDeletionCommand.ts +++ b/clients/client-kms/src/commands/CancelKeyDeletionCommand.ts @@ -22,13 +22,15 @@ export interface CancelKeyDeletionCommandInput extends CancelKeyDeletionRequest export interface CancelKeyDeletionCommandOutput extends CancelKeyDeletionResponse, __MetadataBearer {} /** - *

                                                          Cancels the deletion of a KMS key. When this operation succeeds, the key - * state of the KMS key is Disabled. To enable the KMS key, use EnableKey.

                                                          - *

                                                          For more information about scheduling and canceling deletion of a KMS key, see Deleting KMS keys in the Key Management Service Developer Guide.

                                                          + *

                                                          Cancels the deletion of a KMS key. When this operation succeeds, the key state of the KMS + * key is Disabled. To enable the KMS key, use EnableKey.

                                                          + *

                                                          For more information about scheduling and canceling deletion of a KMS key, see Deleting KMS keys in the + * Key Management Service Developer Guide.

                                                          *

                                                          The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                          *

                                                          - * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                          + * Cross-account + * use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                          *

                                                          * Required permissions: kms:CancelKeyDeletion (key policy)

                                                          *

                                                          diff --git a/clients/client-kms/src/commands/ConnectCustomKeyStoreCommand.ts b/clients/client-kms/src/commands/ConnectCustomKeyStoreCommand.ts index 39bd4414fbe3..0c0229aa9982 100644 --- a/clients/client-kms/src/commands/ConnectCustomKeyStoreCommand.ts +++ b/clients/client-kms/src/commands/ConnectCustomKeyStoreCommand.ts @@ -23,9 +23,9 @@ export interface ConnectCustomKeyStoreCommandOutput extends ConnectCustomKeyStor /** *

                                                          Connects or reconnects a custom key store to its associated CloudHSM cluster.

                                                          - *

                                                          The custom key store must be connected before you can create KMS keys - * in the key store or use the KMS keys it contains. You can disconnect and reconnect a custom key - * store at any time.

                                                          + *

                                                          The custom key store must be connected before you can create KMS keys in the key store or + * use the KMS keys it contains. You can disconnect and reconnect a custom key store at any + * time.

                                                          *

                                                          To connect a custom key store, its associated CloudHSM cluster must have at least one active * HSM. To get the number of active HSMs in a cluster, use the DescribeClusters operation. To add HSMs * to the cluster, use the CreateHsm operation. Also, the diff --git a/clients/client-kms/src/commands/CreateAliasCommand.ts b/clients/client-kms/src/commands/CreateAliasCommand.ts index cac2bb9ffc01..990ea472dd11 100644 --- a/clients/client-kms/src/commands/CreateAliasCommand.ts +++ b/clients/client-kms/src/commands/CreateAliasCommand.ts @@ -27,11 +27,12 @@ export interface CreateAliasCommandOutput extends __MetadataBearer {} *

                                                          Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                          * *

                                                          You can use an alias to identify a KMS key in the KMS console, in the DescribeKey operation and in cryptographic operations, such as Encrypt and - * GenerateDataKey. You can also change the KMS key that's associated with the - * alias (UpdateAlias) or delete the alias (DeleteAlias) at - * any time. These operations don't affect the underlying KMS key.

                                                          + * GenerateDataKey. You can also change the KMS key that's associated with + * the alias (UpdateAlias) or delete the alias (DeleteAlias) + * at any time. These operations don't affect the underlying KMS key.

                                                          *

                                                          You can associate the alias with any customer managed key in the same Amazon Web Services Region. Each - * alias is associated with only one KMS key at a time, but a KMS key can have multiple aliases. A valid KMS key is required. You can't create an alias without a KMS key.

                                                          + * alias is associated with only one KMS key at a time, but a KMS key can have multiple aliases. + * A valid KMS key is required. You can't create an alias without a KMS key.

                                                          *

                                                          The alias must be unique in the account and Region, but you can have aliases with the same * name in different Regions. For detailed information about aliases, see Using aliases in the * Key Management Service Developer Guide.

                                                          @@ -48,14 +49,17 @@ export interface CreateAliasCommandOutput extends __MetadataBearer {} * - *

                                                          For details, see Controlling access to aliases in the Key Management Service Developer Guide.

                                                          + *

                                                          For details, see Controlling access to aliases in the + * Key Management Service Developer Guide.

                                                          *

                                                          * Related operations: *

                                                          diff --git a/clients/client-kms/src/commands/CreateGrantCommand.ts b/clients/client-kms/src/commands/CreateGrantCommand.ts index 0217d045302e..08ca9adb0584 100644 --- a/clients/client-kms/src/commands/CreateGrantCommand.ts +++ b/clients/client-kms/src/commands/CreateGrantCommand.ts @@ -23,7 +23,9 @@ export interface CreateGrantCommandOutput extends CreateGrantResponse, __Metadat /** *

                                                          Adds a grant to a KMS key.

                                                          - *

                                                          A grant is a policy instrument that allows Amazon Web Services principals to use KMS keys in cryptographic operations. It also can allow them to view a KMS key (DescribeKey) and create and manage grants. When authorizing access to a KMS key, grants are considered along with key policies and IAM policies. Grants are often used for + *

                                                          A grant is a policy instrument that allows Amazon Web Services principals to use + * KMS keys in cryptographic operations. It also can allow them to view a KMS key (DescribeKey) and create and manage grants. When authorizing access to a KMS key, + * grants are considered along with key policies and IAM policies. Grants are often used for * temporary permissions because you can create one, use its permissions, and delete it without * changing your key policies or IAM policies.

                                                          *

                                                          For detailed information about grants, including grant terminology, see Using grants in the @@ -32,28 +34,29 @@ export interface CreateGrantCommandOutput extends CreateGrantResponse, __Metadat * . For examples of working with grants in several * programming languages, see Programming grants.

                                                          *

                                                          The CreateGrant operation returns a GrantToken and a - * GrantId.

                                                          + * GrantId.

                                                          *
                                                            *
                                                          • - *

                                                            When you create, retire, or revoke a grant, there might be a brief delay, usually less than five minutes, until the grant is available throughout KMS. This state is known as eventual consistency. Once the grant has achieved eventual consistency, the grantee principal - * can use the permissions in the grant without identifying the grant.

                                                            + *

                                                            When you create, retire, or revoke a grant, there might be a brief delay, usually less than five minutes, until the grant is available throughout KMS. This state is known as eventual consistency. Once the grant has achieved eventual consistency, the grantee + * principal can use the permissions in the grant without identifying the grant.

                                                            *

                                                            However, to use the permissions in the grant immediately, use the - * GrantToken that CreateGrant returns. For details, see Using a grant - * token in the + * GrantToken that CreateGrant returns. For details, see Using a + * grant token in the * Key Management Service Developer Guide * .

                                                            *
                                                            • *
                                                          • - *

                                                            The CreateGrant operation also returns a GrantId. You can use the - * GrantId and a key identifier to identify the grant in the RetireGrant and RevokeGrant operations. To find the grant - * ID, use the ListGrants or ListRetirableGrants - * operations.

                                                            + *

                                                            The CreateGrant operation also returns a GrantId. You can + * use the GrantId and a key identifier to identify the grant in the RetireGrant and RevokeGrant operations. To find the grant + * ID, use the ListGrants or ListRetirableGrants + * operations.

                                                            *
                                                            • *
                                                          *

                                                          The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                          *

                                                          - * Cross-account use: Yes. To perform this operation on a KMS key in a different Amazon Web Services account, specify the key + * Cross-account use: Yes. + * To perform this operation on a KMS key in a different Amazon Web Services account, specify the key * ARN in the value of the KeyId parameter.

                                                          *

                                                          * Required permissions: kms:CreateGrant (key policy)

                                                          diff --git a/clients/client-kms/src/commands/CreateKeyCommand.ts b/clients/client-kms/src/commands/CreateKeyCommand.ts index c75e7d276e3f..e6c8e89c538e 100644 --- a/clients/client-kms/src/commands/CreateKeyCommand.ts +++ b/clients/client-kms/src/commands/CreateKeyCommand.ts @@ -19,20 +19,21 @@ export interface CreateKeyCommandInput extends CreateKeyRequest {} export interface CreateKeyCommandOutput extends CreateKeyResponse, __MetadataBearer {} /** - *

                                                          Creates a unique customer managed KMS key in your Amazon Web Services account and Region.

                                                          + *

                                                          Creates a unique customer managed KMS key in your Amazon Web Services account and + * Region.

                                                          * *

                                                          KMS is replacing the term customer master key (CMK) with KMS key and KMS key. The concept has not changed. To prevent breaking changes, KMS is keeping some variations of this term.

                                                          *                                                           * - *

                                                          You can use the CreateKey operation to create symmetric or asymmetric KMS keys.

                                                          + *

                                                          You can use the CreateKey operation to create symmetric or asymmetric KMS + * keys.

                                                          *
                                                            *
                                                          • *

                                                            - * Symmetric KMS keys contain a 256-bit symmetric key that - * never leaves KMS unencrypted. To use the KMS key, you must call KMS. You can use a - * symmetric KMS key to encrypt and decrypt small amounts of data, but they are typically used to - * generate data - * keys and data keys pairs. For details, + * Symmetric KMS keys contain a 256-bit symmetric key + * that never leaves KMS unencrypted. To use the KMS key, you must call KMS. You can use + * a symmetric KMS key to encrypt and decrypt small amounts of data, but they are typically + * used to generate data keys and data keys pairs. For details, * see GenerateDataKey and GenerateDataKeyPair.

                                                            *
                                                            • *
                                                          • @@ -40,9 +41,9 @@ export interface CreateKeyCommandOutput extends CreateKeyResponse, __MetadataBea * Asymmetric KMS keys can contain an RSA key pair or an * Elliptic Curve (ECC) key pair. The private key in an asymmetric KMS key never leaves KMS * unencrypted. However, you can use the GetPublicKey operation to download - * the public key so it can be used outside of KMS. KMS keys with RSA key pairs can be used to - * encrypt or decrypt data or sign and verify messages (but not both). KMS keys with ECC key - * pairs can be used only to sign and verify messages.

                                                            + * the public key so it can be used outside of KMS. KMS keys with RSA key pairs can be used + * to encrypt or decrypt data or sign and verify messages (but not both). KMS keys with ECC + * key pairs can be used only to sign and verify messages.

                                                            *
                                                            • *
                                                          *

                                                          For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                          @@ -73,8 +74,8 @@ export interface CreateKeyCommandOutput extends CreateKeyResponse, __MetadataBea *
                                                          *

                                                          To create a multi-Region primary key in the local Amazon Web Services Region, * use the MultiRegion parameter with a value of True. To create - * a multi-Region replica key, that is, a KMS key with the same key ID and - * key material as a primary key, but in a different Amazon Web Services Region, use the ReplicateKey operation. To change a replica key to a primary key, and its + * a multi-Region replica key, that is, a KMS key with the same key ID + * and key material as a primary key, but in a different Amazon Web Services Region, use the ReplicateKey operation. To change a replica key to a primary key, and its * primary key to a replica key, use the UpdatePrimaryRegion * operation.

                                                          *

                                                          This operation supports multi-Region keys, an KMS feature that lets you create multiple @@ -115,13 +116,14 @@ export interface CreateKeyCommandOutput extends CreateKeyResponse, __MetadataBea *

                                                          * *

                                                          - * Cross-account use: No. You cannot use this operation to + * Cross-account use: No. You cannot use this operation to * create a KMS key in a different Amazon Web Services account.

                                                          * *

                                                          * Required permissions: kms:CreateKey (IAM policy). To use the * Tags parameter, kms:TagResource (IAM policy). For examples and information about related - * permissions, see Allow a user to create KMS keys in the Key Management Service Developer Guide.

                                                          + * permissions, see Allow a user to create + * KMS keys in the Key Management Service Developer Guide.

                                                          *

                                                          * Related operations: *

                                                          diff --git a/clients/client-kms/src/commands/DecryptCommand.ts b/clients/client-kms/src/commands/DecryptCommand.ts index a2840b6705bf..1dfc2e095949 100644 --- a/clients/client-kms/src/commands/DecryptCommand.ts +++ b/clients/client-kms/src/commands/DecryptCommand.ts @@ -19,8 +19,8 @@ export interface DecryptCommandInput extends DecryptRequest {} export interface DecryptCommandOutput extends DecryptResponse, __MetadataBearer {} /** - *

                                                          Decrypts ciphertext that was encrypted by a KMS key using any of - * the following operations:

                                                          + *

                                                          Decrypts ciphertext that was encrypted by a KMS key using any of the following + * operations:

                                                          *
                                                            *
                                                          • *

                                                            @@ -49,33 +49,36 @@ export interface DecryptCommandOutput extends DecryptResponse, __MetadataBearer *

                                                            • *
                                                          *

                                                          You can use this operation to decrypt ciphertext that was encrypted under a symmetric or - * asymmetric KMS key. When the KMS key is asymmetric, you must specify the KMS key and the encryption - * algorithm that was used to encrypt the ciphertext. For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                          + * asymmetric KMS key. When the KMS key is asymmetric, you must specify the KMS key and the + * encryption algorithm that was used to encrypt the ciphertext. For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                          *

                                                          The Decrypt operation also decrypts ciphertext that was encrypted outside of KMS by the - * public key in an KMS asymmetric KMS key. However, it cannot decrypt ciphertext produced by other - * libraries, such as the Amazon Web Services Encryption - * SDK or Amazon S3 client-side encryption. These libraries return a ciphertext format that - * is incompatible with KMS.

                                                          - *

                                                          If the ciphertext was encrypted under a symmetric KMS key, the KeyId parameter is - * optional. KMS can get this information from metadata that it adds to the symmetric - * ciphertext blob. This feature adds durability to your implementation by ensuring that - * authorized users can decrypt ciphertext decades after it was encrypted, even if they've lost - * track of the key ID. However, specifying the KMS key is always recommended as a best practice. - * When you use the KeyId parameter to specify a KMS key, KMS only uses the KMS key you - * specify. If the ciphertext was encrypted under a different KMS key, the Decrypt - * operation fails. This practice ensures that you use the KMS key that you intend.

                                                          + * public key in an KMS asymmetric KMS key. However, it cannot decrypt ciphertext produced by + * other libraries, such as the Amazon Web Services + * Encryption SDK or Amazon S3 client-side encryption. + * These libraries return a ciphertext format that is incompatible with KMS.

                                                          + *

                                                          If the ciphertext was encrypted under a symmetric KMS key, the KeyId + * parameter is optional. KMS can get this information from metadata that it adds to the + * symmetric ciphertext blob. This feature adds durability to your implementation by ensuring + * that authorized users can decrypt ciphertext decades after it was encrypted, even if they've + * lost track of the key ID. However, specifying the KMS key is always recommended as a best + * practice. When you use the KeyId parameter to specify a KMS key, KMS only uses + * the KMS key you specify. If the ciphertext was encrypted under a different KMS key, the + * Decrypt operation fails. This practice ensures that you use the KMS key that + * you intend.

                                                          *

                                                          Whenever possible, use key policies to give users permission to call the * Decrypt operation on a particular KMS key, instead of using IAM policies. * Otherwise, you might create an IAM user policy that gives the user Decrypt - * permission on all KMS keys. This user could decrypt ciphertext that was encrypted by KMS keys in other - * accounts if the key policy for the cross-account KMS key permits it. If you must use an IAM policy - * for Decrypt permissions, limit the user to particular KMS keys or particular trusted - * accounts. For details, see Best practices for IAM policies in the Key Management Service Developer Guide.

                                                          + * permission on all KMS keys. This user could decrypt ciphertext that was encrypted by KMS keys + * in other accounts if the key policy for the cross-account KMS key permits it. If you must use + * an IAM policy for Decrypt permissions, limit the user to particular KMS keys or + * particular trusted accounts. For details, see Best practices for IAM + * policies in the Key Management Service Developer Guide.

                                                          *

                                                          Applications in Amazon Web Services Nitro Enclaves can call this operation by using the Amazon Web Services Nitro Enclaves Development Kit. For information about the supporting parameters, see How Amazon Web Services Nitro Enclaves use KMS in the Key Management Service Developer Guide.

                                                          *

                                                          The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                          *

                                                          - * Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify + * Cross-account + * use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify * the key ARN or alias ARN in the value of the KeyId parameter.

                                                          * *

                                                          diff --git a/clients/client-kms/src/commands/DeleteAliasCommand.ts b/clients/client-kms/src/commands/DeleteAliasCommand.ts index 03ff0652aeb0..f7d0c22fd942 100644 --- a/clients/client-kms/src/commands/DeleteAliasCommand.ts +++ b/clients/client-kms/src/commands/DeleteAliasCommand.ts @@ -22,14 +22,15 @@ export interface DeleteAliasCommandInput extends DeleteAliasRequest {} export interface DeleteAliasCommandOutput extends __MetadataBearer {} /** - *

                                                          Deletes the specified alias.

                                                          + *

                                                          Deletes the specified alias.

                                                          * *

                                                          Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                          *                                                           - *

                                                          Because an alias is not a property of a KMS key, you can delete and change the aliases of a KMS key without affecting the KMS key. Also, aliases do not appear in the response from the DescribeKey operation. To get the aliases of all KMS keys, use the ListAliases operation.

                                                          + *

                                                          Because an alias is not a property of a KMS key, you can delete and change the aliases of + * a KMS key without affecting the KMS key. Also, aliases do not appear in the response from the + * DescribeKey operation. To get the aliases of all KMS keys, use the ListAliases operation.

                                                          *

                                                          Each KMS key can have multiple aliases. To change the alias of a KMS key, use DeleteAlias to delete the current alias and CreateAlias to - * create a new alias. To associate an existing alias with a different KMS key, - * call UpdateAlias.

                                                          + * create a new alias. To associate an existing alias with a different KMS key, call UpdateAlias.

                                                          *

                                                          * Cross-account use: No. You cannot perform this operation on an alias in a different Amazon Web Services account.

                                                          *

                                                          @@ -38,14 +39,17 @@ export interface DeleteAliasCommandOutput extends __MetadataBearer {} *

                                                          - *

                                                          For details, see Controlling access to aliases in the Key Management Service Developer Guide.

                                                          + *

                                                          For details, see Controlling access to aliases in the + * Key Management Service Developer Guide.

                                                          *

                                                          * Related operations: *

                                                          diff --git a/clients/client-kms/src/commands/DeleteCustomKeyStoreCommand.ts b/clients/client-kms/src/commands/DeleteCustomKeyStoreCommand.ts index b0be799c9315..58876fc627ff 100644 --- a/clients/client-kms/src/commands/DeleteCustomKeyStoreCommand.ts +++ b/clients/client-kms/src/commands/DeleteCustomKeyStoreCommand.ts @@ -24,16 +24,15 @@ export interface DeleteCustomKeyStoreCommandOutput extends DeleteCustomKeyStoreR /** *

                                                          Deletes a custom key store. This operation does not delete the CloudHSM cluster that is * associated with the custom key store, or affect any users or keys in the cluster.

                                                          - *

                                                          The custom key store that you delete cannot contain any KMS KMS keys. Before - * deleting the key store, verify that you will never need to use any of the KMS keys in the key - * store for any cryptographic operations. Then, use ScheduleKeyDeletion to delete the - * KMS keys from the key store. When the scheduled waiting period - * expires, the ScheduleKeyDeletion operation deletes the KMS keys. Then it makes a best - * effort to delete the key material from the associated cluster. However, you might need to - * manually delete the orphaned key + *

                                                          The custom key store that you delete cannot contain any KMS KMS keys. Before deleting the key store, + * verify that you will never need to use any of the KMS keys in the key store for any + * cryptographic operations. Then, use ScheduleKeyDeletion to delete the KMS keys from the + * key store. When the scheduled waiting period expires, the ScheduleKeyDeletion + * operation deletes the KMS keys. Then it makes a best effort to delete the key material from + * the associated cluster. However, you might need to manually delete the orphaned key * material from the cluster and its backups.

                                                          - *

                                                          After all KMS keys are deleted from KMS, use DisconnectCustomKeyStore to - * disconnect the key store from KMS. Then, you can delete the custom key store.

                                                          + *

                                                          After all KMS keys are deleted from KMS, use DisconnectCustomKeyStore + * to disconnect the key store from KMS. Then, you can delete the custom key store.

                                                          *

                                                          Instead of deleting the custom key store, consider using DisconnectCustomKeyStore to disconnect it from KMS. While the key store is * disconnected, you cannot create or use the KMS keys in the key store. But, you do not need to * delete KMS keys and you can reconnect a disconnected custom key store at any time.

                                                          @@ -42,9 +41,9 @@ export interface DeleteCustomKeyStoreCommandOutput extends DeleteCustomKeyStoreR *

                                                          This operation is part of the Custom Key Store feature feature in KMS, which * combines the convenience and extensive integration of KMS with the isolation and control of a * single-tenant key store.

                                                          - * *

                                                          - * Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.

                                                          + * Cross-account use: No. + * You cannot perform this operation on a custom key store in a different Amazon Web Services account.

                                                          * *

                                                          * Required permissions: kms:DeleteCustomKeyStore (IAM policy)

                                                          diff --git a/clients/client-kms/src/commands/DeleteImportedKeyMaterialCommand.ts b/clients/client-kms/src/commands/DeleteImportedKeyMaterialCommand.ts index 46805231b789..ff40dc7b386d 100644 --- a/clients/client-kms/src/commands/DeleteImportedKeyMaterialCommand.ts +++ b/clients/client-kms/src/commands/DeleteImportedKeyMaterialCommand.ts @@ -22,12 +22,11 @@ export interface DeleteImportedKeyMaterialCommandInput extends DeleteImportedKey export interface DeleteImportedKeyMaterialCommandOutput extends __MetadataBearer {} /** - *

                                                          Deletes key material that you previously imported. This operation makes the specified - * KMS key unusable. For more information about importing key material into - * KMS, see Importing Key - * Material in the Key Management Service Developer Guide.

                                                          - *

                                                          When the specified KMS key is in the PendingDeletion state, this operation does - * not change the KMS key's state. Otherwise, it changes the KMS key's state to + *

                                                          Deletes key material that you previously imported. This operation makes the specified KMS + * key unusable. For more information about importing key material into KMS, see Importing Key Material + * in the Key Management Service Developer Guide.

                                                          + *

                                                          When the specified KMS key is in the PendingDeletion state, this operation + * does not change the KMS key's state. Otherwise, it changes the KMS key's state to * PendingImport.

                                                          *

                                                          After you delete key material, you can use ImportKeyMaterial to reimport * the same key material into the KMS key.

                                                          diff --git a/clients/client-kms/src/commands/DescribeCustomKeyStoresCommand.ts b/clients/client-kms/src/commands/DescribeCustomKeyStoresCommand.ts index 6d9ff7465af0..96bd738af1d3 100644 --- a/clients/client-kms/src/commands/DescribeCustomKeyStoresCommand.ts +++ b/clients/client-kms/src/commands/DescribeCustomKeyStoresCommand.ts @@ -26,10 +26,10 @@ export interface DescribeCustomKeyStoresCommandOutput extends DescribeCustomKeyS *

                                                          This operation is part of the Custom Key Store feature feature in KMS, which * combines the convenience and extensive integration of KMS with the isolation and control of a * single-tenant key store.

                                                          - *

                                                          By default, this operation returns information about all custom key stores in the account and - * Region. To get only information about a particular custom key store, use either the - * CustomKeyStoreName or CustomKeyStoreId parameter (but not - * both).

                                                          + *

                                                          By default, this operation returns information about all custom key + * stores in the account and Region. To get only information about a particular custom key store, + * use either the CustomKeyStoreName or CustomKeyStoreId parameter (but + * not both).

                                                          *

                                                          To determine whether the custom key store is connected to its CloudHSM cluster, use the * ConnectionState element in the response. If an attempt to connect the custom * key store failed, the ConnectionState value is FAILED and the diff --git a/clients/client-kms/src/commands/DescribeKeyCommand.ts b/clients/client-kms/src/commands/DescribeKeyCommand.ts index 3d2e392e929b..eb937435336b 100644 --- a/clients/client-kms/src/commands/DescribeKeyCommand.ts +++ b/clients/client-kms/src/commands/DescribeKeyCommand.ts @@ -22,16 +22,17 @@ export interface DescribeKeyCommandInput extends DescribeKeyRequest {} export interface DescribeKeyCommandOutput extends DescribeKeyResponse, __MetadataBearer {} /** - *

                                                          Provides detailed information about a KMS key. You can run - * DescribeKey on a customer managed key or an Amazon Web Services managed key.

                                                          + *

                                                          Provides detailed information about a KMS key. You can run DescribeKey on a + * customer managed + * key or an Amazon Web Services managed key.

                                                          *

                                                          This detailed information includes the key ARN, creation date (and deletion date, if * applicable), the key state, and the origin and expiration date (if any) of the key material. * It includes fields, like KeySpec, that help you distinguish symmetric from * asymmetric KMS keys. It also provides information that is particularly important to asymmetric * keys, such as the key usage (encryption or signing) and the encryption algorithms or signing - * algorithms that the KMS key supports. For KMS keys in custom key stores, it includes information about - * the custom key store, such as the key store ID and the CloudHSM cluster ID. For multi-Region - * keys, it displays the primary key and all related replica keys.

                                                          + * algorithms that the KMS key supports. For KMS keys in custom key stores, it includes + * information about the custom key store, such as the key store ID and the CloudHSM cluster ID. For + * multi-Region keys, it displays the primary key and all related replica keys.

                                                          *

                                                          * DescribeKey does not return the following information:

                                                          *
                                                            @@ -40,8 +41,8 @@ export interface DescribeKeyCommandOutput extends DescribeKeyResponse, __Metadat * *
                                                          • *

                                                            Whether automatic key rotation is enabled on the KMS key. To get this information, use - * GetKeyRotationStatus. Also, some key states prevent a KMS key from being - * automatically rotated. For details, see How Automatic Key Rotation + * GetKeyRotationStatus. Also, some key states prevent a KMS key from + * being automatically rotated. For details, see How Automatic Key Rotation * Works in Key Management Service Developer Guide.

                                                            *
                                                            • *
                                                          • @@ -51,9 +52,10 @@ export interface DescribeKeyCommandOutput extends DescribeKeyResponse, __Metadat *

                                                            Key policies and grants on the KMS key. To get this information, use GetKeyPolicy and ListGrants.

                                                            *
                                                            • *
                                                          - *

                                                          If you call the DescribeKey operation on a predefined Amazon Web Services alias, that is, an Amazon Web Services alias with no key ID, KMS creates an Amazon Web Services managed key. - * Then, it associates the alias with the new KMS key, and returns the KeyId and - * Arn of the new KMS key in the response.

                                                          + *

                                                          If you call the DescribeKey operation on a predefined Amazon Web Services + * alias, that is, an Amazon Web Services alias with no key ID, KMS creates an Amazon Web Services managed + * key. Then, it associates the alias with the new KMS key, and returns the + * KeyId and Arn of the new KMS key in the response.

                                                          *

                                                          * Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify * the key ARN or alias ARN in the value of the KeyId parameter.

                                                          diff --git a/clients/client-kms/src/commands/DisableKeyCommand.ts b/clients/client-kms/src/commands/DisableKeyCommand.ts index eb7557f171d5..56986a793ec5 100644 --- a/clients/client-kms/src/commands/DisableKeyCommand.ts +++ b/clients/client-kms/src/commands/DisableKeyCommand.ts @@ -22,14 +22,15 @@ export interface DisableKeyCommandInput extends DisableKeyRequest {} export interface DisableKeyCommandOutput extends __MetadataBearer {} /** - *

                                                          Sets the state of a KMS key to disabled. This change temporarily - * prevents use of the KMS key for cryptographic operations.

                                                          - *

                                                          For more information about how key state affects the use of a KMS key, see Key state: Effect on your KMS key in the + *

                                                          Sets the state of a KMS key to disabled. This change temporarily prevents use of the KMS + * key for cryptographic operations.

                                                          + *

                                                          For more information about how key state affects the use of a KMS key, see Key state: Effect on your KMS + * key in the * Key Management Service Developer Guide * .

                                                          *

                                                          The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                          - *

                                                          + *

                                                          * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                          * *

                                                          diff --git a/clients/client-kms/src/commands/DisableKeyRotationCommand.ts b/clients/client-kms/src/commands/DisableKeyRotationCommand.ts index 3c756a12338a..228ddd03cc69 100644 --- a/clients/client-kms/src/commands/DisableKeyRotationCommand.ts +++ b/clients/client-kms/src/commands/DisableKeyRotationCommand.ts @@ -28,7 +28,8 @@ export interface DisableKeyRotationCommandOutput extends __MetadataBearer {} *

                                                          The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                          *

                                                          - * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                          + * Cross-account + * use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                          * *

                                                          * Required permissions: kms:DisableKeyRotation (key policy)

                                                          diff --git a/clients/client-kms/src/commands/DisconnectCustomKeyStoreCommand.ts b/clients/client-kms/src/commands/DisconnectCustomKeyStoreCommand.ts index b53791cf02d7..ed8e177c675b 100644 --- a/clients/client-kms/src/commands/DisconnectCustomKeyStoreCommand.ts +++ b/clients/client-kms/src/commands/DisconnectCustomKeyStoreCommand.ts @@ -23,8 +23,9 @@ export interface DisconnectCustomKeyStoreCommandOutput extends DisconnectCustomK /** *

                                                          Disconnects the custom key store from its associated CloudHSM cluster. While a custom key - * store is disconnected, you can manage the custom key store and its KMS keys, but you cannot create or use KMS keys in the custom key store. You can reconnect the - * custom key store at any time.

                                                          + * store is disconnected, you can manage the custom key store and its KMS keys, but you cannot + * create or use KMS keys in the custom key store. You can reconnect the custom key store at any + * time.

                                                          * *

                                                          While a custom key store is disconnected, all attempts to create KMS keys in the custom key store or to use existing KMS keys in cryptographic operations will * fail. This action can prevent users from storing and accessing sensitive data.

                                                          @@ -38,8 +39,9 @@ export interface DisconnectCustomKeyStoreCommandOutput extends DisconnectCustomK * combines the convenience and extensive integration of KMS with the isolation and control of a * single-tenant key store.

                                                          * - *

                                                          - * Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.

                                                          + *

                                                          + * Cross-account use: No. + * You cannot perform this operation on a custom key store in a different Amazon Web Services account.

                                                          * *

                                                          * Required permissions: kms:DisconnectCustomKeyStore (IAM policy)

                                                          diff --git a/clients/client-kms/src/commands/EnableKeyCommand.ts b/clients/client-kms/src/commands/EnableKeyCommand.ts index 70f799045f9c..a8fe7f86a95b 100644 --- a/clients/client-kms/src/commands/EnableKeyCommand.ts +++ b/clients/client-kms/src/commands/EnableKeyCommand.ts @@ -19,11 +19,13 @@ export interface EnableKeyCommandInput extends EnableKeyRequest {} export interface EnableKeyCommandOutput extends __MetadataBearer {} /** - *

                                                          Sets the key state of a KMS key to enabled. This allows you to use the KMS key for cryptographic operations.

                                                          + *

                                                          Sets the key state of a KMS key to enabled. This allows you to use the KMS key for + * cryptographic operations.

                                                          *

                                                          The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                          *

                                                          - * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                          + * Cross-account + * use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                          * *

                                                          * Required permissions: kms:EnableKey (key policy)

                                                          diff --git a/clients/client-kms/src/commands/EnableKeyRotationCommand.ts b/clients/client-kms/src/commands/EnableKeyRotationCommand.ts index 437e01dec88e..96293df58e64 100644 --- a/clients/client-kms/src/commands/EnableKeyRotationCommand.ts +++ b/clients/client-kms/src/commands/EnableKeyRotationCommand.ts @@ -28,7 +28,8 @@ export interface EnableKeyRotationCommandOutput extends __MetadataBearer {} *

                                                          The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                          *

                                                          - * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                          + * Cross-account + * use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                          * *

                                                          * Required permissions: kms:EnableKeyRotation (key policy)

                                                          diff --git a/clients/client-kms/src/commands/EncryptCommand.ts b/clients/client-kms/src/commands/EncryptCommand.ts index 5a9c1e9f64b0..698e7172b5da 100644 --- a/clients/client-kms/src/commands/EncryptCommand.ts +++ b/clients/client-kms/src/commands/EncryptCommand.ts @@ -19,19 +19,20 @@ export interface EncryptCommandInput extends EncryptRequest {} export interface EncryptCommandOutput extends EncryptResponse, __MetadataBearer {} /** - *

                                                          Encrypts plaintext into ciphertext by using a KMS key. The - * Encrypt operation has two primary use cases:

                                                          + *

                                                          Encrypts plaintext into ciphertext by using a KMS key. The Encrypt operation + * has two primary use cases:

                                                          *
                                                            *
                                                          • *

                                                            You can encrypt small amounts of arbitrary data, such as a personal identifier or * database password, or other sensitive information.

                                                            *
                                                            • *
                                                          • - *

                                                            You can use the Encrypt operation to move encrypted data from one Amazon Web Services Region to another. For example, in Region A, generate a data key and use the plaintext key to encrypt - * your data. Then, in Region A, use the Encrypt operation to encrypt the - * plaintext data key under a KMS key in Region B. Now, you can move the encrypted data and the - * encrypted data key to Region B. When necessary, you can decrypt the encrypted data key and - * the encrypted data entirely within in Region B.

                                                            + *

                                                            You can use the Encrypt operation to move encrypted data from one Amazon Web Services + * Region to another. For example, in Region A, generate a data key and use the plaintext key + * to encrypt your data. Then, in Region A, use the Encrypt operation to encrypt + * the plaintext data key under a KMS key in Region B. Now, you can move the encrypted data + * and the encrypted data key to Region B. When necessary, you can decrypt the encrypted data + * key and the encrypted data entirely within in Region B.

                                                            *
                                                            • *
                                                          * @@ -42,10 +43,10 @@ export interface EncryptCommandOutput extends EncryptResponse, __MetadataBearer * encryption operation. The KMS key must have a KeyUsage value of * ENCRYPT_DECRYPT. To find the KeyUsage of a KMS key, use the DescribeKey operation.

                                                          * - *

                                                          If you use a symmetric KMS key, you can use an encryption context to add additional security - * to your encryption operation. If you specify an EncryptionContext when encrypting - * data, you must specify the same encryption context (a case-sensitive exact match) when - * decrypting the data. Otherwise, the request to decrypt fails with an + *

                                                          If you use a symmetric KMS key, you can use an encryption context to add additional + * security to your encryption operation. If you specify an EncryptionContext when + * encrypting data, you must specify the same encryption context (a case-sensitive exact match) + * when decrypting the data. Otherwise, the request to decrypt fails with an * InvalidCiphertextException. For more information, see Encryption * Context in the Key Management Service Developer Guide.

                                                          *

                                                          If you specify an asymmetric KMS key, you must also specify the encryption algorithm. The @@ -117,7 +118,8 @@ export interface EncryptCommandOutput extends EncryptResponse, __MetadataBearer *

                                                          The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                          *

                                                          - * Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify + * Cross-account use: Yes. + * To perform this operation with a KMS key in a different Amazon Web Services account, specify * the key ARN or alias ARN in the value of the KeyId parameter.

                                                          * *

                                                          diff --git a/clients/client-kms/src/commands/GenerateDataKeyCommand.ts b/clients/client-kms/src/commands/GenerateDataKeyCommand.ts index 8304d409ee39..48e538e7b5a5 100644 --- a/clients/client-kms/src/commands/GenerateDataKeyCommand.ts +++ b/clients/client-kms/src/commands/GenerateDataKeyCommand.ts @@ -23,19 +23,19 @@ export interface GenerateDataKeyCommandOutput extends GenerateDataKeyResponse, _ /** *

                                                          Generates a unique symmetric data key for client-side encryption. This operation returns a - * plaintext copy of the data key and a copy that is encrypted under a KMS key - * that you specify. You can use the plaintext key to encrypt your data outside of KMS and - * store the encrypted data key with the encrypted data.

                                                          + * plaintext copy of the data key and a copy that is encrypted under a KMS key that you specify. + * You can use the plaintext key to encrypt your data outside of KMS and store the encrypted + * data key with the encrypted data.

                                                          * *

                                                          * GenerateDataKey returns a unique data key for each request. The bytes in the * plaintext key are not related to the caller or the KMS key.

                                                          * - *

                                                          To generate a data key, specify the symmetric KMS key that will be used to encrypt the data - * key. You cannot use an asymmetric KMS key to generate data keys. To get the type of your KMS key, use - * the DescribeKey operation. You must also specify the length of the data key. - * Use either the KeySpec or NumberOfBytes parameters (but not both). - * For 128-bit and 256-bit data keys, use the KeySpec parameter.

                                                          + *

                                                          To generate a data key, specify the symmetric KMS key that will be used to encrypt the + * data key. You cannot use an asymmetric KMS key to generate data keys. To get the type of your + * KMS key, use the DescribeKey operation. You must also specify the length of + * the data key. Use either the KeySpec or NumberOfBytes parameters + * (but not both). For 128-bit and 256-bit data keys, use the KeySpec parameter.

                                                          * *

                                                          To get only an encrypted copy of the data key, use GenerateDataKeyWithoutPlaintext. To generate an asymmetric data key pair, use * the GenerateDataKeyPair or GenerateDataKeyPairWithoutPlaintext operation. To get a cryptographically secure @@ -50,11 +50,14 @@ export interface GenerateDataKeyCommandOutput extends GenerateDataKeyResponse, _ *

                                                          The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                          *

                                                          - * How to use your data key + * How to use your data + * key *

                                                          - *

                                                          We recommend that you use the following pattern to encrypt data locally in your application. - * You can write your own code or use a client-side encryption library, such as the Amazon Web Services Encryption SDK, the Amazon DynamoDB Encryption Client, or - * Amazon S3 + *

                                                          We recommend that you use the following pattern to encrypt data locally in your + * application. You can write your own code or use a client-side encryption library, such as the + * Amazon Web Services Encryption SDK, the + * Amazon DynamoDB Encryption Client, + * or Amazon S3 * client-side encryption to do these tasks for you.

                                                          *

                                                          To encrypt data outside of KMS:

                                                          *
                                                            diff --git a/clients/client-kms/src/commands/GenerateDataKeyPairCommand.ts b/clients/client-kms/src/commands/GenerateDataKeyPairCommand.ts index 83768f7749e9..e55795f40ceb 100644 --- a/clients/client-kms/src/commands/GenerateDataKeyPairCommand.ts +++ b/clients/client-kms/src/commands/GenerateDataKeyPairCommand.ts @@ -24,20 +24,21 @@ export interface GenerateDataKeyPairCommandOutput extends GenerateDataKeyPairRes /** *

                                                            Generates a unique asymmetric data key pair. The GenerateDataKeyPair * operation returns a plaintext public key, a plaintext private key, and a copy of the private - * key that is encrypted under the symmetric KMS key you specify. You can use the data key pair to - * perform asymmetric cryptography and implement digital signatures outside of KMS.

                                                            + * key that is encrypted under the symmetric KMS key you specify. You can use the data key pair + * to perform asymmetric cryptography and implement digital signatures outside of KMS.

                                                            * *

                                                            You can use the public key that GenerateDataKeyPair returns to encrypt data * or verify a signature outside of KMS. Then, store the encrypted private key with the data. * When you are ready to decrypt data or sign a message, you can use the Decrypt operation to decrypt the encrypted private key.

                                                            * - *

                                                            To generate a data key pair, you must specify a symmetric KMS key to - * encrypt the private key in a data key pair. You cannot use an asymmetric KMS key or a KMS key in a - * custom key store. To get the type and origin of your KMS key, use the DescribeKey operation.

                                                            + *

                                                            To generate a data key pair, you must specify a symmetric KMS key to encrypt the private + * key in a data key pair. You cannot use an asymmetric KMS key or a KMS key in a custom key + * store. To get the type and origin of your KMS key, use the DescribeKey + * operation.

                                                            *

                                                            Use the KeyPairSpec parameter to choose an RSA or Elliptic Curve (ECC) data - * key pair. KMS recommends that your use ECC key pairs for signing, and use RSA key pairs - * for either encryption or signing, but not both. However, KMS cannot enforce any restrictions - * on the use of data key pairs outside of KMS.

                                                            + * key pair. KMS recommends that your use ECC key pairs for signing, and use RSA key pairs for + * either encryption or signing, but not both. However, KMS cannot enforce any restrictions on + * the use of data key pairs outside of KMS.

                                                            * *

                                                            If you are using the data key pair to encrypt data, or for any operation where you don't * immediately need a private key, consider using the GenerateDataKeyPairWithoutPlaintext operation. @@ -49,10 +50,10 @@ export interface GenerateDataKeyPairCommandOutput extends GenerateDataKeyPairRes * *

                                                            * GenerateDataKeyPair returns a unique data key pair for each request. The - * bytes in the keys are not related to the caller or the KMS key that is used to encrypt the private - * key. The public key is a DER-encoded X.509 SubjectPublicKeyInfo, as specified in RFC 5280. The - * private key is a DER-encoded PKCS8 PrivateKeyInfo, as specified in RFC - * 5958.

                                                            + * bytes in the keys are not related to the caller or the KMS key that is used to encrypt the + * private key. The public key is a DER-encoded X.509 SubjectPublicKeyInfo, as specified in + * RFC 5280. The private key is a + * DER-encoded PKCS8 PrivateKeyInfo, as specified in RFC 5958.

                                                            * *

                                                            You can use the optional encryption context to add additional security to the encryption * operation. If you specify an EncryptionContext, you must specify the same @@ -62,7 +63,8 @@ export interface GenerateDataKeyPairCommandOutput extends GenerateDataKeyPairRes *

                                                            The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                            *

                                                            - * Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify + * Cross-account + * use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify * the key ARN or alias ARN in the value of the KeyId parameter.

                                                            * *

                                                            diff --git a/clients/client-kms/src/commands/GenerateDataKeyPairWithoutPlaintextCommand.ts b/clients/client-kms/src/commands/GenerateDataKeyPairWithoutPlaintextCommand.ts index 8d7aef24166d..15fe62e61827 100644 --- a/clients/client-kms/src/commands/GenerateDataKeyPairWithoutPlaintextCommand.ts +++ b/clients/client-kms/src/commands/GenerateDataKeyPairWithoutPlaintextCommand.ts @@ -29,23 +29,24 @@ export interface GenerateDataKeyPairWithoutPlaintextCommandOutput /** *

                                                            Generates a unique asymmetric data key pair. The * GenerateDataKeyPairWithoutPlaintext operation returns a plaintext public key - * and a copy of the private key that is encrypted under the symmetric KMS key you specify. Unlike - * GenerateDataKeyPair, this operation does not return a plaintext private - * key.

                                                            + * and a copy of the private key that is encrypted under the symmetric KMS key you specify. + * Unlike GenerateDataKeyPair, this operation does not return a plaintext + * private key.

                                                            *

                                                            You can use the public key that GenerateDataKeyPairWithoutPlaintext returns * to encrypt data or verify a signature outside of KMS. Then, store the encrypted private key * with the data. When you are ready to decrypt data or sign a message, you can use the Decrypt operation to decrypt the encrypted private key.

                                                            - *

                                                            To generate a data key pair, you must specify a symmetric KMS key to - * encrypt the private key in a data key pair. You cannot use an asymmetric KMS key or a KMS key in a - * custom key store. To get the type and origin of your KMS key, use the DescribeKey operation.

                                                            + *

                                                            To generate a data key pair, you must specify a symmetric KMS key to encrypt the private + * key in a data key pair. You cannot use an asymmetric KMS key or a KMS key in a custom key + * store. To get the type and origin of your KMS key, use the DescribeKey + * operation.

                                                            *

                                                            Use the KeyPairSpec parameter to choose an RSA or Elliptic Curve (ECC) data - * key pair. KMS recommends that your use ECC key pairs for signing, and use RSA key pairs - * for either encryption or signing, but not both. However, KMS cannot enforce any restrictions - * on the use of data key pairs outside of KMS.

                                                            + * key pair. KMS recommends that your use ECC key pairs for signing, and use RSA key pairs for + * either encryption or signing, but not both. However, KMS cannot enforce any restrictions on + * the use of data key pairs outside of KMS.

                                                            *

                                                            * GenerateDataKeyPairWithoutPlaintext returns a unique data key pair for each - * request. The bytes in the key are not related to the caller or KMS key that is used to encrypt the - * private key. The public key is a DER-encoded X.509 SubjectPublicKeyInfo, as specified in + * request. The bytes in the key are not related to the caller or KMS key that is used to encrypt + * the private key. The public key is a DER-encoded X.509 SubjectPublicKeyInfo, as specified in * RFC 5280.

                                                            * *

                                                            You can use the optional encryption context to add additional security to the encryption @@ -56,11 +57,13 @@ export interface GenerateDataKeyPairWithoutPlaintextCommandOutput *

                                                            The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                            *

                                                            - * Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify + * Cross-account + * use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify * the key ARN or alias ARN in the value of the KeyId parameter.

                                                            * *

                                                            - * Required permissions: kms:GenerateDataKeyPairWithoutPlaintext (key policy)

                                                            + * Required permissions: kms:GenerateDataKeyPairWithoutPlaintext (key + * policy)

                                                            *

                                                            * Related operations: *

                                                            diff --git a/clients/client-kms/src/commands/GenerateDataKeyWithoutPlaintextCommand.ts b/clients/client-kms/src/commands/GenerateDataKeyWithoutPlaintextCommand.ts index 5caaeb713def..df75387a3e4f 100644 --- a/clients/client-kms/src/commands/GenerateDataKeyWithoutPlaintextCommand.ts +++ b/clients/client-kms/src/commands/GenerateDataKeyWithoutPlaintextCommand.ts @@ -25,8 +25,8 @@ export interface GenerateDataKeyWithoutPlaintextCommandOutput /** *

                                                            Generates a unique symmetric data key. This operation returns a data key that is encrypted - * under a KMS key that you specify. To request an asymmetric data key pair, - * use the GenerateDataKeyPair or GenerateDataKeyPairWithoutPlaintext operations.

                                                            + * under a KMS key that you specify. To request an asymmetric data key pair, use the GenerateDataKeyPair or GenerateDataKeyPairWithoutPlaintext + * operations.

                                                            *

                                                            * GenerateDataKeyWithoutPlaintext is identical to the GenerateDataKey operation except that returns only the encrypted copy of the * data key. This operation is useful for systems that need to encrypt data at some point, but @@ -41,12 +41,12 @@ export interface GenerateDataKeyWithoutPlaintextCommandOutput * plaintext data key.

                                                            *

                                                            * GenerateDataKeyWithoutPlaintext returns a unique data key for each request. - * The bytes in the keys are not related to the caller or KMS key that is used to encrypt the private - * key.

                                                            + * The bytes in the keys are not related to the caller or KMS key that is used to encrypt the + * private key.

                                                            * - *

                                                            To generate a data key, you must specify the symmetric KMS key that is - * used to encrypt the data key. You cannot use an asymmetric KMS key to generate a data key. To get - * the type of your KMS key, use the DescribeKey operation.

                                                            + *

                                                            To generate a data key, you must specify the symmetric KMS key that is used to encrypt the + * data key. You cannot use an asymmetric KMS key to generate a data key. To get the type of your + * KMS key, use the DescribeKey operation.

                                                            * *

                                                            If the operation succeeds, you will find the encrypted copy of the data key in the * CiphertextBlob field.

                                                            @@ -59,11 +59,13 @@ export interface GenerateDataKeyWithoutPlaintextCommandOutput *

                                                            The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                            *

                                                            - * Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify + * Cross-account + * use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify * the key ARN or alias ARN in the value of the KeyId parameter.

                                                            * *

                                                            - * Required permissions: kms:GenerateDataKeyWithoutPlaintext (key policy)

                                                            + * Required permissions: kms:GenerateDataKeyWithoutPlaintext (key + * policy)

                                                            *

                                                            * Related operations: *

                                                            diff --git a/clients/client-kms/src/commands/GenerateRandomCommand.ts b/clients/client-kms/src/commands/GenerateRandomCommand.ts index 712ea7219b44..80724f57ee6f 100644 --- a/clients/client-kms/src/commands/GenerateRandomCommand.ts +++ b/clients/client-kms/src/commands/GenerateRandomCommand.ts @@ -27,7 +27,8 @@ export interface GenerateRandomCommandOutput extends GenerateRandomResponse, __M * the CloudHSM cluster that is associated with a custom key store, specify the custom key store * ID.

                                                            *

                                                            Applications in Amazon Web Services Nitro Enclaves can call this operation by using the Amazon Web Services Nitro Enclaves Development Kit. For information about the supporting parameters, see How Amazon Web Services Nitro Enclaves use KMS in the Key Management Service Developer Guide.

                                                            - *

                                                            For more information about entropy and random number generation, see Key Management Service Cryptographic Details.

                                                            + *

                                                            For more information about entropy and random number generation, see + * Key Management Service Cryptographic Details.

                                                            * *

                                                            * Required permissions: kms:GenerateRandom (IAM policy)

                                                            diff --git a/clients/client-kms/src/commands/GetKeyRotationStatusCommand.ts b/clients/client-kms/src/commands/GetKeyRotationStatusCommand.ts index ebe0863dcb35..ba2bedb9bdcb 100644 --- a/clients/client-kms/src/commands/GetKeyRotationStatusCommand.ts +++ b/clients/client-kms/src/commands/GetKeyRotationStatusCommand.ts @@ -24,7 +24,8 @@ export interface GetKeyRotationStatusCommandOutput extends GetKeyRotationStatusR /** *

                                                            Gets a Boolean value that indicates whether automatic rotation of the key material is * enabled for the specified KMS key.

                                                            - *

                                                            You cannot enable automatic rotation of asymmetric KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key. The key rotation status for these KMS keys is always false.

                                                            + *

                                                            You cannot enable automatic rotation of asymmetric KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key. The key rotation status for these KMS keys is always + * false.

                                                            *

                                                            The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                            *
                                                              diff --git a/clients/client-kms/src/commands/GetParametersForImportCommand.ts b/clients/client-kms/src/commands/GetParametersForImportCommand.ts index 68d0ba65ed11..eccca4b977de 100644 --- a/clients/client-kms/src/commands/GetParametersForImportCommand.ts +++ b/clients/client-kms/src/commands/GetParametersForImportCommand.ts @@ -22,16 +22,15 @@ export interface GetParametersForImportCommandInput extends GetParametersForImpo export interface GetParametersForImportCommandOutput extends GetParametersForImportResponse, __MetadataBearer {} /** - *

                                                              Returns the items you need to import key material into a symmetric, customer managed - * KMS key. For more information about importing key material into KMS, see - * Importing Key - * Material in the Key Management Service Developer Guide.

                                                              + *

                                                              Returns the items you need to import key material into a symmetric, customer managed KMS + * key. For more information about importing key material into KMS, see Importing Key Material + * in the Key Management Service Developer Guide.

                                                              *

                                                              This operation returns a public key and an import token. Use the public key to encrypt the * symmetric key material. Store the import token to send with a subsequent ImportKeyMaterial request.

                                                              - *

                                                              You must specify the key ID of the symmetric KMS key into which you will import key material. - * This KMS key's Origin must be EXTERNAL. You must also specify the - * wrapping algorithm and type of wrapping key (public key) that you will use to encrypt the key - * material. You cannot perform this operation on an asymmetric KMS key or on any KMS key in a different Amazon Web Services account.

                                                              + *

                                                              You must specify the key ID of the symmetric KMS key into which you will import key + * material. This KMS key's Origin must be EXTERNAL. You must also + * specify the wrapping algorithm and type of wrapping key (public key) that you will use to + * encrypt the key material. You cannot perform this operation on an asymmetric KMS key or on any KMS key in a different Amazon Web Services account.

                                                              *

                                                              To import key material, you must use the public key and import token from the same * response. These items are valid for 24 hours. The expiration date and time appear in the * GetParametersForImport response. You cannot use an expired token in an ImportKeyMaterial request. If your key and token expire, send another diff --git a/clients/client-kms/src/commands/GetPublicKeyCommand.ts b/clients/client-kms/src/commands/GetPublicKeyCommand.ts index c783d65fc26b..8b2e0f5667a6 100644 --- a/clients/client-kms/src/commands/GetPublicKeyCommand.ts +++ b/clients/client-kms/src/commands/GetPublicKeyCommand.ts @@ -22,10 +22,11 @@ export interface GetPublicKeyCommandInput extends GetPublicKeyRequest {} export interface GetPublicKeyCommandOutput extends GetPublicKeyResponse, __MetadataBearer {} /** - *

                                                              Returns the public key of an asymmetric KMS key. Unlike the private key of a asymmetric KMS key, - * which never leaves KMS unencrypted, callers with kms:GetPublicKey permission - * can download the public key of an asymmetric KMS key. You can share the public key to allow others - * to encrypt messages and verify signatures outside of KMS. For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                              + *

                                                              Returns the public key of an asymmetric KMS key. Unlike the private key of a asymmetric + * KMS key, which never leaves KMS unencrypted, callers with kms:GetPublicKey + * permission can download the public key of an asymmetric KMS key. You can share the public key + * to allow others to encrypt messages and verify signatures outside of KMS. + * For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                              *

                                                              You do not need to download the public key. Instead, you can use the public key within * KMS by calling the Encrypt, ReEncrypt, or Verify operations with the identifier of an asymmetric KMS key. When you use the * public key within KMS, you benefit from the authentication, authorization, and logging that @@ -59,7 +60,8 @@ export interface GetPublicKeyCommandOutput extends GetPublicKeyResponse, __Metad *

                                                              The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                              *

                                                              - * Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify + * Cross-account use: + * Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify * the key ARN or alias ARN in the value of the KeyId parameter.

                                                              * *

                                                              diff --git a/clients/client-kms/src/commands/ImportKeyMaterialCommand.ts b/clients/client-kms/src/commands/ImportKeyMaterialCommand.ts index 655f98e5fc13..46f504ba2e70 100644 --- a/clients/client-kms/src/commands/ImportKeyMaterialCommand.ts +++ b/clients/client-kms/src/commands/ImportKeyMaterialCommand.ts @@ -22,12 +22,12 @@ export interface ImportKeyMaterialCommandInput extends ImportKeyMaterialRequest export interface ImportKeyMaterialCommandOutput extends ImportKeyMaterialResponse, __MetadataBearer {} /** - *

                                                              Imports key material into an existing symmetric KMS KMS key that was - * created without key material. After you successfully import key material into a KMS key, you can - * reimport the same key material into that KMS key, but you cannot import different key + *

                                                              Imports key material into an existing symmetric KMS KMS key that was created without key + * material. After you successfully import key material into a KMS key, you can reimport + * the same key material into that KMS key, but you cannot import different key * material.

                                                              - *

                                                              You cannot perform this operation on an asymmetric KMS key or on any KMS key in a different Amazon Web Services account. For more information about creating KMS keys with no key material and - * then importing key material, see Importing Key Material in the + *

                                                              You cannot perform this operation on an asymmetric KMS key or on any KMS key in a different Amazon Web Services account. For more information about creating KMS keys with no key material + * and then importing key material, see Importing Key Material in the * Key Management Service Developer Guide.

                                                              *

                                                              Before using this operation, call GetParametersForImport. Its response * includes a public key and an import token. Use the public key to encrypt the key material. @@ -36,8 +36,8 @@ export interface ImportKeyMaterialCommandOutput extends ImportKeyMaterialRespons *

                                                              When calling this operation, you must specify the following values:

                                                              *
                                                                *
                                                              • - *

                                                                The key ID or key ARN of a KMS key with no key material. Its Origin must be - * EXTERNAL.

                                                                + *

                                                                The key ID or key ARN of a KMS key with no key material. Its Origin must + * be EXTERNAL.

                                                                *

                                                                To create a KMS key with no key material, call CreateKey and set the * value of its Origin parameter to EXTERNAL. To get the * Origin of a KMS key, call DescribeKey.)

                                                                @@ -52,17 +52,17 @@ export interface ImportKeyMaterialCommandOutput extends ImportKeyMaterialRespons *
                                                                • *
                                                              • *

                                                                Whether the key material expires and if so, when. If you set an expiration date, KMS - * deletes the key material from the KMS key on the specified date, and the KMS key becomes unusable. - * To use the KMS key again, you must reimport the same key material. The only way to change an - * expiration date is by reimporting the same key material and specifying a new expiration - * date.

                                                                + * deletes the key material from the KMS key on the specified date, and the KMS key becomes + * unusable. To use the KMS key again, you must reimport the same key material. The only way + * to change an expiration date is by reimporting the same key material and specifying a new + * expiration date.

                                                                *
                                                                • *
                                                              *

                                                              When this operation is successful, the key state of the KMS key changes from * PendingImport to Enabled, and you can use the KMS key.

                                                              *

                                                              If this operation fails, use the exception to help determine the problem. If the error is - * related to the key material, the import token, or wrapping key, use GetParametersForImport to get a new public key and import token for the KMS key and - * repeat the import procedure. For help, see How To Import Key + * related to the key material, the import token, or wrapping key, use GetParametersForImport to get a new public key and import token for the KMS key + * and repeat the import procedure. For help, see How To Import Key * Material in the Key Management Service Developer Guide.

                                                              *

                                                              The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                              diff --git a/clients/client-kms/src/commands/ListAliasesCommand.ts b/clients/client-kms/src/commands/ListAliasesCommand.ts index d02f05fdf06e..b89bd951bab6 100644 --- a/clients/client-kms/src/commands/ListAliasesCommand.ts +++ b/clients/client-kms/src/commands/ListAliasesCommand.ts @@ -22,26 +22,29 @@ export interface ListAliasesCommandInput extends ListAliasesRequest {} export interface ListAliasesCommandOutput extends ListAliasesResponse, __MetadataBearer {} /** - *

                                                              Gets a list of aliases in the caller's Amazon Web Services account and region. For more information about - * aliases, see CreateAlias.

                                                              + *

                                                              Gets a list of aliases in the caller's Amazon Web Services account and region. For more information + * about aliases, see CreateAlias.

                                                              *

                                                              By default, the ListAliases operation returns all aliases in the account and - * region. To get only the aliases associated with a particular KMS key, use - * the KeyId parameter.

                                                              + * region. To get only the aliases associated with a particular KMS key, use the + * KeyId parameter.

                                                              *

                                                              The ListAliases response can include aliases that you created and associated - * with your customer managed keys, and aliases that Amazon Web Services created and associated with Amazon Web Services managed keys in your account. You can recognize Amazon Web Services aliases because their names have the format - * aws/, such as aws/dynamodb.

                                                              + * with your customer managed keys, and aliases that Amazon Web Services created and associated with Amazon Web Services + * managed keys in your account. You can recognize Amazon Web Services aliases because their names have the + * format aws/, such as aws/dynamodb.

                                                              *

                                                              The response might also include aliases that have no TargetKeyId field. These - * are predefined aliases that Amazon Web Services has created but has not yet associated with a KMS key. Aliases - * that Amazon Web Services creates in your account, including predefined aliases, do not count against your - * KMS aliases + * are predefined aliases that Amazon Web Services has created but has not yet associated with a KMS key. + * Aliases that Amazon Web Services creates in your account, including predefined aliases, do not count against + * your KMS aliases * quota.

                                                              *

                                                              * Cross-account use: No. ListAliases does not * return aliases in other Amazon Web Services accounts.

                                                              * + * *

                                                              * Required permissions: kms:ListAliases (IAM policy)

                                                              - *

                                                              For details, see Controlling access to aliases in the Key Management Service Developer Guide.

                                                              + *

                                                              For details, see Controlling access to aliases in the + * Key Management Service Developer Guide.

                                                              *

                                                              * Related operations: *

                                                              diff --git a/clients/client-kms/src/commands/ListGrantsCommand.ts b/clients/client-kms/src/commands/ListGrantsCommand.ts index cec381cc3ab8..0e1b07edbedf 100644 --- a/clients/client-kms/src/commands/ListGrantsCommand.ts +++ b/clients/client-kms/src/commands/ListGrantsCommand.ts @@ -23,8 +23,8 @@ export interface ListGrantsCommandOutput extends ListGrantsResponse, __MetadataB /** *

                                                              Gets a list of all grants for the specified KMS key.

                                                              - *

                                                              You must specify the KMS key in all requests. You can filter the grant list by grant ID - * or grantee principal.

                                                              + *

                                                              You must specify the KMS key in all requests. You can filter the grant list by grant ID or + * grantee principal.

                                                              *

                                                              For detailed information about grants, including grant terminology, see Using grants in the * * Key Management Service Developer Guide diff --git a/clients/client-kms/src/commands/ListKeyPoliciesCommand.ts b/clients/client-kms/src/commands/ListKeyPoliciesCommand.ts index fb528690ae28..88ef7483b8ca 100644 --- a/clients/client-kms/src/commands/ListKeyPoliciesCommand.ts +++ b/clients/client-kms/src/commands/ListKeyPoliciesCommand.ts @@ -22,9 +22,9 @@ export interface ListKeyPoliciesCommandInput extends ListKeyPoliciesRequest {} export interface ListKeyPoliciesCommandOutput extends ListKeyPoliciesResponse, __MetadataBearer {} /** - *

                                                              Gets the names of the key policies that are attached to a KMS key. This - * operation is designed to get policy names that you can use in a GetKeyPolicy - * operation. However, the only valid policy name is default.

                                                              + *

                                                              Gets the names of the key policies that are attached to a KMS key. This operation is + * designed to get policy names that you can use in a GetKeyPolicy operation. + * However, the only valid policy name is default.

                                                              *

                                                              * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                              * diff --git a/clients/client-kms/src/commands/ListKeysCommand.ts b/clients/client-kms/src/commands/ListKeysCommand.ts index 33a658c147e3..424d6531b78d 100644 --- a/clients/client-kms/src/commands/ListKeysCommand.ts +++ b/clients/client-kms/src/commands/ListKeysCommand.ts @@ -19,8 +19,7 @@ export interface ListKeysCommandInput extends ListKeysRequest {} export interface ListKeysCommandOutput extends ListKeysResponse, __MetadataBearer {} /** - *

                                                              Gets a list of all KMS keys in the caller's Amazon Web Services account and - * Region.

                                                              + *

                                                              Gets a list of all KMS keys in the caller's Amazon Web Services account and Region.

                                                              *

                                                              * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                              * diff --git a/clients/client-kms/src/commands/ListRetirableGrantsCommand.ts b/clients/client-kms/src/commands/ListRetirableGrantsCommand.ts index cfe7a250efc9..5ecaa5c4d909 100644 --- a/clients/client-kms/src/commands/ListRetirableGrantsCommand.ts +++ b/clients/client-kms/src/commands/ListRetirableGrantsCommand.ts @@ -22,11 +22,11 @@ export interface ListRetirableGrantsCommandInput extends ListRetirableGrantsRequ export interface ListRetirableGrantsCommandOutput extends ListGrantsResponse, __MetadataBearer {} /** - *

                                                              Returns information about all grants in the Amazon Web Services account and Region that have the specified - * retiring principal.

                                                              + *

                                                              Returns information about all grants in the Amazon Web Services account and Region that have the + * specified retiring principal.

                                                              *

                                                              You can specify any principal in your Amazon Web Services account. The grants that are returned include - * grants for KMS keys in your Amazon Web Services account and other Amazon Web Services accounts. You might use this operation to - * determine which grants you may retire. To retire a grant, use the RetireGrant operation.

                                                              + * grants for KMS keys in your Amazon Web Services account and other Amazon Web Services accounts. You might use this + * operation to determine which grants you may retire. To retire a grant, use the RetireGrant operation.

                                                              *

                                                              For detailed information about grants, including grant terminology, see Using grants in the * * Key Management Service Developer Guide @@ -35,11 +35,12 @@ export interface ListRetirableGrantsCommandOutput extends ListGrantsResponse, __ *

                                                              * Cross-account use: You must specify a principal in your * Amazon Web Services account. However, this operation can return grants in any Amazon Web Services account. You do not need - * kms:ListRetirableGrants permission (or any other additional permission) in any + * kms:ListRetirableGrants permission (or any other additional permission) in any * Amazon Web Services account other than your own.

                                                              * *

                                                              - * Required permissions: kms:ListRetirableGrants (IAM policy) in your Amazon Web Services account.

                                                              + * Required permissions: kms:ListRetirableGrants (IAM policy) in your + * Amazon Web Services account.

                                                              *

                                                              * Related operations: *

                                                              diff --git a/clients/client-kms/src/commands/ReEncryptCommand.ts b/clients/client-kms/src/commands/ReEncryptCommand.ts index 31656a30206d..7c70503e5d73 100644 --- a/clients/client-kms/src/commands/ReEncryptCommand.ts +++ b/clients/client-kms/src/commands/ReEncryptCommand.ts @@ -20,39 +20,45 @@ export interface ReEncryptCommandOutput extends ReEncryptResponse, __MetadataBea /** *

                                                              Decrypts ciphertext and then reencrypts it entirely within KMS. You can use this - * operation to change the KMS key under which data is encrypted, such as when - * you manually rotate a KMS key or change the KMS key that protects a ciphertext. You can also - * use it to reencrypt ciphertext under the same KMS key, such as to change the encryption + * operation to change the KMS key under which data is encrypted, such as when you manually + * rotate a KMS key or change the KMS key that protects a ciphertext. You can also use + * it to reencrypt ciphertext under the same KMS key, such as to change the encryption * context of a ciphertext.

                                                              *

                                                              The ReEncrypt operation can decrypt ciphertext that was encrypted by using an * KMS KMS key in an KMS operation, such as Encrypt or GenerateDataKey. It can also decrypt ciphertext that was encrypted by using the - * public key of an asymmetric KMS key outside of KMS. However, it cannot decrypt ciphertext - * produced by other libraries, such as the Amazon Web Services Encryption SDK or Amazon S3 client-side encryption. - * These libraries return a ciphertext format that is incompatible with KMS.

                                                              + * public key of an asymmetric KMS key + * outside of KMS. However, it cannot decrypt ciphertext produced by other libraries, such as + * the Amazon Web Services Encryption SDK or + * Amazon S3 + * client-side encryption. These libraries return a ciphertext format that is + * incompatible with KMS.

                                                              *

                                                              When you use the ReEncrypt operation, you need to provide information for the * decrypt operation and the subsequent encrypt operation.

                                                              *
                                                                *
                                                              • *

                                                                If your ciphertext was encrypted under an asymmetric KMS key, you must use the - * SourceKeyId parameter to identify the KMS key that encrypted the ciphertext. - * You must also supply the encryption algorithm that was used. This information is required - * to decrypt the data.

                                                                + * SourceKeyId parameter to identify the KMS key that encrypted the + * ciphertext. You must also supply the encryption algorithm that was used. This information + * is required to decrypt the data.

                                                                *
                                                                • *
                                                              • - *

                                                                If your ciphertext was encrypted under a symmetric KMS key, the SourceKeyId - * parameter is optional. KMS can get this information from metadata that it adds to the - * symmetric ciphertext blob. This feature adds durability to your implementation by ensuring - * that authorized users can decrypt ciphertext decades after it was encrypted, even if - * they've lost track of the key ID. However, specifying the source KMS key is always recommended - * as a best practice. When you use the SourceKeyId parameter to specify a KMS key, - * KMS uses only the KMS key you specify. If the ciphertext was encrypted under a different KMS key, the ReEncrypt operation fails. This practice ensures that you use the KMS key that you intend.

                                                                + *

                                                                If your ciphertext was encrypted under a symmetric KMS key, the + * SourceKeyId parameter is optional. KMS can get this information from + * metadata that it adds to the symmetric ciphertext blob. This feature adds durability to + * your implementation by ensuring that authorized users can decrypt ciphertext decades after + * it was encrypted, even if they've lost track of the key ID. However, specifying the source + * KMS key is always recommended as a best practice. When you use the + * SourceKeyId parameter to specify a KMS key, KMS uses only the KMS key you + * specify. If the ciphertext was encrypted under a different KMS key, the + * ReEncrypt operation fails. This practice ensures that you use the KMS key + * that you intend.

                                                                *
                                                                • *
                                                              • *

                                                                To reencrypt the data, you must use the DestinationKeyId parameter * specify the KMS key that re-encrypts the data after it is decrypted. You can select a - * symmetric or asymmetric KMS key. If the destination KMS key is an asymmetric KMS key, you must also - * provide the encryption algorithm. The algorithm that you choose must be compatible with - * the KMS key.

                                                                + * symmetric or asymmetric KMS key. If the destination KMS key is an asymmetric KMS key, you + * must also provide the encryption algorithm. The algorithm that you choose must be + * compatible with the KMS key.

                                                                * * *

                                                                When you use an asymmetric KMS key to encrypt or reencrypt data, be sure to record the KMS key and encryption algorithm that you choose. You will be required to provide the same KMS key and encryption algorithm when you decrypt the data. If the KMS key and algorithm do not match the values used to encrypt the data, the decrypt operation fails.

                                                                @@ -60,26 +66,26 @@ export interface ReEncryptCommandOutput extends ReEncryptResponse, __MetadataBea *                                                                 *
                                                                • *
                                                              - * - * - * *

                                                              The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                              *

                                                              - * Cross-account use: Yes. The source KMS key and destination KMS key can be in different Amazon Web Services accounts. Either or both KMS keys can be in a different account than - * the caller. To specify a KMS key in a different account, you must use its key ARN or alias - * ARN.

                                                              + * Cross-account use: Yes. + * The source KMS key and destination KMS key can be in different Amazon Web Services accounts. Either or both + * KMS keys can be in a different account than the caller. To specify a KMS key in a different + * account, you must use its key ARN or alias ARN.

                                                              * *

                                                              * Required permissions:

                                                              * *

                                                              To permit reencryption from or to a KMS key, include the "kms:ReEncrypt*" diff --git a/clients/client-kms/src/commands/ReplicateKeyCommand.ts b/clients/client-kms/src/commands/ReplicateKeyCommand.ts index fac2d9479cb4..9c8206631ac7 100644 --- a/clients/client-kms/src/commands/ReplicateKeyCommand.ts +++ b/clients/client-kms/src/commands/ReplicateKeyCommand.ts @@ -53,7 +53,7 @@ export interface ReplicateKeyCommandOutput extends ReplicateKeyResponse, __Metad * details about the Creating key state, see Key state: Effect on your KMS key in the * Key Management Service Developer Guide.

                                                              *

                                                              The CloudTrail log of a ReplicateKey operation records a - * ReplicateKey operation in the primary key's Region and a CreateKey operation in the replica key's Region.

                                                              + * ReplicateKey operation in the primary key's Region and a CreateKey operation in the replica key's Region.

                                                              *

                                                              If you replicate a multi-Region primary key with imported key material, the replica key is * created with no key material. You must import the same key material that you imported into the * primary key. For details, see Importing key material into multi-Region keys in the Key Management Service Developer Guide.

                                                              @@ -61,8 +61,8 @@ export interface ReplicateKeyCommandOutput extends ReplicateKeyResponse, __Metad * operation.

                                                              * *

                                                              - * ReplicateKey uses different default values for the KeyPolicy and - * Tags parameters than those used in the KMS console. For details, see the + * ReplicateKey uses different default values for the KeyPolicy + * and Tags parameters than those used in the KMS console. For details, see the * parameter descriptions.

                                                              *                                                               *

                                                              @@ -73,8 +73,8 @@ export interface ReplicateKeyCommandOutput extends ReplicateKeyResponse, __Metad *

                                                                *
                                                              • *

                                                                - * kms:ReplicateKey on the primary key (in the primary key's Region). Include this - * permission in the primary key's key policy.

                                                                + * kms:ReplicateKey on the primary key (in the primary key's Region). + * Include this permission in the primary key's key policy.

                                                                *
                                                                • *
                                                              • *

                                                                diff --git a/clients/client-kms/src/commands/RetireGrantCommand.ts b/clients/client-kms/src/commands/RetireGrantCommand.ts index 08df8c8229c1..da2c0ea7da91 100644 --- a/clients/client-kms/src/commands/RetireGrantCommand.ts +++ b/clients/client-kms/src/commands/RetireGrantCommand.ts @@ -24,12 +24,13 @@ export interface RetireGrantCommandOutput extends __MetadataBearer {} /** *

                                                                Deletes a grant. Typically, you retire a grant when you no longer need its permissions. To * identify the grant to retire, use a grant token, or both the grant ID and a - * key identifier (key ID or key ARN) of the KMS key. The CreateGrant operation returns both values.

                                                                + * key identifier (key ID or key ARN) of the KMS key. The CreateGrant operation + * returns both values.

                                                                *

                                                                This operation can be called by the retiring principal for a grant, * by the grantee principal if the grant allows the RetireGrant * operation, and by the Amazon Web Services account (root user) in which the grant is created. It can also be * called by principals to whom permission for retiring a grant is delegated. For details, see - * Retiring and + * Retiring and * revoking grants in the Key Management Service Developer Guide.

                                                                *

                                                                For detailed information about grants, including grant terminology, see Using grants in the * @@ -37,11 +38,12 @@ export interface RetireGrantCommandOutput extends __MetadataBearer {} * . For examples of working with grants in several * programming languages, see Programming grants.

                                                                *

                                                                - * Cross-account use: Yes. You can retire a grant on a KMS key - * in a different Amazon Web Services account.

                                                                + * Cross-account use: Yes. You can retire a grant on a KMS + * key in a different Amazon Web Services account.

                                                                *

                                                                * Required permissions::Permission to retire a grant is - * determined primarily by the grant. For details, see Retiring and revoking grants in the Key Management Service Developer Guide.

                                                                + * determined primarily by the grant. For details, see Retiring and revoking grants in + * the Key Management Service Developer Guide.

                                                                *

                                                                * Related operations: *

                                                                diff --git a/clients/client-kms/src/commands/RevokeGrantCommand.ts b/clients/client-kms/src/commands/RevokeGrantCommand.ts index c9054f979401..81ccbb4d373c 100644 --- a/clients/client-kms/src/commands/RevokeGrantCommand.ts +++ b/clients/client-kms/src/commands/RevokeGrantCommand.ts @@ -23,8 +23,7 @@ export interface RevokeGrantCommandOutput extends __MetadataBearer {} /** *

                                                                Deletes the specified grant. You revoke a grant to terminate the permissions that the - * grant allows. For more - * information, see Retiring and revoking grants in + * grant allows. For more information, see Retiring and revoking grants in * the * Key Management Service Developer Guide * .

                                                                diff --git a/clients/client-kms/src/commands/ScheduleKeyDeletionCommand.ts b/clients/client-kms/src/commands/ScheduleKeyDeletionCommand.ts index 27666c067e6b..72f8723092f4 100644 --- a/clients/client-kms/src/commands/ScheduleKeyDeletionCommand.ts +++ b/clients/client-kms/src/commands/ScheduleKeyDeletionCommand.ts @@ -22,22 +22,24 @@ export interface ScheduleKeyDeletionCommandInput extends ScheduleKeyDeletionRequ export interface ScheduleKeyDeletionCommandOutput extends ScheduleKeyDeletionResponse, __MetadataBearer {} /** - *

                                                                Schedules the deletion of a KMS key. By default, KMS applies a waiting - * period of 30 days, but you can specify a waiting period of 7-30 days. When this operation is - * successful, the key state of the KMS key changes to PendingDeletion and the key can't - * be used in any cryptographic operations. It remains in this state for the duration of the - * waiting period. Before the waiting period ends, you can use CancelKeyDeletion to cancel the deletion of the KMS key. After the waiting period ends, KMS deletes the KMS key, + *

                                                                Schedules the deletion of a KMS key. By default, KMS applies a waiting period of 30 + * days, but you can specify a waiting period of 7-30 days. When this operation is successful, + * the key state of the KMS key changes to PendingDeletion and the key can't be used + * in any cryptographic operations. It remains in this state for the duration of the waiting + * period. Before the waiting period ends, you can use CancelKeyDeletion to + * cancel the deletion of the KMS key. After the waiting period ends, KMS deletes the KMS key, * its key material, and all KMS data associated with it, including all aliases that refer to * it.

                                                                * - *

                                                                Deleting a KMS key is a destructive and potentially dangerous operation. When a KMS key is - * deleted, all data that was encrypted under the KMS key is unrecoverable. (The only exception is - * a multi-Region replica key.) To prevent the use of a KMS key without deleting it, use DisableKey.

                                                                + *

                                                                Deleting a KMS key is a destructive and potentially dangerous operation. When a KMS key + * is deleted, all data that was encrypted under the KMS key is unrecoverable. (The only + * exception is a multi-Region replica key.) To prevent the use of a KMS key without deleting + * it, use DisableKey.

                                                                *                                                                 *

                                                                If you schedule deletion of a KMS key from a custom key store, when the waiting period - * expires, ScheduleKeyDeletion deletes the KMS key from KMS. Then KMS makes a best - * effort to delete the key material from the associated CloudHSM cluster. However, you might need - * to manually delete the orphaned key + * expires, ScheduleKeyDeletion deletes the KMS key from KMS. Then KMS makes a + * best effort to delete the key material from the associated CloudHSM cluster. However, you might + * need to manually delete the orphaned key * material from the cluster and its backups.

                                                                *

                                                                You can schedule the deletion of a multi-Region primary key and its replica keys at any * time. However, KMS will not delete a multi-Region primary key with existing replica keys. If @@ -46,18 +48,20 @@ export interface ScheduleKeyDeletionCommandOutput extends ScheduleKeyDeletionRes * operations. This status can continue indefinitely. When the last of its replicas keys is * deleted (not just scheduled), the key state of the primary key changes to * PendingDeletion and its waiting period (PendingWindowInDays) - * begins. For details, see Deleting multi-Region keys in the Key Management Service Developer Guide.

                                                                + * begins. For details, see Deleting multi-Region keys in the + * Key Management Service Developer Guide.

                                                                *

                                                                For more information about scheduling a KMS key for deletion, see Deleting KMS keys in the * Key Management Service Developer Guide.

                                                                *

                                                                The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                - * *

                                                                - * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                + * Cross-account + * use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                * * *

                                                                - * Required permissions: kms:ScheduleKeyDeletion (key policy)

                                                                + * Required permissions: kms:ScheduleKeyDeletion (key + * policy)

                                                                *

                                                                * Related operations *

                                                                diff --git a/clients/client-kms/src/commands/SignCommand.ts b/clients/client-kms/src/commands/SignCommand.ts index 3a7d9d97c14c..3e7c706b2a2d 100644 --- a/clients/client-kms/src/commands/SignCommand.ts +++ b/clients/client-kms/src/commands/SignCommand.ts @@ -20,20 +20,21 @@ export interface SignCommandOutput extends SignResponse, __MetadataBearer {} /** *

                                                                Creates a digital - * signature for a message or message digest by using the private key in an asymmetric KMS key. To verify the signature, use the Verify operation, or use the public - * key in the same asymmetric KMS key outside of KMS. For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                                + * signature for a message or message digest by using the private key in an asymmetric + * KMS key. To verify the signature, use the Verify operation, or use the + * public key in the same asymmetric KMS key outside of KMS. For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                                *

                                                                Digital signatures are generated and verified by using asymmetric key pair, such as an RSA - * or ECC pair that is represented by an asymmetric KMS key. The key owner (or - * an authorized user) uses their private key to sign a message. Anyone with the public key can - * verify that the message was signed with that particular private key and that the message - * hasn't changed since it was signed.

                                                                + * or ECC pair that is represented by an asymmetric KMS key. The key owner (or an authorized + * user) uses their private key to sign a message. Anyone with the public key can verify that the + * message was signed with that particular private key and that the message hasn't changed since + * it was signed.

                                                                *

                                                                To use the Sign operation, provide the following information:

                                                                *
                                                                  *
                                                                • *

                                                                  Use the KeyId parameter to identify an asymmetric KMS key with a * KeyUsage value of SIGN_VERIFY. To get the - * KeyUsage value of a KMS key, use the DescribeKey operation. - * The caller must have kms:Sign permission on the KMS key.

                                                                  + * KeyUsage value of a KMS key, use the DescribeKey + * operation. The caller must have kms:Sign permission on the KMS key.

                                                                  *
                                                                  • *
                                                                • *

                                                                  Use the Message parameter to specify the message or message digest to @@ -55,7 +56,7 @@ export interface SignCommandOutput extends SignResponse, __MetadataBearer {} * then use the public key to verify the signature outside of KMS.

                                                                  *

                                                                  The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                  - *

                                                                  + *

                                                                  * Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify * the key ARN or alias ARN in the value of the KeyId parameter.

                                                                  * diff --git a/clients/client-kms/src/commands/TagResourceCommand.ts b/clients/client-kms/src/commands/TagResourceCommand.ts index 6727ac65f3f4..f879dee3c57c 100644 --- a/clients/client-kms/src/commands/TagResourceCommand.ts +++ b/clients/client-kms/src/commands/TagResourceCommand.ts @@ -30,16 +30,18 @@ export interface TagResourceCommandOutput extends __MetadataBearer {} * The tag value can be an empty (null) string. To add a tag, specify a new tag key and a tag * value. To edit a tag, specify an existing tag key and a new tag value.

                                                                  *

                                                                  You can use this operation to tag a customer managed key, but you cannot - * tag an Amazon Web Services managed key, an Amazon Web Services owned key, a custom key store, or - * an alias.

                                                                  - *

                                                                  You can also add tags to a KMS key while creating it (CreateKey) or replicating it (ReplicateKey).

                                                                  + * tag an Amazon Web Services + * managed key, an Amazon Web Services owned key, a custom key + * store, or an alias.

                                                                  + *

                                                                  You can also add tags to a KMS key while creating it (CreateKey) or + * replicating it (ReplicateKey).

                                                                  *

                                                                  For information about using tags in KMS, see Tagging keys. For general information about * tags, including the format and syntax, see Tagging Amazon Web Services resources in the Amazon * Web Services General Reference.

                                                                  *

                                                                  The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                  *

                                                                  - * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                  + * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                  * *

                                                                  * Required permissions: kms:TagResource (key policy)

                                                                  diff --git a/clients/client-kms/src/commands/UntagResourceCommand.ts b/clients/client-kms/src/commands/UntagResourceCommand.ts index d409da96ca60..031ae4fffd9b 100644 --- a/clients/client-kms/src/commands/UntagResourceCommand.ts +++ b/clients/client-kms/src/commands/UntagResourceCommand.ts @@ -28,8 +28,8 @@ export interface UntagResourceCommandOutput extends __MetadataBearer {} *

                                                                  Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                                  * *

                                                                  When it succeeds, the UntagResource operation doesn't return any output. - * Also, if the specified tag key isn't found on the KMS key, it doesn't throw an exception or return - * a response. To confirm that the operation worked, use the ListResourceTags operation.

                                                                  + * Also, if the specified tag key isn't found on the KMS key, it doesn't throw an exception or + * return a response. To confirm that the operation worked, use the ListResourceTags operation.

                                                                  * *

                                                                  For information about using tags in KMS, see Tagging keys. For general information about * tags, including the format and syntax, see Tagging Amazon Web Services resources in the Amazon @@ -37,7 +37,7 @@ export interface UntagResourceCommandOutput extends __MetadataBearer {} *

                                                                  The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                  *

                                                                  - * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                  + * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                  * *

                                                                  * Required permissions: kms:UntagResource (key policy)

                                                                  diff --git a/clients/client-kms/src/commands/UpdateAliasCommand.ts b/clients/client-kms/src/commands/UpdateAliasCommand.ts index 0dc28922bd3e..d2d49adeb234 100644 --- a/clients/client-kms/src/commands/UpdateAliasCommand.ts +++ b/clients/client-kms/src/commands/UpdateAliasCommand.ts @@ -22,9 +22,9 @@ export interface UpdateAliasCommandInput extends UpdateAliasRequest {} export interface UpdateAliasCommandOutput extends __MetadataBearer {} /** - *

                                                                  Associates an existing KMS alias with a different KMS key. Each alias - * is associated with only one KMS key at a time, although a KMS key can have multiple aliases. The alias - * and the KMS key must be in the same Amazon Web Services account and Region.

                                                                  + *

                                                                  Associates an existing KMS alias with a different KMS key. Each alias is associated with + * only one KMS key at a time, although a KMS key can have multiple aliases. The alias and the + * KMS key must be in the same Amazon Web Services account and Region.

                                                                  * *

                                                                  Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                                  *                                                                   @@ -36,12 +36,12 @@ export interface UpdateAliasCommandOutput extends __MetadataBearer {} * use DeleteAlias to delete the old alias and CreateAlias to * create a new alias.

                                                                  *

                                                                  Because an alias is not a property of a KMS key, you can create, update, and delete the - * aliases of a KMS key without affecting the KMS key. Also, aliases do not appear in the response from - * the DescribeKey operation. To get the aliases of all KMS keys in the account, - * use the ListAliases operation.

                                                                  + * aliases of a KMS key without affecting the KMS key. Also, aliases do not appear in the + * response from the DescribeKey operation. To get the aliases of all KMS keys + * in the account, use the ListAliases operation.

                                                                  *

                                                                  The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                  - *

                                                                  + *

                                                                  * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                  *

                                                                  * Required permissions @@ -49,18 +49,22 @@ export interface UpdateAliasCommandOutput extends __MetadataBearer {} *

                                                                  - *

                                                                  For details, see Controlling access to aliases in the Key Management Service Developer Guide.

                                                                  + *

                                                                  For details, see Controlling access to aliases in the + * Key Management Service Developer Guide.

                                                                  *

                                                                  * Related operations: *

                                                                  diff --git a/clients/client-kms/src/commands/UpdateCustomKeyStoreCommand.ts b/clients/client-kms/src/commands/UpdateCustomKeyStoreCommand.ts index abf7fb14cd31..0b7c6321ac87 100644 --- a/clients/client-kms/src/commands/UpdateCustomKeyStoreCommand.ts +++ b/clients/client-kms/src/commands/UpdateCustomKeyStoreCommand.ts @@ -30,29 +30,29 @@ export interface UpdateCustomKeyStoreCommandOutput extends UpdateCustomKeyStoreR * the update completes, use ConnectCustomKeyStore. To find the connection * state of a custom key store, use the DescribeCustomKeyStores * operation.

                                                                  - *

                                                                  Use the parameters of UpdateCustomKeyStore to edit your keystore - * settings.

                                                                  + *

                                                                  The CustomKeyStoreId parameter is required in all commands. Use the other + * parameters of UpdateCustomKeyStore to edit your key store settings.

                                                                  *
                                                                    *
                                                                  • - *

                                                                    Use the NewCustomKeyStoreName parameter to change the - * friendly name of the custom key store to the value that you specify.

                                                                    + *

                                                                    Use the NewCustomKeyStoreName parameter to change the friendly name of + * the custom key store to the value that you specify.

                                                                    *

                                                                    *
                                                                    • *
                                                                  • - *

                                                                    Use the KeyStorePassword parameter tell KMS the - * current password of the - * kmsuser crypto - * user (CU) in the associated CloudHSM cluster. You can use this parameter to fix - * connection failures that occur when KMS cannot log into the associated cluster - * because the kmsuser password has changed. This value does not change the - * password in the CloudHSM cluster.

                                                                    + *

                                                                    Use the KeyStorePassword parameter tell KMS the current password of the + * + * kmsuser crypto user (CU) in the associated CloudHSM cluster. You + * can use this parameter to fix connection + * failures that occur when KMS cannot log into the associated cluster because + * the kmsuser password has changed. This value does not change the password in + * the CloudHSM cluster.

                                                                    *

                                                                    *
                                                                    • *
                                                                  • - *

                                                                    Use the CloudHsmClusterId parameter to associate the - * custom key store with a different, but related, CloudHSM cluster. You can use this parameter - * to repair a custom key store if its CloudHSM cluster becomes corrupted or is deleted, or when - * you need to create or restore a cluster from a backup.

                                                                    + *

                                                                    Use the CloudHsmClusterId parameter to associate the custom key store + * with a different, but related, CloudHSM cluster. You can use this parameter to repair a + * custom key store if its CloudHSM cluster becomes corrupted or is deleted, or when you need to + * create or restore a cluster from a backup.

                                                                    *
                                                                    • *
                                                                  *

                                                                  If the operation succeeds, it returns a JSON object with no @@ -60,9 +60,9 @@ export interface UpdateCustomKeyStoreCommandOutput extends UpdateCustomKeyStoreR *

                                                                  This operation is part of the Custom Key Store feature feature in KMS, which * combines the convenience and extensive integration of KMS with the isolation and control of a * single-tenant key store.

                                                                  - * *

                                                                  - * Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.

                                                                  + * Cross-account + * use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.

                                                                  *

                                                                  * Required permissions: kms:UpdateCustomKeyStore (IAM policy)

                                                                  *

                                                                  diff --git a/clients/client-kms/src/commands/UpdateKeyDescriptionCommand.ts b/clients/client-kms/src/commands/UpdateKeyDescriptionCommand.ts index dd1f873c6717..432565426fcc 100644 --- a/clients/client-kms/src/commands/UpdateKeyDescriptionCommand.ts +++ b/clients/client-kms/src/commands/UpdateKeyDescriptionCommand.ts @@ -22,12 +22,12 @@ export interface UpdateKeyDescriptionCommandInput extends UpdateKeyDescriptionRe export interface UpdateKeyDescriptionCommandOutput extends __MetadataBearer {} /** - *

                                                                  Updates the description of a KMS key. To see the description of a KMS key, - * use DescribeKey.

                                                                  + *

                                                                  Updates the description of a KMS key. To see the description of a KMS key, use DescribeKey.

                                                                  *

                                                                  The KMS key that you use for this operation must be in a compatible key state. For * details, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                  *

                                                                  - * Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                  + * Cross-account + * use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                  * *

                                                                  * Required permissions: kms:UpdateKeyDescription (key policy)

                                                                  diff --git a/clients/client-kms/src/commands/UpdatePrimaryRegionCommand.ts b/clients/client-kms/src/commands/UpdatePrimaryRegionCommand.ts index 6056d274a502..98ec26b02a1b 100644 --- a/clients/client-kms/src/commands/UpdatePrimaryRegionCommand.ts +++ b/clients/client-kms/src/commands/UpdatePrimaryRegionCommand.ts @@ -37,7 +37,7 @@ export interface UpdatePrimaryRegionCommandOutput extends __MetadataBearer {} * that are always shared by primary and replica keys, including the key material, key ID, key spec, key usage, key material * origin, and automatic * key rotation. It's the only key that can be replicated. You cannot delete the primary - * key until all replica keys are deleted.

                                                                  + * key until all replica keys are deleted.

                                                                  *

                                                                  The key ID and primary Region that you specify uniquely identify the replica key that will * become the primary key. The primary Region must already have a replica key. This operation * does not create a KMS key in the specified Region. To find the replica keys, use the DescribeKey operation on the primary key or any replica key. To create a replica diff --git a/clients/client-kms/src/commands/VerifyCommand.ts b/clients/client-kms/src/commands/VerifyCommand.ts index 9a551190152d..8458dd4bfda4 100644 --- a/clients/client-kms/src/commands/VerifyCommand.ts +++ b/clients/client-kms/src/commands/VerifyCommand.ts @@ -21,9 +21,9 @@ export interface VerifyCommandOutput extends VerifyResponse, __MetadataBearer {} /** *

                                                                  Verifies a digital signature that was generated by the Sign operation.

                                                                  *

                                                                  - *

                                                                  Verification confirms that an authorized user signed the message with the specified KMS key - * and signing algorithm, and the message hasn't changed since it was signed. If the signature is - * verified, the value of the SignatureValid field in the response is + *

                                                                  Verification confirms that an authorized user signed the message with the specified KMS + * key and signing algorithm, and the message hasn't changed since it was signed. If the + * signature is verified, the value of the SignatureValid field in the response is * True. If the signature verification fails, the Verify operation * fails with an KMSInvalidSignatureException exception.

                                                                  *

                                                                  A digital signature is generated by using the private key in an asymmetric KMS key. The @@ -32,8 +32,8 @@ export interface VerifyCommandOutput extends VerifyResponse, __MetadataBearer {} *

                                                                  To verify a digital signature, you can use the Verify operation. Specify the * same asymmetric KMS key, message, and signing algorithm that were used to produce the * signature.

                                                                  - *

                                                                  You can also verify the digital signature by using the public key of the KMS key outside of - * KMS. Use the GetPublicKey operation to download the public key in the + *

                                                                  You can also verify the digital signature by using the public key of the KMS key outside + * of KMS. Use the GetPublicKey operation to download the public key in the * asymmetric KMS key and then use the public key to verify the signature outside of KMS. The * advantage of using the Verify operation is that it is performed within KMS. As * a result, it's easy to call, the operation is performed within the FIPS boundary, it is logged diff --git a/clients/client-kms/src/models/models_0.ts b/clients/client-kms/src/models/models_0.ts index a8b12c139927..2874e6fdeb4f 100644 --- a/clients/client-kms/src/models/models_0.ts +++ b/clients/client-kms/src/models/models_0.ts @@ -27,12 +27,14 @@ export interface AliasListEntry { TargetKeyId?: string; /** - *

                                                                  Date and time that the alias was most recently created in the account and Region. Formatted as Unix time.

                                                                  + *

                                                                  Date and time that the alias was most recently created in the account and Region. + * Formatted as Unix time.

                                                                  */ CreationDate?: Date; /** - *

                                                                  Date and time that the alias was most recently associated with a KMS key in the account and Region. Formatted as Unix time.

                                                                  + *

                                                                  Date and time that the alias was most recently associated with a KMS key in the account + * and Region. Formatted as Unix time.

                                                                  */ LastUpdatedDate?: Date; } @@ -68,6 +70,7 @@ export namespace AlreadyExistsException { export interface CancelKeyDeletionRequest { /** *

                                                                  Identifies the KMS key whose deletion is being canceled.

                                                                  + * *

                                                                  Specify the key ID or key ARN of the KMS key.

                                                                  *

                                                                  For example:

                                                                  *
                                                                    @@ -170,7 +173,8 @@ export namespace KMSInternalException { /** *

                                                                    The request was rejected because the state of the specified resource is not valid for this * request.

                                                                    - *

                                                                    For more information about how key state affects the use of a KMS key, see Key state: Effect on your KMS key in the + *

                                                                    For more information about how key state affects the use of a KMS key, see Key state: Effect on your KMS + * key in the * Key Management Service Developer Guide * .

                                                                    */ @@ -453,22 +457,23 @@ export interface CreateAliasRequest { /** *

                                                                    Specifies the alias name. This value must begin with alias/ followed by a * name, such as alias/ExampleAlias.

                                                                    - *

                                                                    The AliasName value must be string of 1-256 characters. It can contain only alphanumeric characters, - * forward slashes (/), underscores (_), and dashes (-). The alias name cannot begin with alias/aws/. The alias/aws/ prefix is reserved - * for Amazon Web Services managed keys.

                                                                    + *

                                                                    The AliasName value must be string of 1-256 characters. It can contain only + * alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). The alias name + * cannot begin with alias/aws/. The alias/aws/ prefix is reserved for + * Amazon Web Services managed + * keys.

                                                                    */ AliasName: string | undefined; /** - *

                                                                    Associates the alias with the specified customer managed key. The KMS key must be - * in the same Amazon Web Services Region.

                                                                    + *

                                                                    Associates the alias with the specified customer managed key. The KMS key must + * be in the same Amazon Web Services Region.

                                                                    *

                                                                    A valid key ID is required. If you supply a null or empty string value, this operation * returns an error.

                                                                    *

                                                                    For help finding the key ID and ARN, see Finding the Key ID and * ARN in the * Key Management Service Developer Guide * .

                                                                    - * *

                                                                    Specify the key ID or key ARN of the KMS key.

                                                                    *

                                                                    For example:

                                                                    *                                                                     - *

                                                                    If you do not provide a key policy, KMS attaches a default key policy to the KMS key. For - * more information, see Default Key Policy in the + *

                                                                    If you do not provide a key policy, KMS attaches a default key policy to the KMS key. + * For more information, see Default Key Policy in the * Key Management Service Developer Guide.

                                                                    *

                                                                    The key policy size quota is 32 kilobytes (32768 bytes).

                                                                    *

                                                                    For help writing and formatting a JSON policy document, see the IAM JSON Policy Reference in the @@ -952,27 +965,29 @@ export interface CreateKeyRequest { /** *

                                                                    A description of the KMS key.

                                                                    - *

                                                                    Use a description that helps you decide whether the KMS key is - * appropriate for a task. The default value is an empty string (no description).

                                                                    + *

                                                                    Use a description that helps you decide whether the KMS key is appropriate for a task. The + * default value is an empty string (no description).

                                                                    *

                                                                    To set or change the description after the key is created, use UpdateKeyDescription.

                                                                    */ Description?: string; /** *

                                                                    Determines the cryptographic operations for which you can use the KMS key. The default value is - * ENCRYPT_DECRYPT. This parameter is required only for asymmetric KMS keys. You can't - * change the KeyUsage value after the KMS key is created.

                                                                    + * ENCRYPT_DECRYPT. This parameter is required only for asymmetric KMS keys. You + * can't change the KeyUsage value after the KMS key is created.

                                                                    *

                                                                    Select only one valid value.

                                                                    *
                                                                      *
                                                                    • - *

                                                                      For symmetric KMS keys, omit the parameter or specify ENCRYPT_DECRYPT.

                                                                      + *

                                                                      For symmetric KMS keys, omit the parameter or specify + * ENCRYPT_DECRYPT.

                                                                      *
                                                                      • *
                                                                    • *

                                                                      For asymmetric KMS keys with RSA key material, specify ENCRYPT_DECRYPT or * SIGN_VERIFY.

                                                                      *
                                                                      • *
                                                                    • - *

                                                                      For asymmetric KMS keys with ECC key material, specify SIGN_VERIFY.

                                                                      + *

                                                                      For asymmetric KMS keys with ECC key material, specify + * SIGN_VERIFY.

                                                                      *
                                                                      • *
                                                                    */ @@ -982,14 +997,16 @@ export interface CreateKeyRequest { * @deprecated * *

                                                                    Instead, use the KeySpec parameter.

                                                                    - *

                                                                    The KeySpec and CustomerMasterKeySpec parameters work the same way. Only the names differ. We recommend that you use KeySpec parameter in your code. However, to avoid breaking changes, KMS will support both parameters.

                                                                    + *

                                                                    The KeySpec and CustomerMasterKeySpec parameters work the same + * way. Only the names differ. We recommend that you use KeySpec parameter in your + * code. However, to avoid breaking changes, KMS will support both parameters.

                                                                    */ CustomerMasterKeySpec?: CustomerMasterKeySpec | string; /** - *

                                                                    Specifies the type of KMS key to create. The default value, SYMMETRIC_DEFAULT, - * creates a KMS key with a 256-bit symmetric key for encryption and decryption. For help choosing a - * key spec for your KMS key, see How to Choose Your KMS key + *

                                                                    Specifies the type of KMS key to create. The default value, + * SYMMETRIC_DEFAULT, creates a KMS key with a 256-bit symmetric key for encryption + * and decryption. For help choosing a key spec for your KMS key, see How to Choose Your KMS key * Configuration in the * Key Management Service Developer Guide * .

                                                                    @@ -1003,10 +1020,10 @@ export interface CreateKeyRequest { * *

                                                                    * Amazon Web Services services that - * are integrated with KMS use symmetric KMS keys to protect your data. These - * services do not support asymmetric KMS keys. For help determining whether a KMS key is symmetric or - * asymmetric, see Identifying Symmetric and Asymmetric KMS keys in the Key Management Service Developer - * Guide.

                                                                    + * are integrated with KMS use symmetric KMS keys to protect your data. These + * services do not support asymmetric KMS keys. For help determining whether a KMS key is + * symmetric or asymmetric, see Identifying Symmetric and Asymmetric + * KMS keys in the Key Management Service Developer Guide.

                                                                    *                                                                     *

                                                                    KMS supports the following key specs for KMS keys:

                                                                    *
                                                                      @@ -1071,28 +1088,29 @@ export interface CreateKeyRequest { KeySpec?: KeySpec | string; /** - *

                                                                      The source of the key material for the KMS key. You cannot change the origin after you create - * the KMS key. The default is AWS_KMS, which means that KMS creates the key - * material.

                                                                      + *

                                                                      The source of the key material for the KMS key. You cannot change the origin after you + * create the KMS key. The default is AWS_KMS, which means that KMS creates the + * key material.

                                                                      *

                                                                      To create a KMS key with no key material (for imported key material), set the value to * EXTERNAL. For more information about importing key material into KMS, see * Importing Key - * Material in the Key Management Service Developer Guide. This value is valid only for symmetric KMS keys.

                                                                      - *

                                                                      To create a KMS key in an KMS custom key store and create its key material in the associated - * CloudHSM cluster, set this value to AWS_CLOUDHSM. You must also use the + * Material in the Key Management Service Developer Guide. This value is valid only for symmetric KMS + * keys.

                                                                      + *

                                                                      To create a KMS key in an KMS custom key store and create its key material in the + * associated CloudHSM cluster, set this value to AWS_CLOUDHSM. You must also use the * CustomKeyStoreId parameter to identify the custom key store. This value is * valid only for symmetric KMS keys.

                                                                      */ Origin?: OriginType | string; /** - *

                                                                      Creates the KMS key in the specified custom key store and the key material in its associated - * CloudHSM cluster. To create a KMS key in a custom key store, you must also specify the + *

                                                                      Creates the KMS key in the specified custom key store and the key material in its + * associated CloudHSM cluster. To create a KMS key in a custom key store, you must also specify the * Origin parameter with a value of AWS_CLOUDHSM. The CloudHSM cluster * that is associated with the custom key store must have at least two active HSMs, each in a * different Availability Zone in the Region.

                                                                      - *

                                                                      This parameter is valid only for symmetric KMS keys and regional KMS keys. You cannot create an - * asymmetric KMS key or a multi-Region key in a custom key store.

                                                                      + *

                                                                      This parameter is valid only for symmetric KMS keys and regional KMS keys. You cannot + * create an asymmetric KMS key or a multi-Region key in a custom key store.

                                                                      *

                                                                      To find the ID of a custom key store, use the DescribeCustomKeyStores operation.

                                                                      *

                                                                      The response includes the custom key store ID and the ID of the CloudHSM cluster.

                                                                      *

                                                                      This operation is part of the Custom Key Store feature feature in KMS, which @@ -1104,8 +1122,8 @@ export interface CreateKeyRequest { /** *

                                                                      A flag to indicate whether to bypass the key policy lockout safety check.

                                                                      * - *

                                                                      Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not - * set this value to true indiscriminately.

                                                                      + *

                                                                      Setting this value to true increases the risk that the KMS key becomes unmanageable. Do + * not set this value to true indiscriminately.

                                                                      *

                                                                      For more information, refer to the scenario in the Default Key Policy section in the * Key Management Service Developer Guide * .

                                                                      @@ -1117,16 +1135,16 @@ export interface CreateKeyRequest { BypassPolicyLockoutSafetyCheck?: boolean; /** - *

                                                                      Assigns one or more tags to the KMS key. Use this parameter to tag the KMS key when it is created. - * To tag an existing KMS key, use the TagResource operation.

                                                                      + *

                                                                      Assigns one or more tags to the KMS key. Use this parameter to tag the KMS key when it is + * created. To tag an existing KMS key, use the TagResource operation.

                                                                      * *

                                                                      Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                                      *                                                                       *

                                                                      To use this parameter, you must have kms:TagResource permission in an IAM policy.

                                                                      *

                                                                      Each tag consists of a tag key and a tag value. Both the tag key and the tag value are * required, but the tag value can be an empty (null) string. You cannot have more than one tag - * on a KMS key with the same tag key. If you specify an existing tag key with a different tag value, - * KMS replaces the current tag value with the specified one.

                                                                      + * on a KMS key with the same tag key. If you specify an existing tag key with a different tag + * value, KMS replaces the current tag value with the specified one.

                                                                      *

                                                                      When you add tags to an Amazon Web Services resource, Amazon Web Services generates a cost allocation * report with usage and costs aggregated by tags. Tags can also be used to control access to a KMS key. For details, * see Tagging Keys.

                                                                      @@ -1136,9 +1154,9 @@ export interface CreateKeyRequest { /** *

                                                                      Creates a multi-Region primary key that you can replicate into other Amazon Web Services Regions. You * cannot change this value after you create the KMS key.

                                                                      - *

                                                                      For a multi-Region key, set this parameter to True. For a single-Region KMS key, - * omit this parameter or set it to False. The default value is - * False.

                                                                      + *

                                                                      For a multi-Region key, set this parameter to True. For a single-Region KMS + * key, omit this parameter or set it to False. The default value is + * False.

                                                                      *

                                                                      This operation supports multi-Region keys, an KMS feature that lets you create multiple * interoperable KMS keys in different Amazon Web Services Regions. Because these KMS keys have the same key ID, key * material, and other metadata, you can use them interchangeably to encrypt data in one Amazon Web Services Region and decrypt @@ -1218,26 +1236,27 @@ export namespace MultiRegionKey { } /** - *

                                                                      Describes the configuration of this multi-Region key. This field appears only when the KMS key - * is a primary or replica of a multi-Region key.

                                                                      + *

                                                                      Describes the configuration of this multi-Region key. This field appears only when the KMS + * key is a primary or replica of a multi-Region key.

                                                                      *

                                                                      For more information about any listed KMS key, use the DescribeKey * operation.

                                                                      */ export interface MultiRegionConfiguration { /** - *

                                                                      Indicates whether the KMS key is a PRIMARY or REPLICA key.

                                                                      + *

                                                                      Indicates whether the KMS key is a PRIMARY or REPLICA + * key.

                                                                      */ MultiRegionKeyType?: MultiRegionKeyType | string; /** - *

                                                                      Displays the key ARN and Region of the primary key. This field includes the current KMS key if - * it is the primary key.

                                                                      + *

                                                                      Displays the key ARN and Region of the primary key. This field includes the current KMS + * key if it is the primary key.

                                                                      */ PrimaryKey?: MultiRegionKey; /** - *

                                                                      displays the key ARNs and Regions of all replica keys. This field includes the current KMS key - * if it is a replica key.

                                                                      + *

                                                                      displays the key ARNs and Regions of all replica keys. This field includes the current KMS + * key if it is a replica key.

                                                                      */ ReplicaKeys?: MultiRegionKey[]; } @@ -1279,8 +1298,7 @@ export interface KeyMetadata { KeyId: string | undefined; /** - *

                                                                      The Amazon Resource Name (ARN) of the KMS key. For examples, see Key Management Service - * (KMS) in the Example ARNs section of the Amazon Web Services General + *

                                                                      The Amazon Resource Name (ARN) of the KMS key. For examples, see Key Management Service (KMS) in the Example ARNs section of the Amazon Web Services General * Reference.

                                                                      */ Arn?: string; @@ -1291,8 +1309,8 @@ export interface KeyMetadata { CreationDate?: Date; /** - *

                                                                      Specifies whether the KMS key is enabled. When KeyState is Enabled - * this value is true, otherwise it is false.

                                                                      + *

                                                                      Specifies whether the KMS key is enabled. When KeyState is + * Enabled this value is true, otherwise it is false.

                                                                      */ Enabled?: boolean; @@ -1308,13 +1326,14 @@ export interface KeyMetadata { /** *

                                                                      The current status of the KMS key.

                                                                      - *

                                                                      For more information about how key state affects the use of a KMS key, see Key state: Effect on your KMS key - * in the Key Management Service Developer Guide.

                                                                      + *

                                                                      For more information about how key state affects the use of a KMS key, see Key state: Effect on your KMS + * key in the Key Management Service Developer Guide.

                                                                      */ KeyState?: KeyState | string; /** - *

                                                                      The date and time after which KMS deletes this KMS key. This value is present only when the KMS key is scheduled for deletion, that is, when its KeyState is + *

                                                                      The date and time after which KMS deletes this KMS key. This value is present only when + * the KMS key is scheduled for deletion, that is, when its KeyState is * PendingDeletion.

                                                                      *

                                                                      When the primary key in a multi-Region key is scheduled for deletion but still has replica * keys, its key state is PendingReplicaDeletion and the length of its waiting @@ -1324,32 +1343,32 @@ export interface KeyMetadata { /** *

                                                                      The time at which the imported key material expires. When the key material expires, KMS - * deletes the key material and the KMS key becomes unusable. This value is present only for KMS keys - * whose Origin is EXTERNAL and whose ExpirationModel is - * KEY_MATERIAL_EXPIRES, otherwise this value is omitted.

                                                                      + * deletes the key material and the KMS key becomes unusable. This value is present only for KMS + * keys whose Origin is EXTERNAL and whose ExpirationModel + * is KEY_MATERIAL_EXPIRES, otherwise this value is omitted.

                                                                      */ ValidTo?: Date; /** - *

                                                                      The source of the key material for the KMS key. When this value is AWS_KMS, KMS - * created the key material. When this value is EXTERNAL, the key material was - * imported or the KMS key doesn't have any key material. When - * this value is AWS_CLOUDHSM, the key material was created in the CloudHSM cluster - * associated with a custom key store.

                                                                      + *

                                                                      The source of the key material for the KMS key. When this value is AWS_KMS, + * KMS created the key material. When this value is EXTERNAL, the key material was + * imported or the KMS key doesn't have any key material. When this value is + * AWS_CLOUDHSM, the key material was created in the CloudHSM cluster associated with + * a custom key store.

                                                                      */ Origin?: OriginType | string; /** - *

                                                                      A unique identifier for the custom key store that contains the KMS key. This value is present - * only when the KMS key is created in a custom key store.

                                                                      + *

                                                                      A unique identifier for the custom key store that contains the KMS key. This value is + * present only when the KMS key is created in a custom key store.

                                                                      */ CustomKeyStoreId?: string; /** - *

                                                                      The cluster ID of the CloudHSM cluster that contains the key material for the KMS key. When you - * create a KMS key in a custom key store, KMS creates the key material for the KMS key in the - * associated CloudHSM cluster. This value is present only when the KMS key is created in a custom key - * store.

                                                                      + *

                                                                      The cluster ID of the CloudHSM cluster that contains the key material for the KMS key. When + * you create a KMS key in a custom key store, KMS creates the key material for the KMS key in + * the associated CloudHSM cluster. This value is present only when the KMS key is created in a + * custom key store.

                                                                      */ CloudHsmClusterId?: string; @@ -1360,8 +1379,8 @@ export interface KeyMetadata { ExpirationModel?: ExpirationModelType | string; /** - *

                                                                      The manager of the KMS key. KMS keys in your Amazon Web Services account are either customer managed or Amazon Web Services managed. For more information about the difference, see KMS keys in the - * Key Management Service Developer Guide.

                                                                      + *

                                                                      The manager of the KMS key. KMS keys in your Amazon Web Services account are either customer managed or + * Amazon Web Services managed. For more information about the difference, see KMS keys in the Key Management Service Developer Guide.

                                                                      */ KeyManager?: KeyManagerType | string; @@ -1369,7 +1388,9 @@ export interface KeyMetadata { * @deprecated * *

                                                                      Instead, use the KeySpec field.

                                                                      - *

                                                                      The KeySpec and CustomerMasterKeySpec fields have the same value. We recommend that you use the KeySpec field in your code. However, to avoid breaking changes, KMS will support both fields.

                                                                      + *

                                                                      The KeySpec and CustomerMasterKeySpec fields have the same + * value. We recommend that you use the KeySpec field in your code. However, to + * avoid breaking changes, KMS will support both fields.

                                                                      */ CustomerMasterKeySpec?: CustomerMasterKeySpec | string; @@ -1387,8 +1408,8 @@ export interface KeyMetadata { EncryptionAlgorithms?: (EncryptionAlgorithmSpec | string)[]; /** - *

                                                                      The signing algorithms that the KMS key supports. You cannot use the KMS key with other signing - * algorithms within KMS.

                                                                      + *

                                                                      The signing algorithms that the KMS key supports. You cannot use the KMS key with other + * signing algorithms within KMS.

                                                                      *

                                                                      This field appears only when the KeyUsage of the KMS key is * SIGN_VERIFY.

                                                                      */ @@ -1410,8 +1431,8 @@ export interface KeyMetadata { *
                                                                        *
                                                                      • *

                                                                        - * MultiRegionKeyType indicates whether the KMS key is a PRIMARY or - * REPLICA key.

                                                                        + * MultiRegionKeyType indicates whether the KMS key is a + * PRIMARY or REPLICA key.

                                                                        *
                                                                        • *
                                                                      • *

                                                                        @@ -1430,9 +1451,9 @@ export interface KeyMetadata { /** *

                                                                        The waiting period before the primary key in a multi-Region key is deleted. This waiting * period begins when the last of its replica keys is deleted. This value is present only when - * the KeyState of the KMS key is PendingReplicaDeletion. That indicates - * that the KMS key is the primary key in a multi-Region key, it is scheduled for deletion, and it - * still has existing replica keys.

                                                                        + * the KeyState of the KMS key is PendingReplicaDeletion. That + * indicates that the KMS key is the primary key in a multi-Region key, it is scheduled for + * deletion, and it still has existing replica keys.

                                                                        *

                                                                        When a single-Region KMS key or a multi-Region replica key is scheduled for deletion, its * deletion date is displayed in the DeletionDate field. However, when the primary * key in a multi-Region key is scheduled for deletion, its waiting period doesn't begin until @@ -1526,8 +1547,10 @@ export namespace UnsupportedOperationException { } /** - *

                                                                        The request was rejected because the custom key store contains KMS keys. After verifying that you do not need to use the KMS keys, use the ScheduleKeyDeletion operation to delete the KMS keys. After they are deleted, you - * can delete the custom key store.

                                                                        + *

                                                                        The request was rejected because the custom key store contains KMS keys. After verifying + * that you do not need to use the KMS keys, use the ScheduleKeyDeletion + * operation to delete the KMS keys. After they are deleted, you can delete the custom key + * store.

                                                                        */ export interface CustomKeyStoreHasCMKsException extends __SmithyException, $MetadataBearer { name: "CustomKeyStoreHasCMKsException"; @@ -1573,8 +1596,8 @@ export interface CustomKeyStoresListEntry { /** *

                                                                        Indicates whether the custom key store is connected to its CloudHSM cluster.

                                                                        - *

                                                                        You can create and use KMS keys in your custom key stores only when its connection state is - * CONNECTED.

                                                                        + *

                                                                        You can create and use KMS keys in your custom key stores only when its connection state + * is CONNECTED.

                                                                        *

                                                                        The value is DISCONNECTED if the key store has never been connected or you * use the DisconnectCustomKeyStore operation to disconnect it. If the value is * CONNECTED but you are having trouble using the custom key store, make sure that @@ -1715,13 +1738,13 @@ export interface DecryptRequest { GrantTokens?: string[]; /** - *

                                                                        Specifies the KMS key that KMS uses to decrypt the ciphertext. Enter a - * key ID of the KMS key that was used to encrypt the ciphertext.

                                                                        + *

                                                                        Specifies the KMS key that KMS uses to decrypt the ciphertext. Enter a key ID of the KMS + * key that was used to encrypt the ciphertext.

                                                                        * - *

                                                                        This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. - * If you used a symmetric KMS key, KMS can get the KMS key from metadata that it adds to the - * symmetric ciphertext blob. However, it is always recommended as a best practice. This practice - * ensures that you use the KMS key that you intend.

                                                                        + *

                                                                        This parameter is required only when the ciphertext was encrypted under an asymmetric KMS + * key. If you used a symmetric KMS key, KMS can get the KMS key from metadata that it adds to + * the symmetric ciphertext blob. However, it is always recommended as a best practice. This + * practice ensures that you use the KMS key that you intend.

                                                                        * *

                                                                        To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                        *

                                                                        For example:

                                                                        @@ -1751,9 +1774,9 @@ export interface DecryptRequest { *

                                                                        Specifies the encryption algorithm that will be used to decrypt the ciphertext. Specify * the same algorithm that was used to encrypt the data. If you specify a different algorithm, * the Decrypt operation fails.

                                                                        - *

                                                                        This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. - * The default value, SYMMETRIC_DEFAULT, represents the only supported algorithm - * that is valid for symmetric KMS keys.

                                                                        + *

                                                                        This parameter is required only when the ciphertext was encrypted under an asymmetric KMS + * key. The default value, SYMMETRIC_DEFAULT, represents the only supported + * algorithm that is valid for symmetric KMS keys.

                                                                        */ EncryptionAlgorithm?: EncryptionAlgorithmSpec | string; } @@ -1797,8 +1820,8 @@ export namespace DecryptResponse { /** *

                                                                        The request was rejected because the specified KMS key cannot decrypt the data. The * KeyId in a Decrypt request and the SourceKeyId - * in a ReEncrypt request must identify the same KMS key that was used to encrypt - * the ciphertext.

                                                                        + * in a ReEncrypt request must identify the same KMS key that was used to + * encrypt the ciphertext.

                                                                        */ export interface IncorrectKeyException extends __SmithyException, $MetadataBearer { name: "IncorrectKeyException"; @@ -1847,15 +1870,15 @@ export namespace InvalidCiphertextException { *
                                                                        • *
                                                                      • *

                                                                        The encryption algorithm or signing algorithm specified for the operation is - * incompatible with the type of key material in the KMS key - * (KeySpec).

                                                                        + * incompatible with the type of key material in the KMS key (KeySpec).

                                                                        *
                                                                        • *
                                                                      *

                                                                      For encrypting, decrypting, re-encrypting, and generating data keys, the * KeyUsage must be ENCRYPT_DECRYPT. For signing and verifying, the * KeyUsage must be SIGN_VERIFY. To find the KeyUsage of * a KMS key, use the DescribeKey operation.

                                                                      - *

                                                                      To find the encryption or signing algorithms supported for a particular KMS key, use the DescribeKey operation.

                                                                      + *

                                                                      To find the encryption or signing algorithms supported for a particular KMS key, use the + * DescribeKey operation.

                                                                      */ export interface InvalidKeyUsageException extends __SmithyException, $MetadataBearer { name: "InvalidKeyUsageException"; @@ -1873,8 +1896,8 @@ export namespace InvalidKeyUsageException { } /** - *

                                                                      The request was rejected because the specified KMS key was not available. You can retry the - * request.

                                                                      + *

                                                                      The request was rejected because the specified KMS key was not available. You can retry + * the request.

                                                                      */ export interface KeyUnavailableException extends __SmithyException, $MetadataBearer { name: "KeyUnavailableException"; @@ -1939,6 +1962,7 @@ export interface DeleteImportedKeyMaterialRequest { /** *

                                                                      Identifies the KMS key from which you are deleting imported key material. The * Origin of the KMS key must be EXTERNAL.

                                                                      + * *

                                                                      Specify the key ID or key ARN of the KMS key.

                                                                      *

                                                                      For example:

                                                                      *
                                                                        @@ -2061,9 +2085,10 @@ export namespace InvalidMarkerException { export interface DescribeKeyRequest { /** *

                                                                        Describes the specified KMS key.

                                                                        - *

                                                                        If you specify a predefined Amazon Web Services alias (an Amazon Web Services alias with no key ID), KMS associates the - * alias with an Amazon Web Services managed key and returns its KeyId and Arn in the - * response.

                                                                        + *

                                                                        If you specify a predefined Amazon Web Services alias (an Amazon Web Services alias with no key ID), KMS associates + * the alias with an Amazon Web Services managed key and returns its + * KeyId and Arn in the response.

                                                                        + * *

                                                                        To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                        *

                                                                        For example:

                                                                        *
                                                                          @@ -2152,10 +2177,9 @@ export namespace DisableKeyRequest { export interface DisableKeyRotationRequest { /** - *

                                                                          Identifies a symmetric KMS key. You cannot enable or disable automatic - * rotation of asymmetric KMS keys, KMS keys - * with imported key - * material, or KMS keys in a custom key store.

                                                                          + *

                                                                          Identifies a symmetric KMS key. You cannot enable or disable automatic rotation of asymmetric + * KMS keys, KMS keys with imported key material, or KMS keys in a + * custom key store.

                                                                          *

                                                                          Specify the key ID or key ARN of the KMS key.

                                                                          *

                                                                          For example:

                                                                          *
                                                                            @@ -2241,7 +2265,6 @@ export namespace EnableKeyRequest { export interface EnableKeyRotationRequest { /** *

                                                                            Identifies a symmetric KMS key. You cannot enable automatic rotation of asymmetric KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key.

                                                                            - * *

                                                                            Specify the key ID or key ARN of the KMS key.

                                                                            *

                                                                            For example:

                                                                            *
                                                                              @@ -2271,6 +2294,7 @@ export namespace EnableKeyRotationRequest { export interface EncryptRequest { /** *

                                                                              Identifies the KMS key to use in the encryption operation.

                                                                              + * *

                                                                              To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                              *

                                                                              For example:

                                                                              *
                                                                                @@ -2321,8 +2345,8 @@ export interface EncryptRequest { *

                                                                                Specifies the encryption algorithm that KMS will use to encrypt the plaintext message. * The algorithm must be compatible with the KMS key that you specify.

                                                                                *

                                                                                This parameter is required only for asymmetric KMS keys. The default value, - * SYMMETRIC_DEFAULT, is the algorithm used for symmetric KMS keys. If you are using - * an asymmetric KMS key, we recommend RSAES_OAEP_SHA_256.

                                                                                + * SYMMETRIC_DEFAULT, is the algorithm used for symmetric KMS keys. If you are + * using an asymmetric KMS key, we recommend RSAES_OAEP_SHA_256.

                                                                                */ EncryptionAlgorithm?: EncryptionAlgorithmSpec | string; } @@ -2493,8 +2517,9 @@ export interface GenerateDataKeyPairRequest { EncryptionContext?: { [key: string]: string }; /** - *

                                                                                Specifies the symmetric KMS key that encrypts the private key in the data key pair. You cannot - * specify an asymmetric KMS key or a KMS key in a custom key store. To get the type and origin of your KMS key, use the DescribeKey operation.

                                                                                + *

                                                                                Specifies the symmetric KMS key that encrypts the private key in the data key pair. You + * cannot specify an asymmetric KMS key or a KMS key in a custom key store. To get the type and + * origin of your KMS key, use the DescribeKey operation.

                                                                                * *

                                                                                To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                *

                                                                                For example:

                                                                                @@ -2592,9 +2617,10 @@ export interface GenerateDataKeyPairWithoutPlaintextRequest { EncryptionContext?: { [key: string]: string }; /** - *

                                                                                Specifies the KMS key that encrypts the private key in the data key pair. You must specify a - * symmetric KMS key. You cannot use an asymmetric KMS key or a KMS key in a custom key store. To get the - * type and origin of your KMS key, use the DescribeKey operation.

                                                                                + *

                                                                                Specifies the KMS key that encrypts the private key in the data key pair. You must specify + * a symmetric KMS key. You cannot use an asymmetric KMS key or a KMS key in a custom key store. + * To get the type and origin of your KMS key, use the DescribeKey operation. + *

                                                                                *

                                                                                To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                *

                                                                                For example:

                                                                                *
                                                                                  @@ -2675,8 +2701,8 @@ export namespace GenerateDataKeyPairWithoutPlaintextResponse { export interface GenerateDataKeyWithoutPlaintextRequest { /** - *

                                                                                  The identifier of the symmetric KMS key that encrypts the data - * key.

                                                                                  + *

                                                                                  The identifier of the symmetric KMS key that encrypts the data key.

                                                                                  + * *

                                                                                  To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                  *

                                                                                  For example:

                                                                                  *
                                                                                    @@ -2854,6 +2880,7 @@ export namespace GetKeyPolicyResponse { export interface GetKeyRotationStatusRequest { /** *

                                                                                    Gets the rotation status for the specified KMS key.

                                                                                    + * *

                                                                                    Specify the key ID or key ARN of the KMS key. To specify a KMS key in a * different Amazon Web Services account, you must use the key ARN.

                                                                                    *

                                                                                    For example:

                                                                                    @@ -2905,6 +2932,7 @@ export interface GetParametersForImportRequest { /** *

                                                                                    The identifier of the symmetric KMS key into which you will import key material. The * Origin of the KMS key must be EXTERNAL.

                                                                                    + * *

                                                                                    Specify the key ID or key ARN of the KMS key.

                                                                                    *

                                                                                    For example:

                                                                                    *
                                                                                      @@ -2945,8 +2973,7 @@ export namespace GetParametersForImportRequest { export interface GetParametersForImportResponse { /** - *

                                                                                      The Amazon Resource Name (key ARN) of the KMS key to use in a subsequent ImportKeyMaterial - * request. This is the same KMS key specified in the GetParametersForImport + *

                                                                                      The Amazon Resource Name (key ARN) of the KMS key to use in a subsequent ImportKeyMaterial request. This is the same KMS key specified in the GetParametersForImport * request.

                                                                                      */ KeyId?: string; @@ -3027,7 +3054,8 @@ export namespace GetPublicKeyRequest { export interface GetPublicKeyResponse { /** - *

                                                                                      The Amazon Resource Name (key ARN) of the asymmetric KMS key from which the public key was downloaded.

                                                                                      + *

                                                                                      The Amazon Resource Name (key ARN) of the asymmetric KMS key from which the public key was + * downloaded.

                                                                                      */ KeyId?: string; @@ -3042,8 +3070,11 @@ export interface GetPublicKeyResponse { /** * @deprecated * - *

                                                                                      Instead, use the KeySpec field in the GetPublicKey response.

                                                                                      - *

                                                                                      The KeySpec and CustomerMasterKeySpec fields have the same value. We recommend that you use the KeySpec field in your code. However, to avoid breaking changes, KMS will support both fields.

                                                                                      + *

                                                                                      Instead, use the KeySpec field in the GetPublicKey + * response.

                                                                                      + *

                                                                                      The KeySpec and CustomerMasterKeySpec fields have the same + * value. We recommend that you use the KeySpec field in your code. However, to + * avoid breaking changes, KMS will support both fields.

                                                                                      */ CustomerMasterKeySpec?: CustomerMasterKeySpec | string; @@ -3153,10 +3184,9 @@ export namespace GrantListEntry { export interface ImportKeyMaterialRequest { /** - *

                                                                                      The identifier of the symmetric KMS key that receives the imported key material. The KMS key's - * Origin must be EXTERNAL. This must be the same KMS key specified in - * the KeyID parameter of the corresponding GetParametersForImport - * request.

                                                                                      + *

                                                                                      The identifier of the symmetric KMS key that receives the imported key material. The KMS + * key's Origin must be EXTERNAL. This must be the same KMS key + * specified in the KeyID parameter of the corresponding GetParametersForImport request.

                                                                                      *

                                                                                      Specify the key ID or key ARN of the KMS key.

                                                                                      *

                                                                                      For example:

                                                                                      *
                                                                                        @@ -3188,9 +3218,9 @@ export interface ImportKeyMaterialRequest { /** *

                                                                                        The time at which the imported key material expires. When the key material expires, KMS - * deletes the key material and the KMS key becomes unusable. You must omit this parameter when the - * ExpirationModel parameter is set to KEY_MATERIAL_DOES_NOT_EXPIRE. - * Otherwise it is required.

                                                                                        + * deletes the key material and the KMS key becomes unusable. You must omit this parameter when + * the ExpirationModel parameter is set to + * KEY_MATERIAL_DOES_NOT_EXPIRE. Otherwise it is required.

                                                                                        */ ValidTo?: Date; @@ -3325,10 +3355,10 @@ export namespace KMSInvalidSignatureException { export interface ListAliasesRequest { /** - *

                                                                                        Lists only aliases that are associated with the specified KMS key. Enter a KMS key in your Amazon Web Services account.

                                                                                        + *

                                                                                        Lists only aliases that are associated with the specified KMS key. Enter a KMS key in your + * Amazon Web Services account.

                                                                                        *

                                                                                        This parameter is optional. If you omit it, ListAliases returns all aliases * in the account and Region.

                                                                                        - * *

                                                                                        Specify the key ID or key ARN of the KMS key.

                                                                                        *

                                                                                        For example:

                                                                                        *
                                                                                          @@ -3419,8 +3449,8 @@ export interface ListGrantsRequest { Marker?: string; /** - *

                                                                                          Returns only grants for the specified KMS key. This parameter is - * required.

                                                                                          + *

                                                                                          Returns only grants for the specified KMS key. This parameter is required.

                                                                                          + * *

                                                                                          Specify the key ID or key ARN of the KMS key. To specify a KMS key in a * different Amazon Web Services account, you must use the key ARN.

                                                                                          *

                                                                                          For example:

                                                                                          @@ -3722,10 +3752,13 @@ export interface ListRetirableGrantsRequest { Marker?: string; /** - *

                                                                                          The retiring principal for which to list grants. Enter a principal in your Amazon Web Services account.

                                                                                          - *

                                                                                          To specify the retiring principal, use the Amazon Resource Name (ARN) of an Amazon Web Services principal. Valid Amazon Web Services principals include Amazon Web Services accounts (root), IAM users, federated users, and - * assumed role users. For examples of the ARN syntax for specifying a principal, see Amazon Web Services Identity and Access Management (IAM) in the Example ARNs section of the - * Amazon Web Services General Reference.

                                                                                          + *

                                                                                          The retiring principal for which to list grants. Enter a principal in your + * Amazon Web Services account.

                                                                                          + *

                                                                                          To specify the retiring principal, use the Amazon Resource Name (ARN) of an + * Amazon Web Services principal. Valid Amazon Web Services principals include Amazon Web Services accounts (root), IAM users, federated + * users, and assumed role users. For examples of the ARN syntax for specifying a principal, see + * Amazon Web Services Identity and Access Management (IAM) in the Example ARNs section of the + * Amazon Web Services General Reference.

                                                                                          */ RetiringPrincipal: string | undefined; } @@ -3775,14 +3808,17 @@ export interface PutKeyPolicyRequest { *
                                                                                        • *

                                                                                          If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy * must allow the principal that is making the PutKeyPolicy request to make a - * subsequent PutKeyPolicy request on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, refer to the scenario in the Default Key Policy section of the Key Management Service Developer Guide.

                                                                                          + * subsequent PutKeyPolicy request on the KMS key. This reduces the risk that + * the KMS key becomes unmanageable. For more information, refer to the scenario in the + * Default Key Policy section of the Key Management Service Developer Guide.

                                                                                          *
                                                                                          • *
                                                                                        • *

                                                                                          Each statement in the key policy must contain one or more principals. The principals - * in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services principal - * (for example, an IAM user or role), you might need to enforce a delay before including the - * new principal in a key policy because the new principal might not be immediately visible - * to KMS. For more information, see Changes that I make are not always immediately visible in the Amazon Web Services Identity and Access Management User Guide.

                                                                                          + * in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services + * principal (for example, an IAM user or role), you might need to enforce a delay before + * including the new principal in a key policy because the new principal might not be + * immediately visible to KMS. For more information, see Changes that I make are not always immediately visible in the Amazon Web Services + * Identity and Access Management User Guide.

                                                                                          *
                                                                                          • *
                                                                                        *

                                                                                        The key policy cannot exceed 32 kilobytes (32768 bytes). For more information, see Resource Quotas in the @@ -3793,8 +3829,8 @@ export interface PutKeyPolicyRequest { /** *

                                                                                        A flag to indicate whether to bypass the key policy lockout safety check.

                                                                                        * - *

                                                                                        Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not - * set this value to true indiscriminately.

                                                                                        + *

                                                                                        Setting this value to true increases the risk that the KMS key becomes unmanageable. Do + * not set this value to true indiscriminately.

                                                                                        *

                                                                                        For more information, refer to the scenario in the Default Key Policy section in the Key Management Service Developer Guide.

                                                                                        *                                                                                         *

                                                                                        Use this parameter only when you intend to prevent the principal that is making the @@ -3830,13 +3866,12 @@ export interface ReEncryptRequest { SourceEncryptionContext?: { [key: string]: string }; /** - *

                                                                                        Specifies the KMS key that - * KMS will use to decrypt the ciphertext before it is re-encrypted. Enter a key ID of the KMS key - * that was used to encrypt the ciphertext.

                                                                                        - *

                                                                                        This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key. - * If you used a symmetric KMS key, KMS can get the KMS key from metadata that it adds to the - * symmetric ciphertext blob. However, it is always recommended as a best practice. This practice - * ensures that you use the KMS key that you intend.

                                                                                        + *

                                                                                        Specifies the KMS key that KMS will use to decrypt the ciphertext before it is + * re-encrypted. Enter a key ID of the KMS key that was used to encrypt the ciphertext.

                                                                                        + *

                                                                                        This parameter is required only when the ciphertext was encrypted under an asymmetric KMS + * key. If you used a symmetric KMS key, KMS can get the KMS key from metadata that it adds to + * the symmetric ciphertext blob. However, it is always recommended as a best practice. This + * practice ensures that you use the KMS key that you intend.

                                                                                        * *

                                                                                        To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                        *

                                                                                        For example:

                                                                                        @@ -3863,10 +3898,10 @@ export interface ReEncryptRequest { SourceKeyId?: string; /** - *

                                                                                        A unique identifier for the KMS key that is used to reencrypt the data. Specify a symmetric or - * asymmetric KMS key with a KeyUsage value of ENCRYPT_DECRYPT. To find the - * KeyUsage value of a KMS key, use the DescribeKey - * operation.

                                                                                        + *

                                                                                        A unique identifier for the KMS key that is used to reencrypt the data. Specify a + * symmetric or asymmetric KMS key with a KeyUsage value of + * ENCRYPT_DECRYPT. To find the KeyUsage value of a KMS key, use the + * DescribeKey operation.

                                                                                        *

                                                                                        To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                        *

                                                                                        For example:

                                                                                        *
                                                                                          @@ -3893,7 +3928,8 @@ export interface ReEncryptRequest { /** *

                                                                                          Specifies that encryption context to use when the reencrypting the data.

                                                                                          - *

                                                                                          A destination encryption context is valid only when the destination KMS key is a symmetric KMS key. The standard ciphertext format for asymmetric KMS keys does not include fields for + *

                                                                                          A destination encryption context is valid only when the destination KMS key is a symmetric + * KMS key. The standard ciphertext format for asymmetric KMS keys does not include fields for * metadata.

                                                                                          *

                                                                                          An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric KMS key, but it is highly recommended.

                                                                                          *

                                                                                          For more information, see @@ -3908,7 +3944,8 @@ export interface ReEncryptRequest { * used for symmetric KMS keys.

                                                                                          *

                                                                                          Specify the same algorithm that was used to encrypt the ciphertext. If you specify a * different algorithm, the decrypt attempt fails.

                                                                                          - *

                                                                                          This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key.

                                                                                          + *

                                                                                          This parameter is required only when the ciphertext was encrypted under an asymmetric KMS + * key.

                                                                                          */ SourceEncryptionAlgorithm?: EncryptionAlgorithmSpec | string; @@ -3916,7 +3953,8 @@ export interface ReEncryptRequest { *

                                                                                          Specifies the encryption algorithm that KMS will use to reecrypt the data after it has * decrypted it. The default value, SYMMETRIC_DEFAULT, represents the encryption * algorithm used for symmetric KMS keys.

                                                                                          - *

                                                                                          This parameter is required only when the destination KMS key is an asymmetric KMS key.

                                                                                          + *

                                                                                          This parameter is required only when the destination KMS key is an asymmetric KMS + * key.

                                                                                          */ DestinationEncryptionAlgorithm?: EncryptionAlgorithmSpec | string; @@ -3976,8 +4014,9 @@ export namespace ReEncryptResponse { export interface ReplicateKeyRequest { /** - *

                                                                                          Identifies the multi-Region primary key that is being replicated. To determine whether a KMS key is a multi-Region primary key, use the DescribeKey operation to check - * the value of the MultiRegionKeyType property.

                                                                                          + *

                                                                                          Identifies the multi-Region primary key that is being replicated. To determine whether a + * KMS key is a multi-Region primary key, use the DescribeKey operation to + * check the value of the MultiRegionKeyType property.

                                                                                          * *

                                                                                          Specify the key ID or key ARN of a multi-Region primary key.

                                                                                          *

                                                                                          For example:

                                                                                          @@ -4012,7 +4051,9 @@ export interface ReplicateKeyRequest { ReplicaRegion: string | undefined; /** - *

                                                                                          The key policy to attach to the KMS key. This parameter is optional. If you do not provide a key policy, KMS attaches the default key policy to the KMS key.

                                                                                          + *

                                                                                          The key policy to attach to the KMS key. This parameter is optional. If you do not provide + * a key policy, KMS attaches the default key policy to the + * KMS key.

                                                                                          *

                                                                                          The key policy is not a shared property of multi-Region keys. You can specify the same key * policy or a different key policy for each key in a set of related multi-Region keys. KMS * does not synchronize this property.

                                                                                          @@ -4020,18 +4061,19 @@ export interface ReplicateKeyRequest { *
                                                                                            *
                                                                                          • *

                                                                                            If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy - * must give the caller kms:PutKeyPolicy permission on the replica key. This reduces the - * risk that the KMS key becomes unmanageable. For more information, refer to the scenario in the - * Default Key Policy section of the + * must give the caller kms:PutKeyPolicy permission on the replica key. This + * reduces the risk that the KMS key becomes unmanageable. For more information, refer to the + * scenario in the Default Key Policy section of the * Key Management Service Developer Guide * .

                                                                                            *
                                                                                            • *
                                                                                          • *

                                                                                            Each statement in the key policy must contain one or more principals. The principals - * in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services principal - * (for example, an IAM user or role), you might need to enforce a delay before including the - * new principal in a key policy because the new principal might not be immediately visible - * to KMS. For more information, see Changes that I make are not always immediately visible in the + * in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services + * principal (for example, an IAM user or role), you might need to enforce a delay before + * including the new principal in a key policy because the new principal might not be + * immediately visible to KMS. For more information, see Changes that I make are not always immediately visible in the + * * Identity and Access Management User Guide * .

                                                                                            *
                                                                                            • @@ -4045,8 +4087,8 @@ export interface ReplicateKeyRequest { /** *

                                                                                            A flag to indicate whether to bypass the key policy lockout safety check.

                                                                                            * - *

                                                                                            Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not - * set this value to true indiscriminately.

                                                                                            + *

                                                                                            Setting this value to true increases the risk that the KMS key becomes unmanageable. Do + * not set this value to true indiscriminately.

                                                                                            *

                                                                                            For more information, refer to the scenario in the Default Key Policy section in the Key Management Service Developer Guide.

                                                                                            *                                                                                             *

                                                                                            Use this parameter only when you intend to prevent the principal that is making the @@ -4056,27 +4098,30 @@ export interface ReplicateKeyRequest { BypassPolicyLockoutSafetyCheck?: boolean; /** - *

                                                                                            A description of the KMS key. The default value is an empty string (no description).

                                                                                            + *

                                                                                            A description of the KMS key. The default value is an empty string (no + * description).

                                                                                            *

                                                                                            The description is not a shared property of multi-Region keys. You can specify the same - * description or a different description for each key in a set of related multi-Region keys. KMS does not synchronize this property.

                                                                                            + * description or a different description for each key in a set of related multi-Region keys. + * KMS does not synchronize this property.

                                                                                            */ Description?: string; /** - *

                                                                                            Assigns one or more tags to the replica key. Use this parameter to tag the KMS key when it is created. - * To tag an existing KMS key, use the TagResource operation.

                                                                                            - * + *

                                                                                            Assigns one or more tags to the replica key. Use this parameter to tag the KMS key when it + * is created. To tag an existing KMS key, use the TagResource + * operation.

                                                                                            + * *

                                                                                            Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                                                            *                                                                                             - *

                                                                                            To use this parameter, you must have kms:TagResource permission in an IAM policy.

                                                                                            + *

                                                                                            To use this parameter, you must have kms:TagResource permission in an IAM policy.

                                                                                            *

                                                                                            Tags are not a shared property of multi-Region keys. You can specify the same tags or - * different tags for each key in a set of related multi-Region keys. KMS does not - * synchronize this property.

                                                                                            - *

                                                                                            Each tag consists of a tag key and a tag value. Both the tag key and the tag value are - * required, but the tag value can be an empty (null) string. You cannot have more than one tag - * on a KMS key with the same tag key. If you specify an existing tag key with a different tag value, - * KMS replaces the current tag value with the specified one.

                                                                                            - *

                                                                                            When you add tags to an Amazon Web Services resource, Amazon Web Services generates a cost allocation + * different tags for each key in a set of related multi-Region keys. KMS does not synchronize + * this property.

                                                                                            + *

                                                                                            Each tag consists of a tag key and a tag value. Both the tag key and the tag value are + * required, but the tag value can be an empty (null) string. You cannot have more than one tag + * on a KMS key with the same tag key. If you specify an existing tag key with a different tag + * value, KMS replaces the current tag value with the specified one.

                                                                                            + *

                                                                                            When you add tags to an Amazon Web Services resource, Amazon Web Services generates a cost allocation * report with usage and costs aggregated by tags. Tags can also be used to control access to a KMS key. For details, * see Tagging Keys.

                                                                                            */ @@ -4094,9 +4139,9 @@ export namespace ReplicateKeyRequest { export interface ReplicateKeyResponse { /** - *

                                                                                            Displays details about the new replica key, including its Amazon Resource Name (key - * ARN) and key state. It also includes the ARN and Amazon Web Services Region of its primary key and other - * replica keys.

                                                                                            + *

                                                                                            Displays details about the new replica key, including its Amazon Resource Name (key ARN) and + * key state. It also + * includes the ARN and Amazon Web Services Region of its primary key and other replica keys.

                                                                                            */ ReplicaKeyMetadata?: KeyMetadata; @@ -4127,7 +4172,7 @@ export interface RetireGrantRequest { *

                                                                                            Identifies the grant to be retired. You can use a grant token to identify a new grant even * before it has achieved eventual consistency.

                                                                                            *

                                                                                            Only the CreateGrant operation returns a grant token. For details, see - * Grant token + * Grant token * and Eventual consistency in the Key Management Service Developer Guide.

                                                                                            */ GrantToken?: string; @@ -4141,7 +4186,7 @@ export interface RetireGrantRequest { /** *

                                                                                            Identifies the grant to retire. To get the grant ID, use CreateGrant, - * ListGrants, or ListRetirableGrants.

                                                                                            + * ListGrants, or ListRetirableGrants.

                                                                                            *
                                                                                              *
                                                                                            • *

                                                                                              Grant ID Example - @@ -4163,8 +4208,8 @@ export namespace RetireGrantRequest { export interface RevokeGrantRequest { /** - *

                                                                                              A unique identifier for the KMS key associated with the grant. To get - * the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                              + *

                                                                                              A unique identifier for the KMS key associated with the grant. To get the key ID and key + * ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                              * *

                                                                                              Specify the key ID or key ARN of the KMS key. To specify a KMS key in a * different Amazon Web Services account, you must use the key ARN.

                                                                                              @@ -4185,7 +4230,7 @@ export interface RevokeGrantRequest { /** *

                                                                                              Identifies the grant to revoke. To get the grant ID, use CreateGrant, - * ListGrants, or ListRetirableGrants.

                                                                                              + * ListGrants, or ListRetirableGrants.

                                                                                              */ GrantId: string | undefined; } @@ -4202,7 +4247,6 @@ export namespace RevokeGrantRequest { export interface ScheduleKeyDeletionRequest { /** *

                                                                                              The unique identifier of the KMS key to delete.

                                                                                              - * *

                                                                                              Specify the key ID or key ARN of the KMS key.

                                                                                              *

                                                                                              For example:

                                                                                              *
                                                                                                @@ -4222,8 +4266,9 @@ export interface ScheduleKeyDeletionRequest { /** *

                                                                                                The waiting period, specified in number of days. After the waiting period ends, KMS * deletes the KMS key.

                                                                                                - *

                                                                                                If the KMS key is a multi-Region primary key with replicas, the waiting period begins when the - * last of its replica keys is deleted. Otherwise, the waiting period begins immediately.

                                                                                                + *

                                                                                                If the KMS key is a multi-Region primary key with replicas, the waiting period begins when + * the last of its replica keys is deleted. Otherwise, the waiting period begins + * immediately.

                                                                                                *

                                                                                                This value is optional. If you include a value, it must be between 7 and 30, inclusive. If * you do not include a value, it defaults to 30.

                                                                                                */ @@ -4247,23 +4292,24 @@ export interface ScheduleKeyDeletionResponse { /** *

                                                                                                The date and time after which KMS deletes the KMS key.

                                                                                                - *

                                                                                                If the KMS key is a multi-Region primary key with replica keys, this field does not appear. - * The deletion date for the primary key isn't known until its last replica key is + *

                                                                                                If the KMS key is a multi-Region primary key with replica keys, this field does not + * appear. The deletion date for the primary key isn't known until its last replica key is * deleted.

                                                                                                */ DeletionDate?: Date; /** *

                                                                                                The current status of the KMS key.

                                                                                                - *

                                                                                                For more information about how key state affects the use of a KMS key, see Key state: Effect on your KMS key - * in the Key Management Service Developer Guide.

                                                                                                + *

                                                                                                For more information about how key state affects the use of a KMS key, see Key state: Effect on your KMS + * key in the Key Management Service Developer Guide.

                                                                                                */ KeyState?: KeyState | string; /** *

                                                                                                The waiting period before the KMS key is deleted.

                                                                                                - *

                                                                                                If the KMS key is a multi-Region primary key with replicas, the waiting period begins when the - * last of its replica keys is deleted. Otherwise, the waiting period begins immediately.

                                                                                                + *

                                                                                                If the KMS key is a multi-Region primary key with replicas, the waiting period begins when + * the last of its replica keys is deleted. Otherwise, the waiting period begins + * immediately.

                                                                                                */ PendingWindowInDays?: number; } @@ -4279,10 +4325,9 @@ export namespace ScheduleKeyDeletionResponse { export interface SignRequest { /** - *

                                                                                                Identifies an asymmetric KMS key. KMS uses the private key in the asymmetric KMS key to sign the - * message. The KeyUsage type of the KMS key must be SIGN_VERIFY. To find - * the KeyUsage of a KMS key, use the DescribeKey operation.

                                                                                                - * + *

                                                                                                Identifies an asymmetric KMS key. KMS uses the private key in the asymmetric KMS key to + * sign the message. The KeyUsage type of the KMS key must be + * SIGN_VERIFY. To find the KeyUsage of a KMS key, use the DescribeKey operation.

                                                                                                *

                                                                                                To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                                *

                                                                                                For example:

                                                                                                *
                                                                                                  @@ -4331,7 +4376,8 @@ export interface SignRequest { /** *

                                                                                                  Specifies the signing algorithm to use when signing the message.

                                                                                                  - *

                                                                                                  Choose an algorithm that is compatible with the type and size of the specified asymmetric KMS key.

                                                                                                  + *

                                                                                                  Choose an algorithm that is compatible with the type and size of the specified asymmetric + * KMS key.

                                                                                                  */ SigningAlgorithm: SigningAlgorithmSpec | string | undefined; } @@ -4471,11 +4517,11 @@ export interface UpdateAliasRequest { AliasName: string | undefined; /** - *

                                                                                                  Identifies the customer managed key to associate with the alias. You don't have permission - * to associate an alias with an Amazon Web Services managed key.

                                                                                                  - *

                                                                                                  The KMS key must be in the same Amazon Web Services account and Region as the alias. Also, the new target KMS key - * must be the same type as the current target KMS key (both symmetric or both asymmetric) and they - * must have the same key usage.

                                                                                                  + *

                                                                                                  Identifies the customer managed key to associate with the alias. You don't have permission to + * associate an alias with an Amazon Web Services managed key.

                                                                                                  + *

                                                                                                  The KMS key must be in the same Amazon Web Services account and Region as the alias. Also, the new + * target KMS key must be the same type as the current target KMS key (both symmetric or both + * asymmetric) and they must have the same key usage.

                                                                                                  *

                                                                                                  Specify the key ID or key ARN of the KMS key.

                                                                                                  *

                                                                                                  For example:

                                                                                                  *
                                                                                                    @@ -4489,8 +4535,8 @@ export interface UpdateAliasRequest { * *
                                                                                                  *

                                                                                                  To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                  - *

                                                                                                  To verify that the alias - * is mapped to the correct KMS key, use ListAliases.

                                                                                                  + *

                                                                                                  To + * verify that the alias is mapped to the correct KMS key, use ListAliases.

                                                                                                  */ TargetKeyId: string | undefined; } @@ -4561,6 +4607,7 @@ export namespace UpdateCustomKeyStoreResponse { export interface UpdateKeyDescriptionRequest { /** *

                                                                                                  Updates the description of the specified KMS key.

                                                                                                  + * *

                                                                                                  Specify the key ID or key ARN of the KMS key.

                                                                                                  *

                                                                                                  For example:

                                                                                                  *
                                                                                                    @@ -4596,7 +4643,6 @@ export interface UpdatePrimaryRegionRequest { /** *

                                                                                                    Identifies the current primary key. When the operation completes, this KMS key will be a * replica key.

                                                                                                    - * *

                                                                                                    Specify the key ID or key ARN of a multi-Region primary key.

                                                                                                    *

                                                                                                    For example:

                                                                                                    *
                                                                                                      @@ -4614,8 +4660,9 @@ export interface UpdatePrimaryRegionRequest { KeyId: string | undefined; /** - *

                                                                                                      The Amazon Web Services Region of the new primary key. Enter the Region ID, such as us-east-1 - * or ap-southeast-2. There must be an existing replica key in this Region.

                                                                                                      + *

                                                                                                      The Amazon Web Services Region of the new primary key. Enter the Region ID, such as + * us-east-1 or ap-southeast-2. There must be an existing replica key + * in this Region.

                                                                                                      *

                                                                                                      When the operation completes, the multi-Region key in this Region will be the primary * key.

                                                                                                      */ @@ -4633,9 +4680,9 @@ export namespace UpdatePrimaryRegionRequest { export interface VerifyRequest { /** - *

                                                                                                      Identifies the asymmetric KMS key that will be used to verify the signature. This must be the - * same KMS key that was used to generate the signature. If you specify a different KMS key, the - * signature verification fails.

                                                                                                      + *

                                                                                                      Identifies the asymmetric KMS key that will be used to verify the signature. This must be + * the same KMS key that was used to generate the signature. If you specify a different KMS key, + * the signature verification fails.

                                                                                                      *

                                                                                                      To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                                      *

                                                                                                      For example:

                                                                                                      *
                                                                                                        diff --git a/clients/client-location/src/Location.ts b/clients/client-location/src/Location.ts index 266a9f54d377..b33ff89b2cf1 100644 --- a/clients/client-location/src/Location.ts +++ b/clients/client-location/src/Location.ts @@ -444,11 +444,15 @@ export class Location extends LocationClient { /** *

                                                                                                        Uploads position update data for one or more devices to a tracker resource. Amazon Location - * uses the data when reporting the last known device position and position history.

                                                                                                        + * uses the data when it reports the last known device position and position history. Amazon Location retains location data for 30 + * days.

                                                                                                        * - *

                                                                                                        Only one position update is stored per sample time. Location data is sampled at a - * fixed rate of one position per 30-second interval and retained for 30 days before - * it's deleted.

                                                                                                        + *

                                                                                                        Position updates are handled based on the PositionFiltering property of the tracker. + * When PositionFiltering is set to TimeBased, updates are evaluated against linked geofence collections, + * and location data is stored at a maximum of one position per 30 second interval. If your update frequency is more often than + * every 30 seconds, only one update per 30 seconds is stored for each unique device ID. + * When PositionFiltering is set to DistanceBased filtering, location data is stored and evaluated against linked geofence + * collections only if the device has moved more than 30 m (98.4 ft).

                                                                                                        *                                                                                                         */ public batchUpdateDevicePosition( diff --git a/clients/client-location/src/commands/BatchUpdateDevicePositionCommand.ts b/clients/client-location/src/commands/BatchUpdateDevicePositionCommand.ts index 7d77b1c5e194..876ca4103de6 100644 --- a/clients/client-location/src/commands/BatchUpdateDevicePositionCommand.ts +++ b/clients/client-location/src/commands/BatchUpdateDevicePositionCommand.ts @@ -23,11 +23,15 @@ export interface BatchUpdateDevicePositionCommandOutput extends BatchUpdateDevic /** *

                                                                                                        Uploads position update data for one or more devices to a tracker resource. Amazon Location - * uses the data when reporting the last known device position and position history.

                                                                                                        + * uses the data when it reports the last known device position and position history. Amazon Location retains location data for 30 + * days.

                                                                                                        * - *

                                                                                                        Only one position update is stored per sample time. Location data is sampled at a - * fixed rate of one position per 30-second interval and retained for 30 days before - * it's deleted.

                                                                                                        + *

                                                                                                        Position updates are handled based on the PositionFiltering property of the tracker. + * When PositionFiltering is set to TimeBased, updates are evaluated against linked geofence collections, + * and location data is stored at a maximum of one position per 30 second interval. If your update frequency is more often than + * every 30 seconds, only one update per 30 seconds is stored for each unique device ID. + * When PositionFiltering is set to DistanceBased filtering, location data is stored and evaluated against linked geofence + * collections only if the device has moved more than 30 m (98.4 ft).

                                                                                                        *                                                                                                         * @example * Use a bare-bones client and the command you need to make an API call. diff --git a/clients/client-location/src/models/models_0.ts b/clients/client-location/src/models/models_0.ts index 57b7050fa91f..4900b8a53d48 100644 --- a/clients/client-location/src/models/models_0.ts +++ b/clients/client-location/src/models/models_0.ts @@ -1021,7 +1021,8 @@ export interface CalculateRouteRequest { *
                                                                                                      * *

                                                                                                      If you specify a departure that's not located on a road, Amazon Location moves the - * position to the nearest road.

                                                                                                      + * position to the nearest road. If Esri is the provider for your route calculator, + * specifying a route that is longer than 400 km returns a 400 RoutesValidationException error.

                                                                                                      *                                                                                                       *

                                                                                                      Valid Values: [-180 to 180,-90 to 90] *

                                                                                                      @@ -1060,6 +1061,8 @@ export interface CalculateRouteRequest { *

                                                                                                      If you specify a waypoint position that's not located on a road, Amazon Location moves the position to the nearest road.

                                                                                                      *

                                                                                                      Specifying more than 23 waypoints returns a 400 ValidationException * error.

                                                                                                      + *

                                                                                                      If Esri is the provider for your route calculator, specifying a + * route that is longer than 400 km returns a 400 RoutesValidationException error.

                                                                                                      * *

                                                                                                      Valid Values: [-180 to 180,-90 to 90] *

                                                                                                      @@ -1357,7 +1360,7 @@ export interface CalculateRouteSummary { * upper northeast corner.

                                                                                                      * *
                                                                                                    • - *

                                                                                                      The fourth bbox position is the Y coordinate, or longitude of the + *

                                                                                                      The fourth bbox position is the Y coordinate, or latitude of the * upper northeast corner.

                                                                                                      *
                                                                                                      • *
                                                                                                    @@ -1387,9 +1390,9 @@ export interface CalculateRouteSummary { *

                                                                                                    The total distance covered by the route. The sum of the distance travelled between * every stop on the route.

                                                                                                    * - *

                                                                                                    The route distance can't be greater than 250 km. If the route exceeds - * 250 km, the response returns a 400 RoutesValidationException - * error.

                                                                                                    + *

                                                                                                    If Esri is the data source for the route calculator, the route distance can’t + * be greater than 400 km. If the route exceeds 400 km, the response is a + * 400 RoutesValidationException error.

                                                                                                    *                                                                                                     */ Distance: number | undefined; @@ -1610,11 +1613,8 @@ export namespace CreateGeofenceCollectionResponse { */ export interface MapConfiguration { /** - *

                                                                                                    Specifies the map style selected from an available data provider. For additional - * information on each map style and to preview each map style, see Esri map - * styles and HERE map - * styles.

                                                                                                    - *

                                                                                                    Valid Esri styles:

                                                                                                    + *

                                                                                                    Specifies the map style selected from an available data provider.

                                                                                                    + *

                                                                                                    Valid Esri map styles:

                                                                                                    *
                                                                                                      *
                                                                                                    • *

                                                                                                      @@ -1655,7 +1655,7 @@ export interface MapConfiguration { *

                                                                                                      • *
                                                                                                    *

                                                                                                    Valid HERE - * Technologies styles:

                                                                                                    + * Technologies map styles:

                                                                                                    * */ Tags?: { [key: string]: string }; + + /** + *

                                                                                                    Specifies the position filtering for the tracker resource.

                                                                                                    + *

                                                                                                    Valid values:

                                                                                                    + *
                                                                                                      + *
                                                                                                    • + *

                                                                                                      + * TimeBased - Location updates are evaluated against linked geofence collections, + * but not every location update is stored. If your update frequency is more often than 30 seconds, + * only one update per 30 seconds is stored for each unique device ID. + *

                                                                                                      + *
                                                                                                      • + *
                                                                                                    • + *

                                                                                                      + * DistanceBased - If the device has moved less than 30 m (98.4 ft), location updates are + * ignored. Location updates within this distance are neither evaluated against linked geofence collections, nor stored. + * This helps control costs by reducing the number of geofence evaluations and device positions to retrieve. + * Distance-based filtering can also reduce the jitter effect when displaying device trajectory on a map. + *

                                                                                                      + *
                                                                                                      • + *
                                                                                                    + *

                                                                                                    This field is optional. If not specified, the default value is TimeBased.

                                                                                                    + */ + PositionFiltering?: PositionFiltering | string; } export namespace CreateTrackerRequest { @@ -2504,8 +2528,7 @@ export interface DescribeMapResponse { /** *

                                                                                                    The pricing plan selected for the specified map resource.

                                                                                                    * - *

                                                                                                    For additional details and restrictions on each pricing plan option, see the Amazon Location Service pricing - * page.

                                                                                                    + *

                                                                                                    For additional details and restrictions on each pricing plan option, see Amazon Location Service pricing.

                                                                                                    */ PricingPlan: PricingPlan | string | undefined; @@ -2588,8 +2611,7 @@ export interface DescribePlaceIndexResponse { /** *

                                                                                                    The pricing plan selected for the specified place index resource.

                                                                                                    - *

                                                                                                    For additional details and restrictions on each pricing plan option, see the Amazon Location Service pricing - * page.

                                                                                                    + *

                                                                                                    For additional details and restrictions on each pricing plan option, see Amazon Location Service pricing.

                                                                                                    */ PricingPlan: PricingPlan | string | undefined; @@ -2624,8 +2646,7 @@ export interface DescribePlaceIndexResponse { *

                                                                                                    * *
                                                                                                  - *

                                                                                                  For additional details on data providers, see the Amazon Location Service data providers - * page.

                                                                                                  + *

                                                                                                  For additional details on data providers, see Amazon Location Service data providers.

                                                                                                  */ DataSource: string | undefined; @@ -2795,8 +2816,7 @@ export interface DescribeTrackerResponse { /** *

                                                                                                  The pricing plan selected for the specified tracker resource.

                                                                                                  - *

                                                                                                  For additional details and restrictions on each pricing plan option, see the Amazon Location Service pricing - * page.

                                                                                                  + *

                                                                                                  For additional details and restrictions on each pricing plan option, see Amazon Location Service pricing.

                                                                                                  */ PricingPlan: PricingPlan | string | undefined; @@ -2826,6 +2846,11 @@ export interface DescribeTrackerResponse { *

                                                                                                  A key identifier for an AWS KMS customer managed key assigned to the Amazon Location resource.

                                                                                                  */ KmsKeyId?: string; + + /** + *

                                                                                                  The position filtering method of the tracker resource.

                                                                                                  + */ + PositionFiltering?: PositionFiltering | string; } export namespace DescribeTrackerResponse { @@ -3592,7 +3617,7 @@ export interface GetMapGlyphsRequest { /** *

                                                                                                  A comma-separated list of fonts to load glyphs from in order of preference. For * example, Noto Sans Regular, Arial Unicode.

                                                                                                  - *

                                                                                                  Valid fonts for Esri styles:

                                                                                                  + *

                                                                                                  Valid fonts stacks for Esri styles:

                                                                                                  *
                                                                                                    *
                                                                                                  • *

                                                                                                    VectorEsriDarkGrayCanvas – Ubuntu Medium Italic | Ubuntu @@ -3622,11 +3647,10 @@ export interface GetMapGlyphsRequest { *

                                                                                                    *
                                                                                                    • *
                                                                                                  - *

                                                                                                  Valid fonts for HERE Technologies styles:

                                                                                                  + *

                                                                                                  Valid font stacks for HERE Technologies styles:

                                                                                                  *
                                                                                                    *
                                                                                                  • - *

                                                                                                    - * VectorHereBerlinFira GO Regular | Fira GO + *

                                                                                                    VectorHereBerlin – Fira GO Regular | Fira GO * Bold *

                                                                                                    *
                                                                                                    • @@ -3965,8 +3989,7 @@ export interface ListMapsResponseEntry { /** *

                                                                                                    The pricing plan for the specified map resource.

                                                                                                    - *

                                                                                                    For additional details and restrictions on each pricing plan option, see the Amazon Location Service pricing - * page.

                                                                                                    + *

                                                                                                    For additional details and restrictions on each pricing plan option, see Amazon Location Service pricing.

                                                                                                    */ PricingPlan: PricingPlan | string | undefined; @@ -4067,14 +4090,13 @@ export interface ListPlaceIndexesResponseEntry { *

                                                                                                    * *
                                                                                                  - *

                                                                                                  For additional details on data providers, see the Amazon Location Service data providers page.

                                                                                                  + *

                                                                                                  For additional details on data providers, see Amazon Location Service data providers.

                                                                                                  */ DataSource: string | undefined; /** *

                                                                                                  The pricing plan for the specified place index resource.

                                                                                                  - *

                                                                                                  For additional details and restrictions on each pricing plan option, see the Amazon Location Service pricing - * page.

                                                                                                  + *

                                                                                                  For additional details and restrictions on each pricing plan option, see Amazon Location Service pricing.

                                                                                                  */ PricingPlan: PricingPlan | string | undefined; @@ -4338,8 +4360,7 @@ export interface ListTrackersResponseEntry { /** *

                                                                                                  The pricing plan for the specified tracker resource.

                                                                                                  - *

                                                                                                  For additional details and restrictions on each pricing plan option, see the Amazon Location Service pricing - * page.

                                                                                                  + *

                                                                                                  For additional details and restrictions on each pricing plan option, see Amazon Location Service pricing.

                                                                                                  */ PricingPlan: PricingPlan | string | undefined; @@ -4643,7 +4664,7 @@ export interface SearchPlaceIndexForPositionSummary { *

                                                                                                  HERE

                                                                                                  * *
                                                                                                - *

                                                                                                For additional details on data providers, see the Amazon Location Service data providers page.

                                                                                                + *

                                                                                                For additional details on data providers, see Amazon Location Service data providers.

                                                                                                */ DataSource: string | undefined; } @@ -4843,7 +4864,7 @@ export interface SearchPlaceIndexForTextSummary { *

                                                                                                HERE

                                                                                                * *
                                                                                              - *

                                                                                              For additional details on data providers, see the Amazon Location Service data providers page.

                                                                                              + *

                                                                                              For additional details on data providers, see Amazon Location Service data providers.

                                                                                              */ DataSource: string | undefined; } @@ -5050,6 +5071,29 @@ export interface UpdateTrackerRequest { *

                                                                                              Updates the description for the tracker resource.

                                                                                              */ Description?: string; + + /** + *

                                                                                              Updates the position filtering for the tracker resource.

                                                                                              + *

                                                                                              Valid values:

                                                                                              + *
                                                                                                + *
                                                                                              • + *

                                                                                                + * TimeBased - Location updates are evaluated against linked geofence collections, + * but not every location update is stored. If your update frequency is more often than 30 seconds, + * only one update per 30 seconds is stored for each unique device ID. + *

                                                                                                + *
                                                                                                • + *
                                                                                              • + *

                                                                                                + * DistanceBased - If the device has moved less than 30 m (98.4 ft), location updates are + * ignored. Location updates within this distance are neither evaluated against linked geofence collections, nor stored. + * This helps control costs by reducing the number of geofence evaluations and device positions to retrieve. + * Distance-based filtering can also reduce the jitter effect when displaying device trajectory on a map. + *

                                                                                                + *
                                                                                                • + *
                                                                                              + */ + PositionFiltering?: PositionFiltering | string; } export namespace UpdateTrackerRequest { diff --git a/clients/client-location/src/protocols/Aws_restJson1.ts b/clients/client-location/src/protocols/Aws_restJson1.ts index 73015e9bec8f..23ddd7f6ad5f 100644 --- a/clients/client-location/src/protocols/Aws_restJson1.ts +++ b/clients/client-location/src/protocols/Aws_restJson1.ts @@ -726,6 +726,8 @@ export const serializeAws_restJson1CreateTrackerCommand = async ( body = JSON.stringify({ ...(input.Description !== undefined && input.Description !== null && { Description: input.Description }), ...(input.KmsKeyId !== undefined && input.KmsKeyId !== null && { KmsKeyId: input.KmsKeyId }), + ...(input.PositionFiltering !== undefined && + input.PositionFiltering !== null && { PositionFiltering: input.PositionFiltering }), ...(input.PricingPlan !== undefined && input.PricingPlan !== null && { PricingPlan: input.PricingPlan }), ...(input.PricingPlanDataSource !== undefined && input.PricingPlanDataSource !== null && { PricingPlanDataSource: input.PricingPlanDataSource }), @@ -2256,6 +2258,8 @@ export const serializeAws_restJson1UpdateTrackerCommand = async ( let body: any; body = JSON.stringify({ ...(input.Description !== undefined && input.Description !== null && { Description: input.Description }), + ...(input.PositionFiltering !== undefined && + input.PositionFiltering !== null && { PositionFiltering: input.PositionFiltering }), ...(input.PricingPlan !== undefined && input.PricingPlan !== null && { PricingPlan: input.PricingPlan }), ...(input.PricingPlanDataSource !== undefined && input.PricingPlanDataSource !== null && { PricingPlanDataSource: input.PricingPlanDataSource }), @@ -4375,6 +4379,7 @@ export const deserializeAws_restJson1DescribeTrackerCommand = async ( CreateTime: undefined, Description: undefined, KmsKeyId: undefined, + PositionFiltering: undefined, PricingPlan: undefined, PricingPlanDataSource: undefined, Tags: undefined, @@ -4392,6 +4397,9 @@ export const deserializeAws_restJson1DescribeTrackerCommand = async ( if (data.KmsKeyId !== undefined && data.KmsKeyId !== null) { contents.KmsKeyId = __expectString(data.KmsKeyId); } + if (data.PositionFiltering !== undefined && data.PositionFiltering !== null) { + contents.PositionFiltering = __expectString(data.PositionFiltering); + } if (data.PricingPlan !== undefined && data.PricingPlan !== null) { contents.PricingPlan = __expectString(data.PricingPlan); } diff --git a/clients/client-sagemaker/src/SageMaker.ts b/clients/client-sagemaker/src/SageMaker.ts index 1d57e5d1f25b..6be7b4ee1e0f 100644 --- a/clients/client-sagemaker/src/SageMaker.ts +++ b/clients/client-sagemaker/src/SageMaker.ts @@ -1702,7 +1702,7 @@ export class SageMaker extends SageMakerClient { * *

                                                                                              For more information, see * Connect - * SageMaker Studio Notebooks to Resources in a VPC.

                                                                                              + * SageMaker Studio Notebooks to Resources in a VPC.

                                                                                              */ public createDomain( args: CreateDomainCommandInput, @@ -1811,7 +1811,7 @@ export class SageMaker extends SageMakerClient { * the role.

                                                                                              *
                                                                                                *
                                                                                              • - *

                                                                                                Option 1: For a full Amazon SageMaker access, search and attach the + *

                                                                                                Option 1: For a full SageMaker access, search and attach the * AmazonSageMakerFullAccess policy.

                                                                                                *
                                                                                                • *
                                                                                              • @@ -1833,7 +1833,7 @@ export class SageMaker extends SageMakerClient { *

                                                                                                * ] *

                                                                                                - *

                                                                                                For more information, see Amazon SageMaker API + *

                                                                                                For more information, see SageMaker API * Permissions: Actions, Permissions, and Resources * Reference.

                                                                                                *
                                                                                                • @@ -2676,7 +2676,7 @@ export class SageMaker extends SageMakerClient { * frame that attempts to connect to the app.

                                                                                                *

                                                                                                You can restrict access to this API and to the * URL that it returns to a list of IP addresses, Amazon VPCs or Amazon VPC Endpoints that you specify. For more - * information, see Connect to SageMaker Studio Through an Interface VPC Endpoint + * information, see Connect to SageMaker Studio Through an Interface VPC Endpoint * .

                                                                                                * *

                                                                                                The URL that you get from a call to CreatePresignedDomainUrl has a default timeout of 5 minutes. You can configure this value using ExpiresInSeconds. If you try to use the URL after the timeout limit expires, you diff --git a/clients/client-sagemaker/src/commands/CreateDomainCommand.ts b/clients/client-sagemaker/src/commands/CreateDomainCommand.ts index aafa97c00d43..4e5404d893c4 100644 --- a/clients/client-sagemaker/src/commands/CreateDomainCommand.ts +++ b/clients/client-sagemaker/src/commands/CreateDomainCommand.ts @@ -68,7 +68,7 @@ export interface CreateDomainCommandOutput extends CreateDomainResponse, __Metad * *

                                                                                                For more information, see * Connect - * SageMaker Studio Notebooks to Resources in a VPC.

                                                                                                + * SageMaker Studio Notebooks to Resources in a VPC.

                                                                                                * @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-sagemaker/src/commands/CreateEndpointCommand.ts b/clients/client-sagemaker/src/commands/CreateEndpointCommand.ts index 451dc563a0a3..d4ca3cfff195 100644 --- a/clients/client-sagemaker/src/commands/CreateEndpointCommand.ts +++ b/clients/client-sagemaker/src/commands/CreateEndpointCommand.ts @@ -70,7 +70,7 @@ export interface CreateEndpointCommandOutput extends CreateEndpointOutput, __Met * the role.

                                                                                                *
                                                                                                  *
                                                                                                • - *

                                                                                                  Option 1: For a full Amazon SageMaker access, search and attach the + *

                                                                                                  Option 1: For a full SageMaker access, search and attach the * AmazonSageMakerFullAccess policy.

                                                                                                  *
                                                                                                  • *
                                                                                                • @@ -92,7 +92,7 @@ export interface CreateEndpointCommandOutput extends CreateEndpointOutput, __Met *

                                                                                                  * ] *

                                                                                                  - *

                                                                                                  For more information, see Amazon SageMaker API + *

                                                                                                  For more information, see SageMaker API * Permissions: Actions, Permissions, and Resources * Reference.

                                                                                                  *
                                                                                                  • diff --git a/clients/client-sagemaker/src/commands/CreatePresignedDomainUrlCommand.ts b/clients/client-sagemaker/src/commands/CreatePresignedDomainUrlCommand.ts index 0afd7a706aec..1e0c32051055 100644 --- a/clients/client-sagemaker/src/commands/CreatePresignedDomainUrlCommand.ts +++ b/clients/client-sagemaker/src/commands/CreatePresignedDomainUrlCommand.ts @@ -33,7 +33,7 @@ export interface CreatePresignedDomainUrlCommandOutput extends CreatePresignedDo * frame that attempts to connect to the app.

                                                                                                  *

                                                                                                  You can restrict access to this API and to the * URL that it returns to a list of IP addresses, Amazon VPCs or Amazon VPC Endpoints that you specify. For more - * information, see Connect to SageMaker Studio Through an Interface VPC Endpoint + * information, see Connect to SageMaker Studio Through an Interface VPC Endpoint * .

                                                                                                  * *

                                                                                                  The URL that you get from a call to CreatePresignedDomainUrl has a default timeout of 5 minutes. You can configure this value using ExpiresInSeconds. If you try to use the URL after the timeout limit expires, you diff --git a/clients/client-sagemaker/src/models/models_0.ts b/clients/client-sagemaker/src/models/models_0.ts index 81713b705ae1..5e3bec919fc1 100644 --- a/clients/client-sagemaker/src/models/models_0.ts +++ b/clients/client-sagemaker/src/models/models_0.ts @@ -203,10 +203,10 @@ export namespace ResourceNotFound { /** *

                                                                                                  A tag object that consists of a key and an optional value, used to manage metadata - * for Amazon SageMaker Amazon Web Services resources.

                                                                                                  + * for SageMaker Amazon Web Services resources.

                                                                                                  *

                                                                                                  You can add tags to notebook instances, training jobs, hyperparameter tuning jobs, * batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and - * endpoints. For more information on adding tags to Amazon SageMaker resources, see AddTags.

                                                                                                  + * endpoints. For more information on adding tags to SageMaker resources, see AddTags.

                                                                                                  *

                                                                                                  For more information on adding metadata to your Amazon Web Services resources with tagging, see * Tagging Amazon Web Services * resources. For advice on best practices for managing Amazon Web Services resources with @@ -358,6 +358,7 @@ export namespace MetricDefinition { } export enum TrainingInputMode { + FASTFILE = "FastFile", FILE = "File", PIPE = "Pipe", } @@ -389,21 +390,43 @@ export interface AlgorithmSpecification { AlgorithmName?: string; /** - *

                                                                                                  The input mode that the algorithm supports. For the input modes that Amazon SageMaker - * algorithms support, see Algorithms. If an algorithm supports the File input mode, Amazon SageMaker - * downloads the training data from S3 to the provisioned ML storage Volume, and mounts the - * directory to docker volume for training container. If an algorithm supports the - * Pipe input mode, Amazon SageMaker streams data directly from S3 to the container.

                                                                                                  - *

                                                                                                  In File mode, make sure you provision ML storage volume with sufficient capacity - * to accommodate the data download from S3. In addition to the training data, the ML - * storage volume also stores the output model. The algorithm container use ML storage - * volume to also store intermediate information, if any.

                                                                                                  - *

                                                                                                  For distributed algorithms using File mode, training data is distributed - * uniformly, and your training duration is predictable if the input data objects size is - * approximately same. Amazon SageMaker does not split the files any further for model training. If the - * object sizes are skewed, training won't be optimal as the data distribution is also - * skewed where one host in a training cluster is overloaded, thus becoming bottleneck in - * training.

                                                                                                  + *

                                                                                                  The training input mode that the algorithm supports. For more information about input modes, see + * Algorithms.

                                                                                                  + * + *

                                                                                                  + * Pipe mode + *

                                                                                                  + *

                                                                                                  If an algorithm supports Pipe mode, Amazon SageMaker streams data directly + * from Amazon S3 to the container.

                                                                                                  + * + *

                                                                                                  + * File mode + *

                                                                                                  + *

                                                                                                  If an algorithm supports File mode, SageMaker + * downloads the training data from S3 to the provisioned ML storage volume, and mounts the + * directory to the Docker volume for the training container.

                                                                                                  + *

                                                                                                  You must provision the ML storage volume with sufficient capacity + * to accommodate the data downloaded from S3. In addition to the training data, the ML + * storage volume also stores the output model. The algorithm container uses the ML storage + * volume to also store intermediate information, if any.

                                                                                                  + *

                                                                                                  For distributed algorithms, training data is distributed uniformly. + * Your training duration is predictable if the input data objects sizes are + * approximately the same. SageMaker does not split the files any further for model training. + * If the object sizes are skewed, training won't be optimal as the data distribution is also + * skewed when one host in a training cluster is overloaded, thus becoming a bottleneck in + * training.

                                                                                                  + * + *

                                                                                                  + * FastFile mode + *

                                                                                                  + *

                                                                                                  If an algorithm supports FastFile mode, SageMaker streams data directly + * from S3 to the container with no code changes, and provides file system access to + * the data. Users can author their training script to interact with these files as if + * they were stored on disk.

                                                                                                  + *

                                                                                                  + * FastFile mode works best when the data is read sequentially. + * Augmented manifest files aren't supported. + * The startup time is lower when there are fewer files in the S3 bucket provided.

                                                                                                  */ TrainingInputMode: TrainingInputMode | string | undefined; @@ -1068,8 +1091,8 @@ export namespace ResourceConfig { } /** - *

                                                                                                  Specifies a limit to how long a model training job, model compilation job, or - * hyperparameter tuning job can run. It also specifies how long a managed Spot training + *

                                                                                                  Specifies a limit to how long a model training job or model compilation job + * can run. It also specifies how long a managed spot training * job has to complete. When the job reaches the time limit, Amazon SageMaker ends the training or * compilation job. Use this API to cap model training costs.

                                                                                                  *

                                                                                                  To stop a training job, Amazon SageMaker sends the algorithm the SIGTERM signal, which delays @@ -1127,12 +1150,43 @@ export namespace StoppingCondition { */ export interface TrainingJobDefinition { /** - *

                                                                                                  The input mode used by the algorithm for the training job. For the input modes that - * Amazon SageMaker algorithms support, see Algorithms.

                                                                                                  - *

                                                                                                  If an algorithm supports the File input mode, Amazon SageMaker downloads the training - * data from S3 to the provisioned ML storage Volume, and mounts the directory to docker - * volume for training container. If an algorithm supports the Pipe input - * mode, Amazon SageMaker streams data directly from S3 to the container.

                                                                                                  + *

                                                                                                  The training input mode that the algorithm supports. For more information about input modes, see + * Algorithms.

                                                                                                  + * + *

                                                                                                  + * Pipe mode + *

                                                                                                  + *

                                                                                                  If an algorithm supports Pipe mode, Amazon SageMaker streams data directly + * from Amazon S3 to the container.

                                                                                                  + * + *

                                                                                                  + * File mode + *

                                                                                                  + *

                                                                                                  If an algorithm supports File mode, SageMaker + * downloads the training data from S3 to the provisioned ML storage volume, and mounts the + * directory to the Docker volume for the training container.

                                                                                                  + *

                                                                                                  You must provision the ML storage volume with sufficient capacity + * to accommodate the data downloaded from S3. In addition to the training data, the ML + * storage volume also stores the output model. The algorithm container uses the ML storage + * volume to also store intermediate information, if any.

                                                                                                  + *

                                                                                                  For distributed algorithms, training data is distributed uniformly. + * Your training duration is predictable if the input data objects sizes are + * approximately the same. SageMaker does not split the files any further for model training. + * If the object sizes are skewed, training won't be optimal as the data distribution is also + * skewed when one host in a training cluster is overloaded, thus becoming a bottleneck in + * training.

                                                                                                  + * + *

                                                                                                  + * FastFile mode + *

                                                                                                  + *

                                                                                                  If an algorithm supports FastFile mode, SageMaker streams data directly + * from S3 to the container with no code changes, and provides file system access to + * the data. Users can author their training script to interact with these files as if + * they were stored on disk.

                                                                                                  + *

                                                                                                  + * FastFile mode works best when the data is read sequentially. + * Augmented manifest files aren't supported. + * The startup time is lower when there are fewer files in the S3 bucket provided.

                                                                                                  */ TrainingInputMode: TrainingInputMode | string | undefined; @@ -4266,13 +4320,17 @@ export interface AutoMLJobCompletionCriteria { MaxCandidates?: number; /** - *

                                                                                                  The maximum time, in seconds, a training job is allowed to run as part of an AutoML - * job.

                                                                                                  + *

                                                                                                  The maximum time, in seconds, that each training job is allowed to run as part of a + * hyperparameter tuning job. For more information, see the used by the action.

                                                                                                  */ MaxRuntimePerTrainingJobInSeconds?: number; /** *

                                                                                                  The maximum runtime, in seconds, an AutoML job has to complete.

                                                                                                  + *

                                                                                                  If an AutoML job exceeds the maximum runtime, the job is stopped automatically and its + * processing is ended gracefully. The AutoML job identifies the best model whose training was + * completed and marks it as the best-performing model. Any unfinished steps of the job, such + * as automatic one-click Autopilot model deployment, will not be completed.

                                                                                                  */ MaxAutoMLJobRuntimeInSeconds?: number; } @@ -7834,7 +7892,7 @@ export interface EndpointInput { /** *

                                                                                                  Whether the Pipe or File is used as the input mode for - * transfering data for the monitoring job. Pipe mode is recommended for large + * transferring data for the monitoring job. Pipe mode is recommended for large * datasets. File mode is useful for small files that fit in memory. Defaults to * File.

                                                                                                  */ @@ -9450,11 +9508,13 @@ export interface CreateFeatureGroupRequest { * OfflineStore.

                                                                                                  * *
                                                                                                • - *

                                                                                                  A configuration for an Amazon Web Services Glue or Amazon Web Services Hive data cataolgue.

                                                                                                  + *

                                                                                                  A configuration for an Amazon Web Services Glue or Amazon Web Services Hive data catalog.

                                                                                                  *
                                                                                                  • *
                                                                                                • *

                                                                                                  An KMS encryption key to encrypt the Amazon S3 location used for - * OfflineStore.

                                                                                                  + * OfflineStore. If KMS encryption key is not specified, by default we encrypt all data at rest using + * Amazon Web Services KMS key. By defining your bucket-level key for SSE, + * you can reduce Amazon Web Services KMS requests costs by up to 99 percent.

                                                                                                  *
                                                                                                  • *
                                                                                                *

                                                                                                To learn more about this parameter, see OfflineStoreConfig.

                                                                                                @@ -10689,22 +10749,43 @@ export interface HyperParameterAlgorithmSpecification { TrainingImage?: string; /** - *

                                                                                                The input mode that the algorithm supports: - * File - * or Pipe. In File input mode, Amazon SageMaker downloads the training data from - * Amazon S3 to the - * storage - * volume that is attached to the training instance and mounts the directory to the Docker - * volume for the training container. In Pipe input mode, Amazon SageMaker streams - * data directly from Amazon S3 to the container.

                                                                                                - *

                                                                                                If you specify File mode, make sure that - * you - * provision the storage volume that is attached to the training instance with enough - * capacity to accommodate the training data downloaded from Amazon S3, the model artifacts, and - * intermediate - * information.

                                                                                                - *

                                                                                                - *

                                                                                                For more information about input modes, see Algorithms.

                                                                                                + *

                                                                                                The training input mode that the algorithm supports. For more information about input modes, see + * Algorithms.

                                                                                                + * + *

                                                                                                + * Pipe mode + *

                                                                                                + *

                                                                                                If an algorithm supports Pipe mode, Amazon SageMaker streams data directly + * from Amazon S3 to the container.

                                                                                                + * + *

                                                                                                + * File mode + *

                                                                                                + *

                                                                                                If an algorithm supports File mode, SageMaker + * downloads the training data from S3 to the provisioned ML storage volume, and mounts the + * directory to the Docker volume for the training container.

                                                                                                + *

                                                                                                You must provision the ML storage volume with sufficient capacity + * to accommodate the data downloaded from S3. In addition to the training data, the ML + * storage volume also stores the output model. The algorithm container uses the ML storage + * volume to also store intermediate information, if any.

                                                                                                + *

                                                                                                For distributed algorithms, training data is distributed uniformly. + * Your training duration is predictable if the input data objects sizes are + * approximately the same. SageMaker does not split the files any further for model training. + * If the object sizes are skewed, training won't be optimal as the data distribution is also + * skewed when one host in a training cluster is overloaded, thus becoming a bottleneck in + * training.

                                                                                                + * + *

                                                                                                + * FastFile mode + *

                                                                                                + *

                                                                                                If an algorithm supports FastFile mode, SageMaker streams data directly + * from S3 to the container with no code changes, and provides file system access to + * the data. Users can author their training script to interact with these files as if + * they were stored on disk.

                                                                                                + *

                                                                                                + * FastFile mode works best when the data is read sequentially. + * Augmented manifest files aren't supported. + * The startup time is lower when there are fewer files in the S3 bucket provided.

                                                                                                */ TrainingInputMode: TrainingInputMode | string | undefined; diff --git a/clients/client-sagemaker/src/models/models_1.ts b/clients/client-sagemaker/src/models/models_1.ts index 3649e33e7132..2923125d5936 100644 --- a/clients/client-sagemaker/src/models/models_1.ts +++ b/clients/client-sagemaker/src/models/models_1.ts @@ -2991,13 +2991,13 @@ export interface DataProcessing { * JoinSource to Input. You can specify * OutputFilter as an additional filter to select a portion of the joined * dataset and store it in the output file.

                                                                                                - *

                                                                                                For JSON or JSONLines objects, such as a JSON array, Amazon SageMaker adds the transformed data to + *

                                                                                                For JSON or JSONLines objects, such as a JSON array, SageMaker adds the transformed data to * the input JSON object in an attribute called SageMakerOutput. The joined * result for JSON must be a key-value pair object. If the input is not a key-value pair - * object, Amazon SageMaker creates a new JSON file. In the new JSON file, and the input data is stored + * object, SageMaker creates a new JSON file. In the new JSON file, and the input data is stored * under the SageMakerInput key and the results are stored in * SageMakerOutput.

                                                                                                - *

                                                                                                For CSV data, Amazon SageMaker takes each row as a JSON array and joins the transformed data with + *

                                                                                                For CSV data, SageMaker takes each row as a JSON array and joins the transformed data with * the input by appending each transformed row to the end of the input. The joined data has * the original input data followed by the transformed data and the output is a CSV * file.

                                                                                                @@ -5154,7 +5154,7 @@ export interface DescribeAppResponse { LastHealthCheckTimestamp?: Date; /** - *

                                                                                                The timestamp of the last user's activity.

                                                                                                + *

                                                                                                The timestamp of the last user's activity. LastUserActivityTimestamp is also updated when SageMaker performs health checks without user activity. As a result, this value is set to the same value as LastHealthCheckTimestamp.

                                                                                                */ LastUserActivityTimestamp?: Date; diff --git a/clients/client-sagemaker/src/models/models_2.ts b/clients/client-sagemaker/src/models/models_2.ts index 0cdc61ab5fb3..fbec76cfd58b 100644 --- a/clients/client-sagemaker/src/models/models_2.ts +++ b/clients/client-sagemaker/src/models/models_2.ts @@ -660,7 +660,7 @@ export interface DescribeTrainingJobResponse { * time.

                                                                                                *

                                                                                                Multiply BillableTimeInSeconds by the number of instances * (InstanceCount) in your training cluster to get the total compute time - * Amazon SageMaker will bill you if you run distributed training. The formula is as follows: + * SageMaker will bill you if you run distributed training. The formula is as follows: * BillableTimeInSeconds * InstanceCount .

                                                                                                *

                                                                                                You can calculate the savings from using managed spot training using the formula * (1 - BillableTimeInSeconds / TrainingTimeInSeconds) * 100. For example, diff --git a/clients/client-sso-oidc/src/endpoints.ts b/clients/client-sso-oidc/src/endpoints.ts index 5771eabea5ec..7b5d339f91a0 100644 --- a/clients/client-sso-oidc/src/endpoints.ts +++ b/clients/client-sso-oidc/src/endpoints.ts @@ -46,6 +46,10 @@ const regionHash: RegionHash = { hostname: "oidc.eu-west-3.amazonaws.com", signingRegion: "eu-west-3", }, + "sa-east-1": { + hostname: "oidc.sa-east-1.amazonaws.com", + signingRegion: "sa-east-1", + }, "us-east-1": { hostname: "oidc.us-east-1.amazonaws.com", signingRegion: "us-east-1", diff --git a/clients/client-workmail/src/WorkMail.ts b/clients/client-workmail/src/WorkMail.ts index 4171256bb2e9..899bc24584c2 100644 --- a/clients/client-workmail/src/WorkMail.ts +++ b/clients/client-workmail/src/WorkMail.ts @@ -81,6 +81,11 @@ import { DescribeGroupCommandInput, DescribeGroupCommandOutput, } from "./commands/DescribeGroupCommand"; +import { + DescribeInboundDmarcSettingsCommand, + DescribeInboundDmarcSettingsCommandInput, + DescribeInboundDmarcSettingsCommandOutput, +} from "./commands/DescribeInboundDmarcSettingsCommand"; import { DescribeMailboxExportJobCommand, DescribeMailboxExportJobCommandInput, @@ -194,6 +199,11 @@ import { PutAccessControlRuleCommandInput, PutAccessControlRuleCommandOutput, } from "./commands/PutAccessControlRuleCommand"; +import { + PutInboundDmarcSettingsCommand, + PutInboundDmarcSettingsCommandInput, + PutInboundDmarcSettingsCommandOutput, +} from "./commands/PutInboundDmarcSettingsCommand"; import { PutMailboxPermissionsCommand, PutMailboxPermissionsCommandInput, @@ -943,6 +953,38 @@ export class WorkMail extends WorkMailClient { } } + /** + *

                                                                                                Lists the settings in a DMARC policy for a specified organization.

                                                                                                + */ + public describeInboundDmarcSettings( + args: DescribeInboundDmarcSettingsCommandInput, + options?: __HttpHandlerOptions + ): Promise; + public describeInboundDmarcSettings( + args: DescribeInboundDmarcSettingsCommandInput, + cb: (err: any, data?: DescribeInboundDmarcSettingsCommandOutput) => void + ): void; + public describeInboundDmarcSettings( + args: DescribeInboundDmarcSettingsCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: DescribeInboundDmarcSettingsCommandOutput) => void + ): void; + public describeInboundDmarcSettings( + args: DescribeInboundDmarcSettingsCommandInput, + optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: DescribeInboundDmarcSettingsCommandOutput) => void), + cb?: (err: any, data?: DescribeInboundDmarcSettingsCommandOutput) => void + ): Promise | void { + const command = new DescribeInboundDmarcSettingsCommand(args); + if (typeof optionsOrCb === "function") { + this.send(command, optionsOrCb); + } else if (typeof cb === "function") { + if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`); + this.send(command, optionsOrCb || {}, cb); + } else { + return this.send(command, optionsOrCb); + } + } + /** *

                                                                                                Describes the current status of a mailbox export job.

                                                                                                */ @@ -1733,6 +1775,38 @@ export class WorkMail extends WorkMailClient { } } + /** + *

                                                                                                Enables or disables a DMARC policy for a given organization.

                                                                                                + */ + public putInboundDmarcSettings( + args: PutInboundDmarcSettingsCommandInput, + options?: __HttpHandlerOptions + ): Promise; + public putInboundDmarcSettings( + args: PutInboundDmarcSettingsCommandInput, + cb: (err: any, data?: PutInboundDmarcSettingsCommandOutput) => void + ): void; + public putInboundDmarcSettings( + args: PutInboundDmarcSettingsCommandInput, + options: __HttpHandlerOptions, + cb: (err: any, data?: PutInboundDmarcSettingsCommandOutput) => void + ): void; + public putInboundDmarcSettings( + args: PutInboundDmarcSettingsCommandInput, + optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: PutInboundDmarcSettingsCommandOutput) => void), + cb?: (err: any, data?: PutInboundDmarcSettingsCommandOutput) => void + ): Promise | void { + const command = new PutInboundDmarcSettingsCommand(args); + if (typeof optionsOrCb === "function") { + this.send(command, optionsOrCb); + } else if (typeof cb === "function") { + if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`); + this.send(command, optionsOrCb || {}, cb); + } else { + return this.send(command, optionsOrCb); + } + } + /** *

                                                                                                Sets permissions for a user, group, or resource. This replaces any pre-existing * permissions.

                                                                                                diff --git a/clients/client-workmail/src/WorkMailClient.ts b/clients/client-workmail/src/WorkMailClient.ts index b25f105f1764..2c1017cbb369 100644 --- a/clients/client-workmail/src/WorkMailClient.ts +++ b/clients/client-workmail/src/WorkMailClient.ts @@ -100,6 +100,10 @@ import { DeregisterFromWorkMailCommandOutput, } from "./commands/DeregisterFromWorkMailCommand"; import { DescribeGroupCommandInput, DescribeGroupCommandOutput } from "./commands/DescribeGroupCommand"; +import { + DescribeInboundDmarcSettingsCommandInput, + DescribeInboundDmarcSettingsCommandOutput, +} from "./commands/DescribeInboundDmarcSettingsCommand"; import { DescribeMailboxExportJobCommandInput, DescribeMailboxExportJobCommandOutput, @@ -173,6 +177,10 @@ import { PutAccessControlRuleCommandInput, PutAccessControlRuleCommandOutput, } from "./commands/PutAccessControlRuleCommand"; +import { + PutInboundDmarcSettingsCommandInput, + PutInboundDmarcSettingsCommandOutput, +} from "./commands/PutInboundDmarcSettingsCommand"; import { PutMailboxPermissionsCommandInput, PutMailboxPermissionsCommandOutput, @@ -224,6 +232,7 @@ export type ServiceInputTypes = | DeleteUserCommandInput | DeregisterFromWorkMailCommandInput | DescribeGroupCommandInput + | DescribeInboundDmarcSettingsCommandInput | DescribeMailboxExportJobCommandInput | DescribeOrganizationCommandInput | DescribeResourceCommandInput @@ -249,6 +258,7 @@ export type ServiceInputTypes = | ListTagsForResourceCommandInput | ListUsersCommandInput | PutAccessControlRuleCommandInput + | PutInboundDmarcSettingsCommandInput | PutMailboxPermissionsCommandInput | PutMobileDeviceAccessOverrideCommandInput | PutRetentionPolicyCommandInput @@ -284,6 +294,7 @@ export type ServiceOutputTypes = | DeleteUserCommandOutput | DeregisterFromWorkMailCommandOutput | DescribeGroupCommandOutput + | DescribeInboundDmarcSettingsCommandOutput | DescribeMailboxExportJobCommandOutput | DescribeOrganizationCommandOutput | DescribeResourceCommandOutput @@ -309,6 +320,7 @@ export type ServiceOutputTypes = | ListTagsForResourceCommandOutput | ListUsersCommandOutput | PutAccessControlRuleCommandOutput + | PutInboundDmarcSettingsCommandOutput | PutMailboxPermissionsCommandOutput | PutMobileDeviceAccessOverrideCommandOutput | PutRetentionPolicyCommandOutput diff --git a/clients/client-workmail/src/commands/DescribeInboundDmarcSettingsCommand.ts b/clients/client-workmail/src/commands/DescribeInboundDmarcSettingsCommand.ts new file mode 100644 index 000000000000..7fd3fc8734c9 --- /dev/null +++ b/clients/client-workmail/src/commands/DescribeInboundDmarcSettingsCommand.ts @@ -0,0 +1,100 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { DescribeInboundDmarcSettingsRequest, DescribeInboundDmarcSettingsResponse } from "../models/models_0"; +import { + deserializeAws_json1_1DescribeInboundDmarcSettingsCommand, + serializeAws_json1_1DescribeInboundDmarcSettingsCommand, +} from "../protocols/Aws_json1_1"; +import { ServiceInputTypes, ServiceOutputTypes, WorkMailClientResolvedConfig } from "../WorkMailClient"; + +export interface DescribeInboundDmarcSettingsCommandInput extends DescribeInboundDmarcSettingsRequest {} +export interface DescribeInboundDmarcSettingsCommandOutput + extends DescribeInboundDmarcSettingsResponse, + __MetadataBearer {} + +/** + *

                                                                                                Lists the settings in a DMARC policy for a specified organization.

                                                                                                + * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { WorkMailClient, DescribeInboundDmarcSettingsCommand } from "@aws-sdk/client-workmail"; // ES Modules import + * // const { WorkMailClient, DescribeInboundDmarcSettingsCommand } = require("@aws-sdk/client-workmail"); // CommonJS import + * const client = new WorkMailClient(config); + * const command = new DescribeInboundDmarcSettingsCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link DescribeInboundDmarcSettingsCommandInput} for command's `input` shape. + * @see {@link DescribeInboundDmarcSettingsCommandOutput} for command's `response` shape. + * @see {@link WorkMailClientResolvedConfig | config} for command's `input` shape. + * + */ +export class DescribeInboundDmarcSettingsCommand extends $Command< + DescribeInboundDmarcSettingsCommandInput, + DescribeInboundDmarcSettingsCommandOutput, + WorkMailClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: DescribeInboundDmarcSettingsCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStack, + configuration: WorkMailClientResolvedConfig, + options?: __HttpHandlerOptions + ): Handler { + this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); + + const stack = clientStack.concat(this.middlewareStack); + + const { logger } = configuration; + const clientName = "WorkMailClient"; + const commandName = "DescribeInboundDmarcSettingsCommand"; + const handlerExecutionContext: HandlerExecutionContext = { + logger, + clientName, + commandName, + inputFilterSensitiveLog: DescribeInboundDmarcSettingsRequest.filterSensitiveLog, + outputFilterSensitiveLog: DescribeInboundDmarcSettingsResponse.filterSensitiveLog, + }; + const { requestHandler } = configuration; + return stack.resolve( + (request: FinalizeHandlerArguments) => + requestHandler.handle(request.request as __HttpRequest, options || {}), + handlerExecutionContext + ); + } + + private serialize(input: DescribeInboundDmarcSettingsCommandInput, context: __SerdeContext): Promise<__HttpRequest> { + return serializeAws_json1_1DescribeInboundDmarcSettingsCommand(input, context); + } + + private deserialize( + output: __HttpResponse, + context: __SerdeContext + ): Promise { + return deserializeAws_json1_1DescribeInboundDmarcSettingsCommand(output, context); + } + + // Start section: command_body_extra + // End section: command_body_extra +} diff --git a/clients/client-workmail/src/commands/PutInboundDmarcSettingsCommand.ts b/clients/client-workmail/src/commands/PutInboundDmarcSettingsCommand.ts new file mode 100644 index 000000000000..9b9856b80d79 --- /dev/null +++ b/clients/client-workmail/src/commands/PutInboundDmarcSettingsCommand.ts @@ -0,0 +1,95 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { PutInboundDmarcSettingsRequest, PutInboundDmarcSettingsResponse } from "../models/models_0"; +import { + deserializeAws_json1_1PutInboundDmarcSettingsCommand, + serializeAws_json1_1PutInboundDmarcSettingsCommand, +} from "../protocols/Aws_json1_1"; +import { ServiceInputTypes, ServiceOutputTypes, WorkMailClientResolvedConfig } from "../WorkMailClient"; + +export interface PutInboundDmarcSettingsCommandInput extends PutInboundDmarcSettingsRequest {} +export interface PutInboundDmarcSettingsCommandOutput extends PutInboundDmarcSettingsResponse, __MetadataBearer {} + +/** + *

                                                                                                Enables or disables a DMARC policy for a given organization.

                                                                                                + * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { WorkMailClient, PutInboundDmarcSettingsCommand } from "@aws-sdk/client-workmail"; // ES Modules import + * // const { WorkMailClient, PutInboundDmarcSettingsCommand } = require("@aws-sdk/client-workmail"); // CommonJS import + * const client = new WorkMailClient(config); + * const command = new PutInboundDmarcSettingsCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link PutInboundDmarcSettingsCommandInput} for command's `input` shape. + * @see {@link PutInboundDmarcSettingsCommandOutput} for command's `response` shape. + * @see {@link WorkMailClientResolvedConfig | config} for command's `input` shape. + * + */ +export class PutInboundDmarcSettingsCommand extends $Command< + PutInboundDmarcSettingsCommandInput, + PutInboundDmarcSettingsCommandOutput, + WorkMailClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: PutInboundDmarcSettingsCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStack, + configuration: WorkMailClientResolvedConfig, + options?: __HttpHandlerOptions + ): Handler { + this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize)); + + const stack = clientStack.concat(this.middlewareStack); + + const { logger } = configuration; + const clientName = "WorkMailClient"; + const commandName = "PutInboundDmarcSettingsCommand"; + const handlerExecutionContext: HandlerExecutionContext = { + logger, + clientName, + commandName, + inputFilterSensitiveLog: PutInboundDmarcSettingsRequest.filterSensitiveLog, + outputFilterSensitiveLog: PutInboundDmarcSettingsResponse.filterSensitiveLog, + }; + const { requestHandler } = configuration; + return stack.resolve( + (request: FinalizeHandlerArguments) => + requestHandler.handle(request.request as __HttpRequest, options || {}), + handlerExecutionContext + ); + } + + private serialize(input: PutInboundDmarcSettingsCommandInput, context: __SerdeContext): Promise<__HttpRequest> { + return serializeAws_json1_1PutInboundDmarcSettingsCommand(input, context); + } + + private deserialize(output: __HttpResponse, context: __SerdeContext): Promise { + return deserializeAws_json1_1PutInboundDmarcSettingsCommand(output, context); + } + + // Start section: command_body_extra + // End section: command_body_extra +} diff --git a/clients/client-workmail/src/index.ts b/clients/client-workmail/src/index.ts index 71c25867fde7..5ba6f01a97b3 100644 --- a/clients/client-workmail/src/index.ts +++ b/clients/client-workmail/src/index.ts @@ -21,6 +21,7 @@ export * from "./commands/DeleteRetentionPolicyCommand"; export * from "./commands/DeleteUserCommand"; export * from "./commands/DeregisterFromWorkMailCommand"; export * from "./commands/DescribeGroupCommand"; +export * from "./commands/DescribeInboundDmarcSettingsCommand"; export * from "./commands/DescribeMailboxExportJobCommand"; export * from "./commands/DescribeOrganizationCommand"; export * from "./commands/DescribeResourceCommand"; @@ -56,6 +57,7 @@ export * from "./commands/ListTagsForResourceCommand"; export * from "./commands/ListUsersCommand"; export * from "./pagination/ListUsersPaginator"; export * from "./commands/PutAccessControlRuleCommand"; +export * from "./commands/PutInboundDmarcSettingsCommand"; export * from "./commands/PutMailboxPermissionsCommand"; export * from "./commands/PutMobileDeviceAccessOverrideCommand"; export * from "./commands/PutRetentionPolicyCommand"; diff --git a/clients/client-workmail/src/models/models_0.ts b/clients/client-workmail/src/models/models_0.ts index d63751b6b64a..47b3578cdce2 100644 --- a/clients/client-workmail/src/models/models_0.ts +++ b/clients/client-workmail/src/models/models_0.ts @@ -1370,6 +1370,38 @@ export namespace DescribeGroupResponse { }); } +export interface DescribeInboundDmarcSettingsRequest { + /** + *

                                                                                                Lists the ID of the given organization.

                                                                                                + */ + OrganizationId: string | undefined; +} + +export namespace DescribeInboundDmarcSettingsRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DescribeInboundDmarcSettingsRequest): any => ({ + ...obj, + }); +} + +export interface DescribeInboundDmarcSettingsResponse { + /** + *

                                                                                                Lists the enforcement setting of the applied policy.

                                                                                                + */ + Enforced?: boolean; +} + +export namespace DescribeInboundDmarcSettingsResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DescribeInboundDmarcSettingsResponse): any => ({ + ...obj, + }); +} + export interface DescribeMailboxExportJobRequest { /** *

                                                                                                The mailbox export job ID.

                                                                                                @@ -3382,6 +3414,38 @@ export namespace PutAccessControlRuleResponse { }); } +export interface PutInboundDmarcSettingsRequest { + /** + *

                                                                                                The ID of the organization that you are applying the DMARC policy to.

                                                                                                + */ + OrganizationId: string | undefined; + + /** + *

                                                                                                Enforces or suspends a policy after it's applied.

                                                                                                + */ + Enforced: boolean | undefined; +} + +export namespace PutInboundDmarcSettingsRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: PutInboundDmarcSettingsRequest): any => ({ + ...obj, + }); +} + +export interface PutInboundDmarcSettingsResponse {} + +export namespace PutInboundDmarcSettingsResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: PutInboundDmarcSettingsResponse): any => ({ + ...obj, + }); +} + export interface PutMailboxPermissionsRequest { /** *

                                                                                                The identifier of the organization under which the user, group, or resource diff --git a/clients/client-workmail/src/protocols/Aws_json1_1.ts b/clients/client-workmail/src/protocols/Aws_json1_1.ts index a5757bc387fa..0a5bdc79aeb7 100644 --- a/clients/client-workmail/src/protocols/Aws_json1_1.ts +++ b/clients/client-workmail/src/protocols/Aws_json1_1.ts @@ -69,6 +69,10 @@ import { DeregisterFromWorkMailCommandOutput, } from "../commands/DeregisterFromWorkMailCommand"; import { DescribeGroupCommandInput, DescribeGroupCommandOutput } from "../commands/DescribeGroupCommand"; +import { + DescribeInboundDmarcSettingsCommandInput, + DescribeInboundDmarcSettingsCommandOutput, +} from "../commands/DescribeInboundDmarcSettingsCommand"; import { DescribeMailboxExportJobCommandInput, DescribeMailboxExportJobCommandOutput, @@ -142,6 +146,10 @@ import { PutAccessControlRuleCommandInput, PutAccessControlRuleCommandOutput, } from "../commands/PutAccessControlRuleCommand"; +import { + PutInboundDmarcSettingsCommandInput, + PutInboundDmarcSettingsCommandOutput, +} from "../commands/PutInboundDmarcSettingsCommand"; import { PutMailboxPermissionsCommandInput, PutMailboxPermissionsCommandOutput, @@ -215,6 +223,8 @@ import { DeregisterFromWorkMailResponse, DescribeGroupRequest, DescribeGroupResponse, + DescribeInboundDmarcSettingsRequest, + DescribeInboundDmarcSettingsResponse, DescribeMailboxExportJobRequest, DescribeMailboxExportJobResponse, DescribeOrganizationRequest, @@ -292,6 +302,8 @@ import { PermissionType, PutAccessControlRuleRequest, PutAccessControlRuleResponse, + PutInboundDmarcSettingsRequest, + PutInboundDmarcSettingsResponse, PutMailboxPermissionsRequest, PutMailboxPermissionsResponse, PutMobileDeviceAccessOverrideRequest, @@ -598,6 +610,19 @@ export const serializeAws_json1_1DescribeGroupCommand = async ( return buildHttpRpcRequest(context, headers, "/", undefined, body); }; +export const serializeAws_json1_1DescribeInboundDmarcSettingsCommand = async ( + input: DescribeInboundDmarcSettingsCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const headers: __HeaderBag = { + "content-type": "application/x-amz-json-1.1", + "x-amz-target": "WorkMailService.DescribeInboundDmarcSettings", + }; + let body: any; + body = JSON.stringify(serializeAws_json1_1DescribeInboundDmarcSettingsRequest(input, context)); + return buildHttpRpcRequest(context, headers, "/", undefined, body); +}; + export const serializeAws_json1_1DescribeMailboxExportJobCommand = async ( input: DescribeMailboxExportJobCommandInput, context: __SerdeContext @@ -923,6 +948,19 @@ export const serializeAws_json1_1PutAccessControlRuleCommand = async ( return buildHttpRpcRequest(context, headers, "/", undefined, body); }; +export const serializeAws_json1_1PutInboundDmarcSettingsCommand = async ( + input: PutInboundDmarcSettingsCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const headers: __HeaderBag = { + "content-type": "application/x-amz-json-1.1", + "x-amz-target": "WorkMailService.PutInboundDmarcSettings", + }; + let body: any; + body = JSON.stringify(serializeAws_json1_1PutInboundDmarcSettingsRequest(input, context)); + return buildHttpRpcRequest(context, headers, "/", undefined, body); +}; + export const serializeAws_json1_1PutMailboxPermissionsCommand = async ( input: PutMailboxPermissionsCommandInput, context: __SerdeContext @@ -2933,6 +2971,68 @@ const deserializeAws_json1_1DescribeGroupCommandError = async ( return Promise.reject(Object.assign(new Error(message), response)); }; +export const deserializeAws_json1_1DescribeInboundDmarcSettingsCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode >= 300) { + return deserializeAws_json1_1DescribeInboundDmarcSettingsCommandError(output, context); + } + const data: any = await parseBody(output.body, context); + let contents: any = {}; + contents = deserializeAws_json1_1DescribeInboundDmarcSettingsResponse(data, context); + const response: DescribeInboundDmarcSettingsCommandOutput = { + $metadata: deserializeMetadata(output), + ...contents, + }; + return Promise.resolve(response); +}; + +const deserializeAws_json1_1DescribeInboundDmarcSettingsCommandError = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + const parsedOutput: any = { + ...output, + body: await parseBody(output.body, context), + }; + let response: __SmithyException & __MetadataBearer & { [key: string]: any }; + let errorCode = "UnknownError"; + errorCode = loadRestJsonErrorCode(output, parsedOutput.body); + switch (errorCode) { + case "OrganizationNotFoundException": + case "com.amazonaws.workmail#OrganizationNotFoundException": + response = { + ...(await deserializeAws_json1_1OrganizationNotFoundExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "OrganizationStateException": + case "com.amazonaws.workmail#OrganizationStateException": + response = { + ...(await deserializeAws_json1_1OrganizationStateExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + default: + const parsedBody = parsedOutput.body; + errorCode = parsedBody.code || parsedBody.Code || errorCode; + response = { + ...parsedBody, + name: `${errorCode}`, + message: parsedBody.message || parsedBody.Message || errorCode, + $fault: "client", + $metadata: deserializeMetadata(output), + } as any; + } + const message = response.message || response.Message || errorCode; + response.message = message; + delete response.Message; + return Promise.reject(Object.assign(new Error(message), response)); +}; + export const deserializeAws_json1_1DescribeMailboxExportJobCommand = async ( output: __HttpResponse, context: __SerdeContext @@ -4835,6 +4935,68 @@ const deserializeAws_json1_1PutAccessControlRuleCommandError = async ( return Promise.reject(Object.assign(new Error(message), response)); }; +export const deserializeAws_json1_1PutInboundDmarcSettingsCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + if (output.statusCode >= 300) { + return deserializeAws_json1_1PutInboundDmarcSettingsCommandError(output, context); + } + const data: any = await parseBody(output.body, context); + let contents: any = {}; + contents = deserializeAws_json1_1PutInboundDmarcSettingsResponse(data, context); + const response: PutInboundDmarcSettingsCommandOutput = { + $metadata: deserializeMetadata(output), + ...contents, + }; + return Promise.resolve(response); +}; + +const deserializeAws_json1_1PutInboundDmarcSettingsCommandError = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise => { + const parsedOutput: any = { + ...output, + body: await parseBody(output.body, context), + }; + let response: __SmithyException & __MetadataBearer & { [key: string]: any }; + let errorCode = "UnknownError"; + errorCode = loadRestJsonErrorCode(output, parsedOutput.body); + switch (errorCode) { + case "OrganizationNotFoundException": + case "com.amazonaws.workmail#OrganizationNotFoundException": + response = { + ...(await deserializeAws_json1_1OrganizationNotFoundExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + case "OrganizationStateException": + case "com.amazonaws.workmail#OrganizationStateException": + response = { + ...(await deserializeAws_json1_1OrganizationStateExceptionResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; + default: + const parsedBody = parsedOutput.body; + errorCode = parsedBody.code || parsedBody.Code || errorCode; + response = { + ...parsedBody, + name: `${errorCode}`, + message: parsedBody.message || parsedBody.Message || errorCode, + $fault: "client", + $metadata: deserializeMetadata(output), + } as any; + } + const message = response.message || response.Message || errorCode; + response.message = message; + delete response.Message; + return Promise.reject(Object.assign(new Error(message), response)); +}; + export const deserializeAws_json1_1PutMailboxPermissionsCommand = async ( output: __HttpResponse, context: __SerdeContext @@ -6555,6 +6717,16 @@ const serializeAws_json1_1DescribeGroupRequest = (input: DescribeGroupRequest, c }; }; +const serializeAws_json1_1DescribeInboundDmarcSettingsRequest = ( + input: DescribeInboundDmarcSettingsRequest, + context: __SerdeContext +): any => { + return { + ...(input.OrganizationId !== undefined && + input.OrganizationId !== null && { OrganizationId: input.OrganizationId }), + }; +}; + const serializeAws_json1_1DescribeMailboxExportJobRequest = ( input: DescribeMailboxExportJobRequest, context: __SerdeContext @@ -6944,6 +7116,17 @@ const serializeAws_json1_1PutAccessControlRuleRequest = ( }; }; +const serializeAws_json1_1PutInboundDmarcSettingsRequest = ( + input: PutInboundDmarcSettingsRequest, + context: __SerdeContext +): any => { + return { + ...(input.Enforced !== undefined && input.Enforced !== null && { Enforced: input.Enforced }), + ...(input.OrganizationId !== undefined && + input.OrganizationId !== null && { OrganizationId: input.OrganizationId }), + }; +}; + const serializeAws_json1_1PutMailboxPermissionsRequest = ( input: PutMailboxPermissionsRequest, context: __SerdeContext @@ -7414,6 +7597,15 @@ const deserializeAws_json1_1DescribeGroupResponse = (output: any, context: __Ser } as any; }; +const deserializeAws_json1_1DescribeInboundDmarcSettingsResponse = ( + output: any, + context: __SerdeContext +): DescribeInboundDmarcSettingsResponse => { + return { + Enforced: __expectBoolean(output.Enforced), + } as any; +}; + const deserializeAws_json1_1DescribeMailboxExportJobResponse = ( output: any, context: __SerdeContext @@ -8222,6 +8414,13 @@ const deserializeAws_json1_1PutAccessControlRuleResponse = ( return {} as any; }; +const deserializeAws_json1_1PutInboundDmarcSettingsResponse = ( + output: any, + context: __SerdeContext +): PutInboundDmarcSettingsResponse => { + return {} as any; +}; + const deserializeAws_json1_1PutMailboxPermissionsResponse = ( output: any, context: __SerdeContext diff --git a/codegen/sdk-codegen/aws-models/amplifybackend.2020-08-11.json b/codegen/sdk-codegen/aws-models/amplifybackend.2020-08-11.json index 82b9aef93ff4..052049f3a0f5 100644 --- a/codegen/sdk-codegen/aws-models/amplifybackend.2020-08-11.json +++ b/codegen/sdk-codegen/aws-models/amplifybackend.2020-08-11.json @@ -2368,6 +2368,13 @@ "com.amazonaws.amplifybackend#GetBackendResponse": { "type": "structure", "members": { + "AmplifyFeatureFlags": { + "target": "com.amazonaws.amplifybackend#__string", + "traits": { + "smithy.api#documentation": "

                                                                                                A stringified version of the cli.json file for your Amplify project.

                                                                                                ", + "smithy.api#jsonName": "amplifyFeatureFlags" + } + }, "AmplifyMetaConfig": { "target": "com.amazonaws.amplifybackend#__string", "traits": { diff --git a/codegen/sdk-codegen/aws-models/application-auto-scaling.2016-02-06.json b/codegen/sdk-codegen/aws-models/application-auto-scaling.2016-02-06.json index a0e728b7bb37..16597e0c47ca 100644 --- a/codegen/sdk-codegen/aws-models/application-auto-scaling.2016-02-06.json +++ b/codegen/sdk-codegen/aws-models/application-auto-scaling.2016-02-06.json @@ -123,7 +123,7 @@ "name": "application-autoscaling" }, "aws.protocols#awsJson1_1": {}, - "smithy.api#documentation": "

                                                                                                With Application Auto Scaling, you can configure automatic scaling for the following\n resources:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Amazon AppStream 2.0 fleets

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Aurora Replicas

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification and entity recognizer endpoints

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon DynamoDB tables and global secondary indexes throughput capacity

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ECS services

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache for Redis clusters (replication groups)

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon EMR clusters

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces (for Apache Cassandra) tables

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda function provisioned concurrency

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Managed Streaming for Apache Kafka broker storage

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon SageMaker endpoint variants

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet (Amazon EC2) requests

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources provided by your own applications or services

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                \n API Summary\n

                                                                                                \n

                                                                                                The Application Auto Scaling service API includes three key sets of actions:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Register and manage scalable targets - Register Amazon Web Services or custom resources as scalable\n targets (a resource that Application Auto Scaling can scale), set minimum and maximum capacity limits, and\n retrieve information on existing scalable targets.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Configure and manage automatic scaling - Define scaling policies to dynamically scale\n your resources in response to CloudWatch alarms, schedule one-time or recurring scaling actions,\n and retrieve your recent scaling activity history.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Suspend and resume scaling - Temporarily suspend and later resume automatic scaling by\n calling the RegisterScalableTarget API action for any Application Auto Scaling scalable target. You can\n suspend and resume (individually or in combination) scale-out activities that are\n triggered by a scaling policy, scale-in activities that are triggered by a scaling policy,\n and scheduled scaling.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n\n \n

                                                                                                To learn more about Application Auto Scaling, including information about granting IAM users required\n permissions for Application Auto Scaling actions, see the Application Auto Scaling User\n Guide.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                With Application Auto Scaling, you can configure automatic scaling for the following\n resources:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Amazon AppStream 2.0 fleets

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Aurora Replicas

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification and entity recognizer endpoints

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon DynamoDB tables and global secondary indexes throughput capacity

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ECS services

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache for Redis clusters (replication groups)

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon EMR clusters

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces (for Apache Cassandra) tables

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda function provisioned concurrency

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Managed Streaming for Apache Kafka broker storage

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Neptune clusters

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon SageMaker endpoint variants

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleets (Amazon EC2)

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources provided by your own applications or services

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                \n API Summary\n

                                                                                                \n

                                                                                                The Application Auto Scaling service API includes three key sets of actions:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Register and manage scalable targets - Register Amazon Web Services or custom resources as scalable\n targets (a resource that Application Auto Scaling can scale), set minimum and maximum capacity limits, and\n retrieve information on existing scalable targets.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Configure and manage automatic scaling - Define scaling policies to dynamically scale\n your resources in response to CloudWatch alarms, schedule one-time or recurring scaling actions,\n and retrieve your recent scaling activity history.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Suspend and resume scaling - Temporarily suspend and later resume automatic scaling by\n calling the RegisterScalableTarget API action for any Application Auto Scaling scalable target. You can\n suspend and resume (individually or in combination) scale-out activities that are\n triggered by a scaling policy, scale-in activities that are triggered by a scaling policy,\n and scheduled scaling.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n\n \n

                                                                                                To learn more about Application Auto Scaling, including information about granting IAM users required\n permissions for Application Auto Scaling actions, see the Application Auto Scaling User\n Guide.

                                                                                                ", "smithy.api#title": "Application Auto Scaling" } }, @@ -237,14 +237,14 @@ "ResourceId": { "target": "com.amazonaws.applicationautoscaling#ResourceIdMaxLen1600", "traits": { - "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scalable target.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", + "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scalable target.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", "smithy.api#required": {} } }, "ScalableDimension": { "target": "com.amazonaws.applicationautoscaling#ScalableDimension", "traits": { - "smithy.api#documentation": "

                                                                                                The scalable dimension. This string consists of the service namespace, resource type, and scaling property.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", + "smithy.api#documentation": "

                                                                                                The scalable dimension. This string consists of the service namespace, resource type, and scaling property.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", "smithy.api#required": {} } } @@ -300,14 +300,14 @@ "ResourceId": { "target": "com.amazonaws.applicationautoscaling#ResourceIdMaxLen1600", "traits": { - "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scheduled action.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", + "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scheduled action.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", "smithy.api#required": {} } }, "ScalableDimension": { "target": "com.amazonaws.applicationautoscaling#ScalableDimension", "traits": { - "smithy.api#documentation": "

                                                                                                The scalable dimension. This string consists of the service namespace, resource type, and scaling property.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", + "smithy.api#documentation": "

                                                                                                The scalable dimension. This string consists of the service namespace, resource type, and scaling property.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", "smithy.api#required": {} } } @@ -356,14 +356,14 @@ "ResourceId": { "target": "com.amazonaws.applicationautoscaling#ResourceIdMaxLen1600", "traits": { - "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scalable target.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", + "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scalable target.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", "smithy.api#required": {} } }, "ScalableDimension": { "target": "com.amazonaws.applicationautoscaling#ScalableDimension", "traits": { - "smithy.api#documentation": "

                                                                                                The scalable dimension associated with the scalable target.\n This string consists of the service namespace, resource type, and scaling property.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", + "smithy.api#documentation": "

                                                                                                The scalable dimension associated with the scalable target.\n This string consists of the service namespace, resource type, and scaling property.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", "smithy.api#required": {} } } @@ -418,13 +418,13 @@ "ResourceIds": { "target": "com.amazonaws.applicationautoscaling#ResourceIdsMaxLen1600", "traits": { - "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scalable target.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                " + "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scalable target.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                " } }, "ScalableDimension": { "target": "com.amazonaws.applicationautoscaling#ScalableDimension", "traits": { - "smithy.api#documentation": "

                                                                                                The scalable dimension associated with the scalable target.\n This string consists of the service namespace, resource type, and scaling property. If you specify a scalable dimension, you must also specify a resource ID.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                " + "smithy.api#documentation": "

                                                                                                The scalable dimension associated with the scalable target.\n This string consists of the service namespace, resource type, and scaling property. If you specify a scalable dimension, you must also specify a resource ID.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                " } }, "MaxResults": { @@ -503,13 +503,13 @@ "ResourceId": { "target": "com.amazonaws.applicationautoscaling#ResourceIdMaxLen1600", "traits": { - "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scaling activity.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                " + "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scaling activity.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                " } }, "ScalableDimension": { "target": "com.amazonaws.applicationautoscaling#ScalableDimension", "traits": { - "smithy.api#documentation": "

                                                                                                The scalable dimension. This string consists of the service namespace, resource type, and scaling property.\n If you specify a scalable dimension, you must also specify a resource ID.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                " + "smithy.api#documentation": "

                                                                                                The scalable dimension. This string consists of the service namespace, resource type, and scaling property.\n If you specify a scalable dimension, you must also specify a resource ID.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                " } }, "MaxResults": { @@ -597,19 +597,19 @@ "ResourceId": { "target": "com.amazonaws.applicationautoscaling#ResourceIdMaxLen1600", "traits": { - "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scaling policy.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                " + "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scaling policy.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                " } }, "ScalableDimension": { "target": "com.amazonaws.applicationautoscaling#ScalableDimension", "traits": { - "smithy.api#documentation": "

                                                                                                The scalable dimension. This string consists of the service namespace, resource type, and scaling property.\n If you specify a scalable dimension, you must also specify a resource ID.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                " + "smithy.api#documentation": "

                                                                                                The scalable dimension. This string consists of the service namespace, resource type, and scaling property.\n If you specify a scalable dimension, you must also specify a resource ID.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                " } }, "MaxResults": { "target": "com.amazonaws.applicationautoscaling#MaxResults", "traits": { - "smithy.api#documentation": "

                                                                                                The maximum number of scalable targets. This value can be between 1 and\n 50. The default value is 50.

                                                                                                \n

                                                                                                If this parameter is used, the operation returns up to MaxResults results\n at a time, along with a NextToken value. To get the next set of results,\n include the NextToken value in a subsequent call. If this parameter is not\n used, the operation returns up to 50 results and a\n NextToken value, if applicable.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The maximum number of scalable targets. This value can be between 1 and 10. The default\n value is 10.

                                                                                                \n

                                                                                                If this parameter is used, the operation returns up to MaxResults results\n at a time, along with a NextToken value. To get the next set of results,\n include the NextToken value in a subsequent call. If this parameter is not\n used, the operation returns up to 10 results and a NextToken value, if\n applicable.

                                                                                                " } }, "NextToken": { @@ -688,13 +688,13 @@ "ResourceId": { "target": "com.amazonaws.applicationautoscaling#ResourceIdMaxLen1600", "traits": { - "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scheduled action.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                " + "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scheduled action.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                " } }, "ScalableDimension": { "target": "com.amazonaws.applicationautoscaling#ScalableDimension", "traits": { - "smithy.api#documentation": "

                                                                                                The scalable dimension. This string consists of the service namespace, resource type, and scaling property.\n If you specify a scalable dimension, you must also specify a resource ID.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                " + "smithy.api#documentation": "

                                                                                                The scalable dimension. This string consists of the service namespace, resource type, and scaling property.\n If you specify a scalable dimension, you must also specify a resource ID.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                " } }, "MaxResults": { @@ -986,6 +986,10 @@ { "value": "ElastiCacheDatabaseMemoryUsageCountedForEvictPercentage", "name": "ElastiCacheDatabaseMemoryUsageCountedForEvictPercentage" + }, + { + "value": "NeptuneReaderAverageCPUUtilization", + "name": "NeptuneReaderAverageCPUUtilization" } ] } @@ -1054,7 +1058,7 @@ "ResourceLabel": { "target": "com.amazonaws.applicationautoscaling#ResourceLabel", "traits": { - "smithy.api#documentation": "

                                                                                                Identifies the resource associated with the metric type. You can't specify a resource\n label unless the metric type is ALBRequestCountPerTarget and there is a target\n group attached to the Spot Fleet request or ECS service.

                                                                                                \n

                                                                                                You create the resource label by appending the final portion of the load balancer ARN\n and the final portion of the target group ARN into a single value, separated by a forward\n slash (/). The format of the resource label is:

                                                                                                \n

                                                                                                \n app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff.

                                                                                                \n

                                                                                                Where:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  app// is the final portion of\n the load balancer ARN

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  targetgroup// is the final portion\n of the target group ARN.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To find the ARN for an Application Load Balancer, use the DescribeLoadBalancers API operation. To find the ARN for the target group, use\n the DescribeTargetGroups API operation.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Identifies the resource associated with the metric type. You can't specify a resource\n label unless the metric type is ALBRequestCountPerTarget and there is a target\n group attached to the Spot Fleet request or ECS service.

                                                                                                \n

                                                                                                You create the resource label by appending the final portion of the load balancer ARN\n and the final portion of the target group ARN into a single value, separated by a forward\n slash (/). The format of the resource label is:

                                                                                                \n

                                                                                                \n app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff.

                                                                                                \n

                                                                                                Where:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  app// is the final portion of\n the load balancer ARN

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  targetgroup// is the final portion\n of the target group ARN.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To find the ARN for an Application Load Balancer, use the DescribeLoadBalancers API operation. To find the ARN for the target group, use\n the DescribeTargetGroups API operation.

                                                                                                " } } }, @@ -1114,21 +1118,21 @@ "ResourceId": { "target": "com.amazonaws.applicationautoscaling#ResourceIdMaxLen1600", "traits": { - "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scaling policy.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", + "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scaling policy.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", "smithy.api#required": {} } }, "ScalableDimension": { "target": "com.amazonaws.applicationautoscaling#ScalableDimension", "traits": { - "smithy.api#documentation": "

                                                                                                The scalable dimension. This string consists of the service namespace, resource type, and scaling property.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", + "smithy.api#documentation": "

                                                                                                The scalable dimension. This string consists of the service namespace, resource type, and scaling property.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", "smithy.api#required": {} } }, "PolicyType": { "target": "com.amazonaws.applicationautoscaling#PolicyType", "traits": { - "smithy.api#documentation": "

                                                                                                The policy type. This parameter is required if you are creating a scaling policy.

                                                                                                \n

                                                                                                The following policy types are supported:

                                                                                                \n

                                                                                                \n TargetTrackingScaling—Not supported for Amazon EMR

                                                                                                \n

                                                                                                \n StepScaling—Not supported for DynamoDB, Amazon Comprehend, Lambda, Amazon Keyspaces (for Apache\n Cassandra), Amazon MSK, or Amazon ElastiCache for Redis.

                                                                                                \n

                                                                                                For more information, see Target\n tracking scaling policies and Step scaling policies in the Application Auto Scaling User Guide.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The policy type. This parameter is required if you are creating a scaling policy.

                                                                                                \n

                                                                                                The following policy types are supported:

                                                                                                \n

                                                                                                \n TargetTrackingScaling—Not supported for Amazon EMR

                                                                                                \n

                                                                                                \n StepScaling—Not supported for DynamoDB, Amazon Comprehend, Lambda, Amazon Keyspaces, Amazon MSK, Amazon ElastiCache, or\n Neptune.

                                                                                                \n

                                                                                                For more information, see Target\n tracking scaling policies and Step scaling policies in the Application Auto Scaling User Guide.

                                                                                                " } }, "StepScalingPolicyConfiguration": { @@ -1224,14 +1228,14 @@ "ResourceId": { "target": "com.amazonaws.applicationautoscaling#ResourceIdMaxLen1600", "traits": { - "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scheduled action.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", + "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scheduled action.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", "smithy.api#required": {} } }, "ScalableDimension": { "target": "com.amazonaws.applicationautoscaling#ScalableDimension", "traits": { - "smithy.api#documentation": "

                                                                                                The scalable dimension. This string consists of the service namespace, resource type, and scaling property.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", + "smithy.api#documentation": "

                                                                                                The scalable dimension. This string consists of the service namespace, resource type, and scaling property.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", "smithy.api#required": {} } }, @@ -1282,7 +1286,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Registers or updates a scalable target.

                                                                                                \n

                                                                                                A scalable target is a resource that Application Auto Scaling can scale out and scale in. Scalable\n targets are uniquely identified by the combination of resource ID, scalable dimension, and\n namespace.

                                                                                                \n

                                                                                                When you register a new scalable target, you must specify values for minimum and maximum\n capacity. Current capacity will be adjusted within the specified range when scaling starts.\n Application Auto Scaling scaling policies will not scale capacity to values that are outside of this\n range.

                                                                                                \n

                                                                                                After you register a scalable target, you do not need to register it again to use other\n Application Auto Scaling operations. To see which resources have been registered, use DescribeScalableTargets. You can also view the scaling policies for a service\n namespace by using DescribeScalableTargets. If you no longer need a scalable target, you can\n deregister it by using DeregisterScalableTarget.

                                                                                                \n

                                                                                                To update a scalable target, specify the parameters that you want to change. Include the\n parameters that identify the scalable target: resource ID, scalable dimension, and\n namespace. Any parameters that you don't specify are not changed by this update request.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Registers or updates a scalable target.

                                                                                                \n

                                                                                                A scalable target is a resource that Application Auto Scaling can scale out and scale in. Scalable\n targets are uniquely identified by the combination of resource ID, scalable dimension, and\n namespace.

                                                                                                \n

                                                                                                When you register a new scalable target, you must specify values for minimum and maximum\n capacity. Current capacity will be adjusted within the specified range when scaling starts.\n Application Auto Scaling scaling policies will not scale capacity to values that are outside of this\n range.

                                                                                                \n

                                                                                                After you register a scalable target, you do not need to register it again to use other\n Application Auto Scaling operations. To see which resources have been registered, use DescribeScalableTargets. You can also view the scaling policies for a service\n namespace by using DescribeScalableTargets. If you no longer need a scalable target, you can\n deregister it by using DeregisterScalableTarget.

                                                                                                \n

                                                                                                To update a scalable target, specify the parameters that you want to change. Include the\n parameters that identify the scalable target: resource ID, scalable dimension, and\n namespace. Any parameters that you don't specify are not changed by this update request.

                                                                                                \n \n

                                                                                                If you call the RegisterScalableTarget API to update an existing\n scalable target, Application Auto Scaling retrieves the current capacity of the resource. If it is below\n the minimum capacity or above the maximum capacity, Application Auto Scaling adjusts the capacity of the\n scalable target to place it within these bounds, even if you don't include the\n MinCapacity or MaxCapacity request parameters.

                                                                                                \n                                                                                                 " } }, "com.amazonaws.applicationautoscaling#RegisterScalableTargetRequest": { @@ -1298,14 +1302,14 @@ "ResourceId": { "target": "com.amazonaws.applicationautoscaling#ResourceIdMaxLen1600", "traits": { - "smithy.api#documentation": "

                                                                                                The identifier of the resource that is associated with the scalable target.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", + "smithy.api#documentation": "

                                                                                                The identifier of the resource that is associated with the scalable target.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", "smithy.api#required": {} } }, "ScalableDimension": { "target": "com.amazonaws.applicationautoscaling#ScalableDimension", "traits": { - "smithy.api#documentation": "

                                                                                                The scalable dimension associated with the scalable target.\n This string consists of the service namespace, resource type, and scaling property.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", + "smithy.api#documentation": "

                                                                                                The scalable dimension associated with the scalable target.\n This string consists of the service namespace, resource type, and scaling property.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", "smithy.api#required": {} } }, @@ -1461,6 +1465,10 @@ { "value": "elasticache:replication-group:Replicas", "name": "ElastiCacheReplicationGroupReplicas" + }, + { + "value": "neptune:cluster:ReadReplicaCount", + "name": "NeptuneClusterReadReplicaCount" } ] } @@ -1478,14 +1486,14 @@ "ResourceId": { "target": "com.amazonaws.applicationautoscaling#ResourceIdMaxLen1600", "traits": { - "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scalable target.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", + "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scalable target.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", "smithy.api#required": {} } }, "ScalableDimension": { "target": "com.amazonaws.applicationautoscaling#ScalableDimension", "traits": { - "smithy.api#documentation": "

                                                                                                The scalable dimension associated with the scalable target.\n This string consists of the service namespace, resource type, and scaling property.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", + "smithy.api#documentation": "

                                                                                                The scalable dimension associated with the scalable target.\n This string consists of the service namespace, resource type, and scaling property.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", "smithy.api#required": {} } }, @@ -1577,14 +1585,14 @@ "ResourceId": { "target": "com.amazonaws.applicationautoscaling#ResourceIdMaxLen1600", "traits": { - "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scaling activity.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", + "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scaling activity.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", "smithy.api#required": {} } }, "ScalableDimension": { "target": "com.amazonaws.applicationautoscaling#ScalableDimension", "traits": { - "smithy.api#documentation": "

                                                                                                The scalable dimension. This string consists of the service namespace, resource type, and scaling property.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", + "smithy.api#documentation": "

                                                                                                The scalable dimension. This string consists of the service namespace, resource type, and scaling property.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", "smithy.api#required": {} } }, @@ -1709,14 +1717,14 @@ "ResourceId": { "target": "com.amazonaws.applicationautoscaling#ResourceIdMaxLen1600", "traits": { - "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scaling policy.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", + "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scaling policy.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", "smithy.api#required": {} } }, "ScalableDimension": { "target": "com.amazonaws.applicationautoscaling#ScalableDimension", "traits": { - "smithy.api#documentation": "

                                                                                                The scalable dimension. This string consists of the service namespace, resource type, and scaling property.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", + "smithy.api#documentation": "

                                                                                                The scalable dimension. This string consists of the service namespace, resource type, and scaling property.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", "smithy.api#required": {} } }, @@ -1803,14 +1811,14 @@ "ResourceId": { "target": "com.amazonaws.applicationautoscaling#ResourceIdMaxLen1600", "traits": { - "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scaling policy.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet request - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", + "smithy.api#documentation": "

                                                                                                The identifier of the resource associated with the scaling policy.\n This string consists of the resource type and unique identifier.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS service - The resource type is service and the unique identifier is the cluster name \n and service name. Example: service/default/sample-webapp.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the \n Spot Fleet request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and instance group ID.\n Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.\n Example: fleet/sample-fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB table - The resource type is table and the unique identifier is the table name. \n Example: table/my-table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary index - The resource type is index and the unique identifier is the index name. \n Example: table/my-table/index/my-table-index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.\n Example: cluster:my-db-cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource ID.\n Example: endpoint/my-end-point/variant/KMeansClustering.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources are not supported with a resource type. This parameter must specify the OutputValue from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information\n is available in our GitHub\n repository.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency - The resource type is function and the unique identifier is the function name with a function version or alias name suffix that is not $LATEST. \n Example: function:my-function:prod or function:my-function:1.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces table - The resource type is table and the unique identifier is the table name. \n Example: keyspace/mykeyspace/table/mytable.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. \n Example: arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon ElastiCache replication group - The resource type is replication-group and the unique identifier is the replication group name.\n Example: replication-group/mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Neptune cluster - The resource type is cluster and the unique identifier is the cluster name. Example: cluster:mycluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", "smithy.api#required": {} } }, "ScalableDimension": { "target": "com.amazonaws.applicationautoscaling#ScalableDimension", "traits": { - "smithy.api#documentation": "

                                                                                                The scalable dimension. This string consists of the service namespace, resource type, and scaling property.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet request.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an Amazon SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                " + "smithy.api#documentation": "

                                                                                                The scalable dimension. This string consists of the service namespace, resource type, and scaling property.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ecs:service:DesiredCount - The desired task count of an ECS service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n appstream:fleet:DesiredCapacity - The desired capacity of an AppStream 2.0 fleet.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary index.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for an SageMaker model endpoint variant.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by your own application or service.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend document classification endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an Amazon Comprehend entity recognizer endpoint.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon ElastiCache replication group.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.

                                                                                                  \n
                                                                                                  • \n
                                                                                                " } }, "StartTime": { @@ -1914,6 +1922,10 @@ { "value": "elasticache", "name": "ELASTICACHE" + }, + { + "value": "neptune", + "name": "NEPTUNE" } ] } @@ -1975,7 +1987,7 @@ "Cooldown": { "target": "com.amazonaws.applicationautoscaling#Cooldown", "traits": { - "smithy.api#documentation": "

                                                                                                The amount of time, in seconds, to wait for a previous scaling activity to take effect.

                                                                                                \n

                                                                                                With scale-out policies, the intention is to continuously (but not excessively) scale out.\n After Application Auto Scaling successfully scales out using a step scaling policy, it starts to calculate the\n cooldown time. The scaling policy won't increase the desired capacity again unless either a\n larger scale out is triggered or the cooldown period ends. While the cooldown period is in\n effect, capacity added by the initiating scale-out activity is calculated as part of the\n desired capacity for the next scale-out activity. For example, when an alarm triggers a step\n scaling policy to increase the capacity by 2, the scaling activity completes successfully, and\n a cooldown period starts. If the alarm triggers again during the cooldown period but at a more\n aggressive step adjustment of 3, the previous increase of 2 is considered part of the current\n capacity. Therefore, only 1 is added to the capacity.

                                                                                                \n

                                                                                                With scale-in policies, the intention is to scale in conservatively to protect your\n application’s availability, so scale-in activities are blocked until the cooldown period has\n expired. However, if another alarm triggers a scale-out activity during the cooldown period\n after a scale-in activity, Application Auto Scaling scales out the target immediately. In this case, the\n cooldown period for the scale-in activity stops and doesn't complete.

                                                                                                \n

                                                                                                Application Auto Scaling provides a default value of 600 for Amazon ElastiCache replication groups\n and a default value of 300 for the following scalable targets:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS services

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet requests

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR clusters

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleets

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB clusters

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon SageMaker endpoint variants

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                For all other scalable targets, the default value is 0:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  DynamoDB tables

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary indexes

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification and entity recognizer endpoints

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces tables

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK broker storage

                                                                                                  \n
                                                                                                  • \n
                                                                                                " + "smithy.api#documentation": "

                                                                                                The amount of time, in seconds, to wait for a previous scaling activity to take effect.

                                                                                                \n

                                                                                                With scale-out policies, the intention is to continuously (but not excessively) scale out.\n After Application Auto Scaling successfully scales out using a step scaling policy, it starts to calculate the\n cooldown time. The scaling policy won't increase the desired capacity again unless either a\n larger scale out is triggered or the cooldown period ends. While the cooldown period is in\n effect, capacity added by the initiating scale-out activity is calculated as part of the\n desired capacity for the next scale-out activity. For example, when an alarm triggers a step\n scaling policy to increase the capacity by 2, the scaling activity completes successfully, and\n a cooldown period starts. If the alarm triggers again during the cooldown period but at a more\n aggressive step adjustment of 3, the previous increase of 2 is considered part of the current\n capacity. Therefore, only 1 is added to the capacity.

                                                                                                \n

                                                                                                With scale-in policies, the intention is to scale in conservatively to protect your\n application’s availability, so scale-in activities are blocked until the cooldown period has\n expired. However, if another alarm triggers a scale-out activity during the cooldown period\n after a scale-in activity, Application Auto Scaling scales out the target immediately. In this case, the\n cooldown period for the scale-in activity stops and doesn't complete.

                                                                                                \n

                                                                                                Application Auto Scaling provides a default value of 600 for Amazon ElastiCache replication groups\n and a default value of 300 for the following scalable targets:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleets

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB clusters

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  ECS services

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR clusters

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Neptune clusters

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  SageMaker endpoint variants

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleets

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                For all other scalable targets, the default value is 0:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification and entity recognizer endpoints

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB tables and global secondary indexes

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces tables

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK broker storage

                                                                                                  \n
                                                                                                  • \n
                                                                                                " } }, "MetricAggregationType": { @@ -2040,13 +2052,13 @@ "ScaleOutCooldown": { "target": "com.amazonaws.applicationautoscaling#Cooldown", "traits": { - "smithy.api#documentation": "

                                                                                                The amount of time, in seconds, to wait for a previous scale-out activity to take\n effect.

                                                                                                \n

                                                                                                With the scale-out cooldown period, the intention is to continuously\n (but not excessively) scale out. After Application Auto Scaling successfully scales out using a target\n tracking scaling policy, it starts to calculate the cooldown time. The scaling policy won't\n increase the desired capacity again unless either a larger scale out is triggered or the\n cooldown period ends. While the cooldown period is in effect, the capacity added by the\n initiating scale-out activity is calculated as part of the desired capacity for the next\n scale-out activity.

                                                                                                \n

                                                                                                Application Auto Scaling provides a default value of 600 for Amazon ElastiCache replication groups\n and a default value of 300 for the following scalable targets:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS services

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet requests

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR clusters

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleets

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB clusters

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon SageMaker endpoint variants

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                For all other scalable targets, the default value is 0:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  DynamoDB tables

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary indexes

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification and entity recognizer endpoints

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces tables

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK broker storage

                                                                                                  \n
                                                                                                  • \n
                                                                                                " + "smithy.api#documentation": "

                                                                                                The amount of time, in seconds, to wait for a previous scale-out activity to take\n effect.

                                                                                                \n

                                                                                                With the scale-out cooldown period, the intention is to continuously\n (but not excessively) scale out. After Application Auto Scaling successfully scales out using a target\n tracking scaling policy, it starts to calculate the cooldown time. The scaling policy won't\n increase the desired capacity again unless either a larger scale out is triggered or the\n cooldown period ends. While the cooldown period is in effect, the capacity added by the\n initiating scale-out activity is calculated as part of the desired capacity for the next\n scale-out activity.

                                                                                                \n

                                                                                                Application Auto Scaling provides a default value of 600 for Amazon ElastiCache replication groups\n and a default value of 300 for the following scalable targets:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleets

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB clusters

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  ECS services

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR clusters

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Neptune clusters

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  SageMaker endpoint variants

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleets

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                For all other scalable targets, the default value is 0:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification and entity recognizer endpoints

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB tables and global secondary indexes

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces tables

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK broker storage

                                                                                                  \n
                                                                                                  • \n
                                                                                                " } }, "ScaleInCooldown": { "target": "com.amazonaws.applicationautoscaling#Cooldown", "traits": { - "smithy.api#documentation": "

                                                                                                The amount of time, in seconds, after a scale-in activity completes before another\n scale-in activity can start.

                                                                                                \n

                                                                                                With the scale-in cooldown period, the intention is to scale in\n conservatively to protect your application’s availability, so scale-in activities are blocked\n until the cooldown period has expired. However, if another alarm triggers a scale-out activity\n during the scale-in cooldown period, Application Auto Scaling scales out the target immediately. In this case,\n the scale-in cooldown period stops and doesn't complete.

                                                                                                \n

                                                                                                Application Auto Scaling provides a default value of 600 for Amazon ElastiCache replication groups\n and a default value of 300 for the following scalable targets:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  ECS services

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleet requests

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR clusters

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleets

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB clusters

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon SageMaker endpoint variants

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                For all other scalable targets, the default value is 0:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  DynamoDB tables

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB global secondary indexes

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification and entity recognizer endpoints

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces tables

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK broker storage

                                                                                                  \n
                                                                                                  • \n
                                                                                                " + "smithy.api#documentation": "

                                                                                                The amount of time, in seconds, after a scale-in activity completes before another\n scale-in activity can start.

                                                                                                \n

                                                                                                With the scale-in cooldown period, the intention is to scale in\n conservatively to protect your application’s availability, so scale-in activities are blocked\n until the cooldown period has expired. However, if another alarm triggers a scale-out activity\n during the scale-in cooldown period, Application Auto Scaling scales out the target immediately. In this case,\n the scale-in cooldown period stops and doesn't complete.

                                                                                                \n

                                                                                                Application Auto Scaling provides a default value of 600 for Amazon ElastiCache replication groups\n and a default value of 300 for the following scalable targets:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  AppStream 2.0 fleets

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Aurora DB clusters

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  ECS services

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  EMR clusters

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Neptune clusters

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  SageMaker endpoint variants

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Spot Fleets

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Custom resources

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                For all other scalable targets, the default value is 0:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Amazon Comprehend document classification and entity recognizer endpoints

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  DynamoDB tables and global secondary indexes

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon Keyspaces tables

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Lambda provisioned concurrency

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Amazon MSK broker storage

                                                                                                  \n
                                                                                                  • \n
                                                                                                " } }, "DisableScaleIn": { diff --git a/codegen/sdk-codegen/aws-models/backup.2018-11-15.json b/codegen/sdk-codegen/aws-models/backup.2018-11-15.json index c6c512628f53..bd5b2f6d5632 100644 --- a/codegen/sdk-codegen/aws-models/backup.2018-11-15.json +++ b/codegen/sdk-codegen/aws-models/backup.2018-11-15.json @@ -350,7 +350,7 @@ } }, "traits": { - "smithy.api#documentation": "

                                                                                                Contains an optional backup plan display name and an array of BackupRule\n objects, each of which specifies a backup rule. Each rule in a backup plan is a separate\n scheduled task and can back up a different selection of Amazon Web Services resources.\n

                                                                                                " + "smithy.api#documentation": "

                                                                                                Contains an optional backup plan display name and an array of BackupRule\n objects, each of which specifies a backup rule. Each rule in a backup plan is a separate\n scheduled task.

                                                                                                " } }, "com.amazonaws.backup#BackupPlanName": { @@ -815,6 +815,30 @@ "traits": { "smithy.api#documentation": "

                                                                                                The number of recovery points that are stored in a backup vault.

                                                                                                " } + }, + "Locked": { + "target": "com.amazonaws.backup#Boolean", + "traits": { + "smithy.api#documentation": "

                                                                                                A Boolean value that indicates whether Backup Vault Lock applies to the\n selected backup vault. If true, Vault Lock prevents delete and update\n operations on the recovery points in the selected vault.

                                                                                                " + } + }, + "MinRetentionDays": { + "target": "com.amazonaws.backup#Long", + "traits": { + "smithy.api#documentation": "

                                                                                                The Backup Vault Lock setting that specifies the minimum retention period\n that the vault retains its recovery points. If this parameter is not specified, Vault Lock\n does not enforce a minimum retention period.

                                                                                                \n

                                                                                                If specified, any backup or copy job to the vault must have a lifecycle policy with a\n retention period equal to or longer than the minimum retention period. If the job's\n retention period is shorter than that minimum retention period, then the vault fails the\n backup or copy job, and you should either modify your lifecycle settings or use a different\n vault. Recovery points already stored in the vault prior to Vault Lock are not\n affected.

                                                                                                " + } + }, + "MaxRetentionDays": { + "target": "com.amazonaws.backup#Long", + "traits": { + "smithy.api#documentation": "

                                                                                                The Backup Vault Lock setting that specifies the maximum retention period\n that the vault retains its recovery points. If this parameter is not specified, Vault Lock\n does not enforce a maximum retention period on the recovery points in the vault (allowing\n indefinite storage).

                                                                                                \n

                                                                                                If specified, any backup or copy job to the vault must have a lifecycle policy with a\n retention period equal to or shorter than the maximum retention period. If the job's\n retention period is longer than that maximum retention period, then the vault fails the\n backup or copy job, and you should either modify your lifecycle settings or use a different\n vault. Recovery points already stored in the vault prior to Vault Lock are not\n affected.

                                                                                                " + } + }, + "LockDate": { + "target": "com.amazonaws.backup#timestamp", + "traits": { + "smithy.api#documentation": "

                                                                                                The date and time when Backup Vault Lock configuration becomes immutable,\n meaning it cannot be changed or deleted.

                                                                                                \n

                                                                                                If you applied Vault Lock to your vault without specifying a lock date, you can change\n your Vault Lock settings, or delete Vault Lock from the vault entirely, at any time.

                                                                                                \n

                                                                                                This value is in Unix format, Coordinated Universal Time (UTC), and accurate to\n milliseconds. For example, the value 1516925490.087 represents Friday, January 26, 2018\n 12:11:30.087 AM.

                                                                                                " + } } }, "traits": { @@ -924,10 +948,16 @@ "target": "com.amazonaws.backup#string" }, "Type": { - "target": "com.amazonaws.backup#string" + "target": "com.amazonaws.backup#string", + "traits": { + "smithy.api#documentation": "

                                                                                                " + } }, "Context": { - "target": "com.amazonaws.backup#string" + "target": "com.amazonaws.backup#string", + "traits": { + "smithy.api#documentation": "

                                                                                                " + } } }, "traits": { @@ -975,7 +1005,7 @@ "ComplianceResourceIds": { "target": "com.amazonaws.backup#ComplianceResourceIdList", "traits": { - "smithy.api#documentation": "

                                                                                                Describes whether the control scope includes a specific resource identified by its\n unique Amazon Resource Name (ARN).

                                                                                                " + "smithy.api#documentation": "

                                                                                                The ID of the only Amazon Web Services resource that you want your control scope to\n contain.

                                                                                                " } }, "ComplianceResourceTypes": { @@ -1436,7 +1466,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Creates a framework with one or more controls. A framework is a collection of controls\n that you can use to evaluate your backup practices. By using pre-built customizable\n controls to define your policies, you can evaluate whether your backup practices comply\n with your policies. To get insights into the compliance status of your frameworks, you can\n set up automatic daily reports.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Creates a framework with one or more controls. A framework is a collection of controls\n that you can use to evaluate your backup practices. By using pre-built customizable\n controls to define your policies, you can evaluate whether your backup practices comply\n with your policies and which resources are not yet in compliance.

                                                                                                ", "smithy.api#http": { "method": "POST", "uri": "/audit/frameworks", @@ -1561,14 +1591,14 @@ "ReportSetting": { "target": "com.amazonaws.backup#ReportSetting", "traits": { - "smithy.api#documentation": "

                                                                                                Identifies the report template for the report. Reports are built using a report\n template. The report templates are:

                                                                                                \n

                                                                                                \n BACKUP_JOB_REPORT | COPY_JOB_REPORT | RESTORE_JOB_REPORT\n

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Identifies the report template for the report. Reports are built using a report\n template. The report templates are:

                                                                                                \n

                                                                                                \n RESOURCE_COMPLIANCE_REPORT | CONTROL_COMPLIANCE_REPORT | BACKUP_JOB_REPORT |\n COPY_JOB_REPORT | RESTORE_JOB_REPORT\n

                                                                                                \n

                                                                                                If the report template is RESOURCE_COMPLIANCE_REPORT or\n CONTROL_COMPLIANCE_REPORT, this API resource also describes the report\n coverage by Amazon Web Services Regions and frameworks.

                                                                                                ", "smithy.api#required": {} } }, "ReportPlanTags": { "target": "com.amazonaws.backup#stringMap", "traits": { - "smithy.api#documentation": "

                                                                                                Metadata that you can assign to help organize the frameworks that you create. Each tag\n is a key-value pair.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Metadata that you can assign to help organize the report plans that you create. Each tag\n is a key-value pair.

                                                                                                " } }, "IdempotencyToken": { @@ -1594,6 +1624,12 @@ "traits": { "smithy.api#documentation": "

                                                                                                An Amazon Resource Name (ARN) that uniquely identifies a resource. The format of the ARN\n depends on the resource type.

                                                                                                " } + }, + "CreationTime": { + "target": "com.amazonaws.backup#timestamp", + "traits": { + "smithy.api#documentation": "

                                                                                                The date and time a backup vault is created, in Unix format and Coordinated Universal\n Time (UTC). The value of CreationTime is accurate to milliseconds. For\n example, the value 1516925490.087 represents Friday, January 26, 2018 12:11:30.087\n AM.

                                                                                                " + } } } }, @@ -1631,6 +1667,9 @@ { "target": "com.amazonaws.backup#DeleteBackupVaultAccessPolicy" }, + { + "target": "com.amazonaws.backup#DeleteBackupVaultLockConfiguration" + }, { "target": "com.amazonaws.backup#DeleteBackupVaultNotifications" }, @@ -1754,6 +1793,9 @@ { "target": "com.amazonaws.backup#PutBackupVaultAccessPolicy" }, + { + "target": "com.amazonaws.backup#PutBackupVaultLockConfiguration" + }, { "target": "com.amazonaws.backup#PutBackupVaultNotifications" }, @@ -2024,6 +2066,51 @@ } } }, + "com.amazonaws.backup#DeleteBackupVaultLockConfiguration": { + "type": "operation", + "input": { + "target": "com.amazonaws.backup#DeleteBackupVaultLockConfigurationInput" + }, + "errors": [ + { + "target": "com.amazonaws.backup#InvalidParameterValueException" + }, + { + "target": "com.amazonaws.backup#InvalidRequestException" + }, + { + "target": "com.amazonaws.backup#MissingParameterValueException" + }, + { + "target": "com.amazonaws.backup#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.backup#ServiceUnavailableException" + } + ], + "traits": { + "smithy.api#documentation": "

                                                                                                Deletes Backup Vault Lock from a backup vault specified by a backup vault\n name.

                                                                                                \n

                                                                                                If the Vault Lock configuration is immutable, then you cannot delete Vault Lock using\n API operations, and you will receive an InvalidRequestException if you attempt\n to do so. For more information, see Vault Lock in the\n Backup Developer Guide.

                                                                                                ", + "smithy.api#http": { + "method": "DELETE", + "uri": "/backup-vaults/{BackupVaultName}/vault-lock", + "code": 200 + }, + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.backup#DeleteBackupVaultLockConfigurationInput": { + "type": "structure", + "members": { + "BackupVaultName": { + "target": "com.amazonaws.backup#BackupVaultName", + "traits": { + "smithy.api#documentation": "

                                                                                                The name of the backup vault from which to delete Backup Vault Lock.

                                                                                                ", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, "com.amazonaws.backup#DeleteBackupVaultNotifications": { "type": "operation", "input": { @@ -2494,6 +2581,30 @@ "traits": { "smithy.api#documentation": "

                                                                                                The number of recovery points that are stored in a backup vault.

                                                                                                " } + }, + "Locked": { + "target": "com.amazonaws.backup#Boolean", + "traits": { + "smithy.api#documentation": "

                                                                                                A Boolean that indicates whether Backup Vault Lock is currently protecting\n the backup vault. True means that Vault Lock causes delete or update\n operations on the recovery points stored in the vault to fail.

                                                                                                " + } + }, + "MinRetentionDays": { + "target": "com.amazonaws.backup#Long", + "traits": { + "smithy.api#documentation": "

                                                                                                The Backup Vault Lock setting that specifies the minimum retention period\n that the vault retains its recovery points. If this parameter is not specified, Vault Lock\n does not enforce a minimum retention period.

                                                                                                \n

                                                                                                If specified, any backup or copy job to the vault must have a lifecycle policy with a\n retention period equal to or longer than the minimum retention period. If the job's\n retention period is shorter than that minimum retention period, then the vault fails the\n backup or copy job, and you should either modify your lifecycle settings or use a different\n vault. Recovery points already stored in the vault prior to Vault Lock are not\n affected.

                                                                                                " + } + }, + "MaxRetentionDays": { + "target": "com.amazonaws.backup#Long", + "traits": { + "smithy.api#documentation": "

                                                                                                The Backup Vault Lock setting that specifies the maximum retention period\n that the vault retains its recovery points. If this parameter is not specified, Vault Lock\n does not enforce a maximum retention period on the recovery points in the vault (allowing\n indefinite storage).

                                                                                                \n

                                                                                                If specified, any backup or copy job to the vault must have a lifecycle policy with a\n retention period equal to or shorter than the maximum retention period. If the job's\n retention period is longer than that maximum retention period, then the vault fails the\n backup or copy job, and you should either modify your lifecycle settings or use a different\n vault. Recovery points already stored in the vault prior to Vault Lock are not\n affected.

                                                                                                " + } + }, + "LockDate": { + "target": "com.amazonaws.backup#timestamp", + "traits": { + "smithy.api#documentation": "

                                                                                                The date and time when Backup Vault Lock configuration cannot be changed or\n deleted.

                                                                                                \n

                                                                                                If you applied Vault Lock to your vault without specifying a lock date, you can change\n any of your Vault Lock settings, or delete Vault Lock from the vault entirely, at any\n time.

                                                                                                \n

                                                                                                This value is in Unix format, Coordinated Universal Time (UTC), and accurate to\n milliseconds. For example, the value 1516925490.087 represents Friday, January 26, 2018\n 12:11:30.087 AM.

                                                                                                " + } } } }, @@ -3984,7 +4095,7 @@ "ResourceTypes": { "target": "com.amazonaws.backup#ResourceTypes", "traits": { - "smithy.api#documentation": "

                                                                                                Contains a string with the supported Amazon Web Services resource types:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n DynamoDB for Amazon DynamoDB

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n EBS for Amazon Elastic Block Store

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n EC2 for Amazon Elastic Compute Cloud

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n EFS for Amazon Elastic File System

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n RDS for Amazon Relational Database Service

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n Aurora for Amazon Aurora

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n Storage Gateway for Storage Gateway

                                                                                                  \n
                                                                                                  • \n
                                                                                                " + "smithy.api#documentation": "

                                                                                                Contains a string with the supported Amazon Web Services resource types:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n Aurora for Amazon Aurora

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n DynamoDB for Amazon DynamoDB

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n EBS for Amazon Elastic Block Store

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n EC2 for Amazon Elastic Compute Cloud

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n EFS for Amazon Elastic File System

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n FSX for Amazon FSx

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n RDS for Amazon Relational Database Service

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n Storage Gateway for Storage Gateway

                                                                                                  \n
                                                                                                  • \n
                                                                                                " } } } @@ -5597,6 +5708,69 @@ } } }, + "com.amazonaws.backup#PutBackupVaultLockConfiguration": { + "type": "operation", + "input": { + "target": "com.amazonaws.backup#PutBackupVaultLockConfigurationInput" + }, + "errors": [ + { + "target": "com.amazonaws.backup#InvalidParameterValueException" + }, + { + "target": "com.amazonaws.backup#InvalidRequestException" + }, + { + "target": "com.amazonaws.backup#MissingParameterValueException" + }, + { + "target": "com.amazonaws.backup#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.backup#ServiceUnavailableException" + } + ], + "traits": { + "smithy.api#documentation": "

                                                                                                Applies Backup Vault Lock to a backup vault, preventing attempts to delete\n any recovery point stored in or created in a backup vault. Vault Lock also prevents\n attempts to update the lifecycle policy that controls the retention period of any recovery\n point currently stored in a backup vault. If specified, Vault Lock enforces a minimum and\n maximum retention period for future backup and copy jobs that target a backup vault.

                                                                                                ", + "smithy.api#http": { + "method": "PUT", + "uri": "/backup-vaults/{BackupVaultName}/vault-lock", + "code": 200 + }, + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.backup#PutBackupVaultLockConfigurationInput": { + "type": "structure", + "members": { + "BackupVaultName": { + "target": "com.amazonaws.backup#BackupVaultName", + "traits": { + "smithy.api#documentation": "

                                                                                                The Backup Vault Lock configuration that specifies the name of the backup\n vault it protects.

                                                                                                ", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "MinRetentionDays": { + "target": "com.amazonaws.backup#Long", + "traits": { + "smithy.api#documentation": "

                                                                                                The Backup Vault Lock configuration that specifies the minimum retention\n period that the vault retains its recovery points. This setting can be useful if, for\n example, your organization's policies require you to retain certain data for at least seven\n years (2555 days).

                                                                                                \n

                                                                                                If this parameter is not specified, Vault Lock will not enforce a minimum retention\n period.

                                                                                                \n

                                                                                                If this parameter is specified, any backup or copy job to the vault must have a\n lifecycle policy with a retention period equal to or longer than the minimum retention\n period. If the job's retention period is shorter than that minimum retention period, then\n the vault fails that backup or copy job, and you should either modify your lifecycle\n settings or use a different vault. Recovery points already saved in the vault prior to\n Vault Lock are not affected.

                                                                                                " + } + }, + "MaxRetentionDays": { + "target": "com.amazonaws.backup#Long", + "traits": { + "smithy.api#documentation": "

                                                                                                The Backup Vault Lock configuration that specifies the maximum retention\n period that the vault retains its recovery points. This setting can be useful if, for\n example, your organization's policies require you to destroy certain data after retaining\n it for four years (1460 days).

                                                                                                \n

                                                                                                If this parameter is not included, Vault Lock does not enforce a maximum retention\n period on the recovery points in the vault. If this parameter is included without a value,\n Vault Lock will not enforce a maximum retention period.

                                                                                                \n

                                                                                                If this parameter is specified, any backup or copy job to the vault must have a\n lifecycle policy with a retention period equal to or shorter than the maximum retention\n period. If the job's retention period is longer than that maximum retention period, then\n the vault fails the backup or copy job, and you should either modify your lifecycle\n settings or use a different vault. Recovery points already saved in the vault prior to\n Vault Lock are not affected.

                                                                                                " + } + }, + "ChangeableForDays": { + "target": "com.amazonaws.backup#Long", + "traits": { + "smithy.api#documentation": "

                                                                                                The Backup Vault Lock configuration that specifies the number of days before\n the lock date. For example, setting ChangeableForDays to 30 on Jan. 1, 2022 at\n 8pm UTC will set the lock date to Jan. 31, 2022 at 8pm UTC.

                                                                                                \n

                                                                                                Backup enforces a 72-hour cooling-off period before Vault Lock takes effect\n and becomes immutable. Therefore, you must set ChangeableForDays to 3 or\n greater.

                                                                                                \n

                                                                                                Before the lock date, you can delete Vault Lock from the vault using\n DeleteBackupVaultLockConfiguration or change the Vault Lock configuration\n using PutBackupVaultLockConfiguration. On and after the lock date, the Vault\n Lock becomes immutable and cannot be changed or deleted.

                                                                                                \n

                                                                                                If this parameter is not specified, you can delete Vault Lock from the vault using\n DeleteBackupVaultLockConfiguration or change the Vault Lock configuration\n using PutBackupVaultLockConfiguration at any time.

                                                                                                " + } + } + } + }, "com.amazonaws.backup#PutBackupVaultNotifications": { "type": "operation", "input": { @@ -5951,7 +6125,7 @@ "ReportTemplate": { "target": "com.amazonaws.backup#string", "traits": { - "smithy.api#documentation": "

                                                                                                Identifies the report template for the report. Reports are built using a report\n template. The report templates are:

                                                                                                \n

                                                                                                \n BACKUP_JOB_REPORT | COPY_JOB_REPORT | RESTORE_JOB_REPORT\n

                                                                                                " + "smithy.api#documentation": "

                                                                                                Identifies the report template for the report. Reports are built using a report\n template. The report templates are:

                                                                                                \n

                                                                                                \n RESOURCE_COMPLIANCE_REPORT | CONTROL_COMPLIANCE_REPORT | BACKUP_JOB_REPORT |\n COPY_JOB_REPORT | RESTORE_JOB_REPORT\n

                                                                                                " } }, "CreationTime": { @@ -6022,7 +6196,7 @@ "ReportSetting": { "target": "com.amazonaws.backup#ReportSetting", "traits": { - "smithy.api#documentation": "

                                                                                                Identifies the report template for the report. Reports are built using a report\n template. The report templates are:

                                                                                                \n

                                                                                                \n BACKUP_JOB_REPORT | COPY_JOB_REPORT | RESTORE_JOB_REPORT\n

                                                                                                " + "smithy.api#documentation": "

                                                                                                Identifies the report template for the report. Reports are built using a report\n template. The report templates are:

                                                                                                \n

                                                                                                \n RESOURCE_COMPLIANCE_REPORT | CONTROL_COMPLIANCE_REPORT | BACKUP_JOB_REPORT |\n COPY_JOB_REPORT | RESTORE_JOB_REPORT\n

                                                                                                \n

                                                                                                If the report template is RESOURCE_COMPLIANCE_REPORT or\n CONTROL_COMPLIANCE_REPORT, this API resource also describes the report\n coverage by Amazon Web Services Regions and frameworks.

                                                                                                " } }, "ReportDeliveryChannel": { @@ -6092,9 +6266,21 @@ "ReportTemplate": { "target": "com.amazonaws.backup#string", "traits": { - "smithy.api#documentation": "

                                                                                                Identifies the report template for the report. Reports are built using a report\n template. The report templates are:

                                                                                                \n

                                                                                                \n BACKUP_JOB_REPORT | COPY_JOB_REPORT | RESTORE_JOB_REPORT\n

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Identifies the report template for the report. Reports are built using a report\n template. The report templates are:

                                                                                                \n

                                                                                                \n RESOURCE_COMPLIANCE_REPORT | CONTROL_COMPLIANCE_REPORT | BACKUP_JOB_REPORT |\n COPY_JOB_REPORT | RESTORE_JOB_REPORT\n

                                                                                                ", "smithy.api#required": {} } + }, + "FrameworkArns": { + "target": "com.amazonaws.backup#stringList", + "traits": { + "smithy.api#documentation": "

                                                                                                The Amazon Resource Names (ARNs) of the frameworks a report covers.

                                                                                                " + } + }, + "NumberOfFrameworks": { + "target": "com.amazonaws.backup#integer", + "traits": { + "smithy.api#documentation": "

                                                                                                The number of frameworks a report covers.

                                                                                                " + } } }, "traits": { @@ -6961,6 +7147,9 @@ "target": "com.amazonaws.backup#UpdateFrameworkOutput" }, "errors": [ + { + "target": "com.amazonaws.backup#AlreadyExistsException" + }, { "target": "com.amazonaws.backup#ConflictException" }, @@ -7269,7 +7458,7 @@ "ReportSetting": { "target": "com.amazonaws.backup#ReportSetting", "traits": { - "smithy.api#documentation": "

                                                                                                Identifies the report template for the report. Reports are built using a report\n template. The report templates are:

                                                                                                \n

                                                                                                \n BACKUP_JOB_REPORT | COPY_JOB_REPORT | RESTORE_JOB_REPORT\n

                                                                                                " + "smithy.api#documentation": "

                                                                                                Identifies the report template for the report. Reports are built using a report\n template. The report templates are:

                                                                                                \n

                                                                                                \n RESOURCE_COMPLIANCE_REPORT | CONTROL_COMPLIANCE_REPORT | BACKUP_JOB_REPORT |\n COPY_JOB_REPORT | RESTORE_JOB_REPORT\n

                                                                                                \n

                                                                                                If the report template is RESOURCE_COMPLIANCE_REPORT or\n CONTROL_COMPLIANCE_REPORT, this API resource also describes the report\n coverage by Amazon Web Services Regions and frameworks.

                                                                                                " } }, "IdempotencyToken": { diff --git a/codegen/sdk-codegen/aws-models/chime.2018-05-01.json b/codegen/sdk-codegen/aws-models/chime.2018-05-01.json index 62a6061da10e..d218dea35aa8 100644 --- a/codegen/sdk-codegen/aws-models/chime.2018-05-01.json +++ b/codegen/sdk-codegen/aws-models/chime.2018-05-01.json @@ -496,6 +496,50 @@ "smithy.api#sensitive": {} } }, + "com.amazonaws.chime#ArtifactsConfiguration": { + "type": "structure", + "members": { + "Audio": { + "target": "com.amazonaws.chime#AudioArtifactsConfiguration", + "traits": { + "smithy.api#documentation": "

                                                                                                The configuration for the audio artifacts.

                                                                                                ", + "smithy.api#required": {} + } + }, + "Video": { + "target": "com.amazonaws.chime#VideoArtifactsConfiguration", + "traits": { + "smithy.api#documentation": "

                                                                                                The configuration for the video artifacts.

                                                                                                ", + "smithy.api#required": {} + } + }, + "Content": { + "target": "com.amazonaws.chime#ContentArtifactsConfiguration", + "traits": { + "smithy.api#documentation": "

                                                                                                The configuration for the content artifacts.

                                                                                                ", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                The configuration for the artifacts.

                                                                                                " + } + }, + "com.amazonaws.chime#ArtifactsState": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "Enabled", + "name": "Enabled" + }, + { + "value": "Disabled", + "name": "Disabled" + } + ] + } + }, "com.amazonaws.chime#AssociatePhoneNumberWithUser": { "type": "operation", "input": { @@ -821,6 +865,17 @@ "smithy.api#documentation": "

                                                                                                \nAn Amazon Chime SDK meeting attendee. Includes a unique \nAttendeeId\nand \nJoinToken\n. The \nJoinToken\nallows a client to authenticate and join as the specified attendee. The \nJoinToken\nexpires when the meeting ends or when \nDeleteAttendee\nis called. After that, the attendee is unable to join the meeting.\n

                                                                                                \n\n

                                                                                                We recommend securely transferring each JoinToken from your server application\n to the client so that no other client has access to the token except for the one\n authorized to represent the attendee.

                                                                                                " } }, + "com.amazonaws.chime#AttendeeIdList": { + "type": "list", + "member": { + "target": "com.amazonaws.chime#GuidString" + }, + "traits": { + "smithy.api#length": { + "min": 1 + } + } + }, "com.amazonaws.chime#AttendeeList": { "type": "list", "member": { @@ -851,6 +906,36 @@ } } }, + "com.amazonaws.chime#AudioArtifactsConfiguration": { + "type": "structure", + "members": { + "MuxType": { + "target": "com.amazonaws.chime#AudioMuxType", + "traits": { + "smithy.api#documentation": "

                                                                                                The MUX type of the audio artifact configuration object.

                                                                                                ", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                The audio artifact configuration object.

                                                                                                " + } + }, + "com.amazonaws.chime#AudioMuxType": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "AudioOnly", + "name": "AudioOnly" + }, + { + "value": "AudioWithActiveSpeakerVideo", + "name": "AudioWithActiveSpeakerVideo" + } + ] + } + }, "com.amazonaws.chime#BadRequestException": { "type": "structure", "members": { @@ -2245,6 +2330,26 @@ "smithy.api#pattern": "^arn:[a-z0-9-\\.]{1,63}:[a-z0-9-\\.]{0,63}:[a-z0-9-\\.]{0,63}:[a-z0-9-\\.]{0,63}:[^/].{0,1023}$" } }, + "com.amazonaws.chime#ChimeSdkMeetingConfiguration": { + "type": "structure", + "members": { + "SourceConfiguration": { + "target": "com.amazonaws.chime#SourceConfiguration", + "traits": { + "smithy.api#documentation": "

                                                                                                The source configuration for a specified media capture pipline.

                                                                                                " + } + }, + "ArtifactsConfiguration": { + "target": "com.amazonaws.chime#ArtifactsConfiguration", + "traits": { + "smithy.api#documentation": "

                                                                                                The configuration for the artifacts in an Amazon Chime SDK meeting.

                                                                                                " + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                The configuration object of the Amazon Chime SDK meeting for a specified media capture pipeline. SourceType must be ChimeSdkMeeting.

                                                                                                " + } + }, "com.amazonaws.chime#ClientRequestToken": { "type": "string", "traits": { @@ -2283,6 +2388,38 @@ "smithy.api#sensitive": {} } }, + "com.amazonaws.chime#ContentArtifactsConfiguration": { + "type": "structure", + "members": { + "State": { + "target": "com.amazonaws.chime#ArtifactsState", + "traits": { + "smithy.api#documentation": "

                                                                                                Indicates whether the content artifact is enabled or disabled.

                                                                                                ", + "smithy.api#required": {} + } + }, + "MuxType": { + "target": "com.amazonaws.chime#ContentMuxType", + "traits": { + "smithy.api#documentation": "

                                                                                                The MUX type of the artifact configuration.

                                                                                                " + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                The content artifact object.

                                                                                                " + } + }, + "com.amazonaws.chime#ContentMuxType": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "ContentOnly", + "name": "ContentOnly" + } + ] + } + }, "com.amazonaws.chime#ConversationRetentionSettings": { "type": "structure", "members": { @@ -3344,6 +3481,12 @@ "smithy.api#documentation": "

                                                                                                The token assigned to the client making the pipeline request.

                                                                                                ", "smithy.api#idempotencyToken": {} } + }, + "ChimeSdkMeetingConfiguration": { + "target": "com.amazonaws.chime#ChimeSdkMeetingConfiguration", + "traits": { + "smithy.api#documentation": "

                                                                                                The configuration for a specified media capture pipeline. SourceType must be ChimeSdkMeeting.

                                                                                                " + } } } }, @@ -7313,6 +7456,17 @@ "smithy.api#sensitive": {} } }, + "com.amazonaws.chime#ExternalUserIdList": { + "type": "list", + "member": { + "target": "com.amazonaws.chime#ExternalUserIdType" + }, + "traits": { + "smithy.api#length": { + "min": 1 + } + } + }, "com.amazonaws.chime#ExternalUserIdType": { "type": "string", "traits": { @@ -12489,10 +12643,16 @@ "traits": { "smithy.api#documentation": "

                                                                                                The time at which the capture pipeline was updated, in ISO 8601 format.

                                                                                                " } + }, + "ChimeSdkMeetingConfiguration": { + "target": "com.amazonaws.chime#ChimeSdkMeetingConfiguration", + "traits": { + "smithy.api#documentation": "

                                                                                                The configuration for a specified media capture pipeline. SourceType must be ChimeSdkMeeting.

                                                                                                " + } } }, "traits": { - "smithy.api#documentation": "

                                                                                                A media capture pipeline object. A string consisting of an ID, source type, a source ARN, a sink type, and a sink ARN.

                                                                                                " + "smithy.api#documentation": "

                                                                                                A media capture pipeline object consisting of an ID, source type, source ARN, a sink type, a sink ARN, and a configuration object.

                                                                                                " } }, "com.amazonaws.chime#MediaCapturePipelineList": { @@ -12598,7 +12758,7 @@ "EventIngestionUrl": { "target": "com.amazonaws.chime#UriType", "traits": { - "smithy.api#documentation": "

                                                                                                The URL of the S3 bucket used to store the captured media.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The event ingestion URL.

                                                                                                " } } }, @@ -15437,6 +15597,26 @@ } } }, + "com.amazonaws.chime#SelectedVideoStreams": { + "type": "structure", + "members": { + "AttendeeIds": { + "target": "com.amazonaws.chime#AttendeeIdList", + "traits": { + "smithy.api#documentation": "

                                                                                                The attendee IDs of the streams selected for a media capture pipeline.

                                                                                                " + } + }, + "ExternalUserIds": { + "target": "com.amazonaws.chime#ExternalUserIdList", + "traits": { + "smithy.api#documentation": "

                                                                                                The external user IDs of the streams selected for a media capture pipeline.

                                                                                                " + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                The video streams to capture for a specified media capture pipeline. The total number of video streams can't exceed 25.

                                                                                                " + } + }, "com.amazonaws.chime#SendChannelMessage": { "type": "operation", "input": { @@ -15892,6 +16072,20 @@ ] } }, + "com.amazonaws.chime#SourceConfiguration": { + "type": "structure", + "members": { + "SelectedVideoStreams": { + "target": "com.amazonaws.chime#SelectedVideoStreams", + "traits": { + "smithy.api#documentation": "

                                                                                                The selected video streams to capture for a specified media capture pipeline. The number of video streams can't exceed 25.

                                                                                                " + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                Source configuration for a specified media capture pipeline.

                                                                                                " + } + }, "com.amazonaws.chime#StartMeetingTranscription": { "type": "operation", "input": { @@ -18185,15 +18379,13 @@ "BusinessCalling": { "target": "com.amazonaws.chime#BusinessCallingSettings", "traits": { - "smithy.api#documentation": "

                                                                                                The Amazon Chime Business Calling settings.

                                                                                                ", - "smithy.api#required": {} + "smithy.api#documentation": "

                                                                                                The Amazon Chime Business Calling settings.

                                                                                                " } }, "VoiceConnector": { "target": "com.amazonaws.chime#VoiceConnectorSettings", "traits": { - "smithy.api#documentation": "

                                                                                                The Amazon Chime Voice Connector settings.

                                                                                                ", - "smithy.api#required": {} + "smithy.api#documentation": "

                                                                                                The Amazon Chime Voice Connector settings.

                                                                                                " } } } @@ -18210,6 +18402,9 @@ { "target": "com.amazonaws.chime#BadRequestException" }, + { + "target": "com.amazonaws.chime#ConflictException" + }, { "target": "com.amazonaws.chime#ForbiddenException" }, @@ -19427,6 +19622,38 @@ ] } }, + "com.amazonaws.chime#VideoArtifactsConfiguration": { + "type": "structure", + "members": { + "State": { + "target": "com.amazonaws.chime#ArtifactsState", + "traits": { + "smithy.api#documentation": "

                                                                                                Indicates whether the video artifact is enabled or disabled.

                                                                                                ", + "smithy.api#required": {} + } + }, + "MuxType": { + "target": "com.amazonaws.chime#VideoMuxType", + "traits": { + "smithy.api#documentation": "

                                                                                                The MUX type of the video artifact configuration object.

                                                                                                " + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                The video artifact configuration object.

                                                                                                " + } + }, + "com.amazonaws.chime#VideoMuxType": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "VideoOnly", + "name": "VideoOnly" + } + ] + } + }, "com.amazonaws.chime#VoiceConnector": { "type": "structure", "members": { diff --git a/codegen/sdk-codegen/aws-models/codebuild.2016-10-06.json b/codegen/sdk-codegen/aws-models/codebuild.2016-10-06.json index d9c4262c62e3..33d77debf195 100644 --- a/codegen/sdk-codegen/aws-models/codebuild.2016-10-06.json +++ b/codegen/sdk-codegen/aws-models/codebuild.2016-10-06.json @@ -385,6 +385,21 @@ } } }, + "com.amazonaws.codebuild#BatchReportModeType": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "REPORT_INDIVIDUAL_BUILDS", + "name": "REPORT_INDIVIDUAL_BUILDS" + }, + { + "value": "REPORT_AGGREGATED_BATCH", + "name": "REPORT_AGGREGATED_BATCH" + } + ] + } + }, "com.amazonaws.codebuild#BatchRestrictions": { "type": "structure", "members": { @@ -3127,7 +3142,7 @@ "sortOrder": { "target": "com.amazonaws.codebuild#SortOrderType", "traits": { - "smithy.api#documentation": "

                                                                                                The order to list results in. The results are sorted by build number, not the build\n identifier.

                                                                                                \n

                                                                                                Valid values include:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ASCENDING: List the build IDs in ascending order by build\n ID.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n DESCENDING: List the build IDs in descending order by build\n ID.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                If the project has more than 100 builds, setting the sort order will result in an\n error.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The order to sort the results in. The results are sorted by build number, not the build\n identifier. If this is not specified, the results are sorted in descending order.

                                                                                                \n

                                                                                                Valid values include:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n ASCENDING: List the build identifiers in ascending order, by build number.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n DESCENDING: List the build identifiers in descending order, by build number.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                If the project has more than 100 builds, setting the sort order will result in an\n error.

                                                                                                " } }, "nextToken": { @@ -3144,7 +3159,7 @@ "ids": { "target": "com.amazonaws.codebuild#BuildIds", "traits": { - "smithy.api#documentation": "

                                                                                                A list of build IDs for the specified build project, with each build ID representing a\n single build.

                                                                                                " + "smithy.api#documentation": "

                                                                                                A list of build identifiers for the specified build project, with each build ID representing a\n single build.

                                                                                                " } }, "nextToken": { @@ -4183,6 +4198,12 @@ "traits": { "smithy.api#documentation": "

                                                                                                Specifies the maximum amount of time, in minutes, that the batch build must be completed in.

                                                                                                " } + }, + "batchReportMode": { + "target": "com.amazonaws.codebuild#BatchReportModeType", + "traits": { + "smithy.api#documentation": "

                                                                                                Specifies how build status reports are sent to the source provider for the batch build. This property is only used\n when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise,\n and your project is configured to report build statuses to the source provider.

                                                                                                \n
                                                                                                \n
                                                                                                REPORT_AGGREGATED_BATCH
                                                                                                \n
                                                                                                \n

                                                                                                (Default) Aggregate all of the build statuses into a single status report.

                                                                                                \n
                                                                                                \n
                                                                                                REPORT_INDIVIDUAL_BUILDS
                                                                                                \n
                                                                                                \n

                                                                                                Send a separate status report for each individual build.

                                                                                                \n
                                                                                                \n
                                                                                                " + } } }, "traits": { @@ -6252,7 +6273,7 @@ "secondaryArtifacts": { "target": "com.amazonaws.codebuild#ProjectArtifactsList", "traits": { - "smithy.api#documentation": "

                                                                                                An array of ProjectSource objects.

                                                                                                " + "smithy.api#documentation": "

                                                                                                An array of ProjectArtifact objects.

                                                                                                " } }, "cache": { diff --git a/codegen/sdk-codegen/aws-models/ec2.2016-11-15.json b/codegen/sdk-codegen/aws-models/ec2.2016-11-15.json index df90fadf6a1f..3754fb0b45c9 100644 --- a/codegen/sdk-codegen/aws-models/ec2.2016-11-15.json +++ b/codegen/sdk-codegen/aws-models/ec2.2016-11-15.json @@ -1255,6 +1255,9 @@ { "target": "com.amazonaws.ec2#CancelCapacityReservation" }, + { + "target": "com.amazonaws.ec2#CancelCapacityReservationFleets" + }, { "target": "com.amazonaws.ec2#CancelConversionTask" }, @@ -1288,6 +1291,9 @@ { "target": "com.amazonaws.ec2#CreateCapacityReservation" }, + { + "target": "com.amazonaws.ec2#CreateCapacityReservationFleet" + }, { "target": "com.amazonaws.ec2#CreateCarrierGateway" }, @@ -1681,6 +1687,9 @@ { "target": "com.amazonaws.ec2#DescribeByoipCidrs" }, + { + "target": "com.amazonaws.ec2#DescribeCapacityReservationFleets" + }, { "target": "com.amazonaws.ec2#DescribeCapacityReservations" }, @@ -2251,6 +2260,9 @@ { "target": "com.amazonaws.ec2#ModifyCapacityReservation" }, + { + "target": "com.amazonaws.ec2#ModifyCapacityReservationFleet" + }, { "target": "com.amazonaws.ec2#ModifyClientVpnEndpoint" }, @@ -5772,6 +5784,88 @@ "smithy.api#documentation": "

                                                                                                Cancels the specified Capacity Reservation, releases the reserved capacity, and changes the Capacity Reservation's state to\n\t\t\tcancelled.

                                                                                                \n\t\t

                                                                                                Instances running in the reserved capacity continue running until you stop them. Stopped\n\t\t\tinstances that target the Capacity Reservation can no longer launch. Modify these instances to either\n\t\t\ttarget a different Capacity Reservation, launch On-Demand Instance capacity, or run in any open Capacity Reservation\n\t\t\tthat has matching attributes and sufficient capacity.

                                                                                                " } }, + "com.amazonaws.ec2#CancelCapacityReservationFleetError": { + "type": "structure", + "members": { + "Code": { + "target": "com.amazonaws.ec2#CancelCapacityReservationFleetErrorCode", + "traits": { + "aws.protocols#ec2QueryName": "Code", + "smithy.api#documentation": "

                                                                                                The error code.

                                                                                                ", + "smithy.api#xmlName": "code" + } + }, + "Message": { + "target": "com.amazonaws.ec2#CancelCapacityReservationFleetErrorMessage", + "traits": { + "aws.protocols#ec2QueryName": "Message", + "smithy.api#documentation": "

                                                                                                The error message.

                                                                                                ", + "smithy.api#xmlName": "message" + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                Describes a Capacity Reservation Fleet cancellation error.

                                                                                                " + } + }, + "com.amazonaws.ec2#CancelCapacityReservationFleetErrorCode": { + "type": "string" + }, + "com.amazonaws.ec2#CancelCapacityReservationFleetErrorMessage": { + "type": "string" + }, + "com.amazonaws.ec2#CancelCapacityReservationFleets": { + "type": "operation", + "input": { + "target": "com.amazonaws.ec2#CancelCapacityReservationFleetsRequest" + }, + "output": { + "target": "com.amazonaws.ec2#CancelCapacityReservationFleetsResult" + }, + "traits": { + "smithy.api#documentation": "

                                                                                                Cancels one or more Capacity Reservation Fleets. When you cancel a Capacity Reservation \n\t\t\tFleet, the following happens:

                                                                                                \n\t\t
                                                                                                  \n
                                                                                                • \n\t\t\t\t

                                                                                                  The Capacity Reservation Fleet's status changes to cancelled.

                                                                                                  \n\t\t\t
                                                                                                  • \n
                                                                                                • \n\t\t\t\t

                                                                                                  The individual Capacity Reservations in the Fleet are cancelled. Instances running \n\t\t\t\t\tin the Capacity Reservations at the time of cancelling the Fleet continue to run in \n\t\t\t\t\tshared capacity.

                                                                                                  \n\t\t\t
                                                                                                  • \n
                                                                                                • \n\t\t\t\t

                                                                                                  The Fleet stops creating new Capacity Reservations.

                                                                                                  \n\t\t\t
                                                                                                  • \n
                                                                                                " + } + }, + "com.amazonaws.ec2#CancelCapacityReservationFleetsRequest": { + "type": "structure", + "members": { + "DryRun": { + "target": "com.amazonaws.ec2#Boolean", + "traits": { + "smithy.api#documentation": "

                                                                                                Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                                                                " + } + }, + "CapacityReservationFleetIds": { + "target": "com.amazonaws.ec2#CapacityReservationFleetIdSet", + "traits": { + "smithy.api#documentation": "

                                                                                                The IDs of the Capacity Reservation Fleets to cancel.

                                                                                                ", + "smithy.api#required": {}, + "smithy.api#xmlName": "CapacityReservationFleetId" + } + } + } + }, + "com.amazonaws.ec2#CancelCapacityReservationFleetsResult": { + "type": "structure", + "members": { + "SuccessfulFleetCancellations": { + "target": "com.amazonaws.ec2#CapacityReservationFleetCancellationStateSet", + "traits": { + "aws.protocols#ec2QueryName": "SuccessfulFleetCancellationSet", + "smithy.api#documentation": "

                                                                                                Information about the Capacity Reservation Fleets that were successfully cancelled.

                                                                                                ", + "smithy.api#xmlName": "successfulFleetCancellationSet" + } + }, + "FailedFleetCancellations": { + "target": "com.amazonaws.ec2#FailedCapacityReservationFleetCancellationResultSet", + "traits": { + "aws.protocols#ec2QueryName": "FailedFleetCancellationSet", + "smithy.api#documentation": "

                                                                                                Information about the Capacity Reservation Fleets that could not be cancelled.

                                                                                                ", + "smithy.api#xmlName": "failedFleetCancellationSet" + } + } + } + }, "com.amazonaws.ec2#CancelCapacityReservationRequest": { "type": "structure", "members": { @@ -6416,12 +6510,229 @@ "smithy.api#documentation": "

                                                                                                The Amazon Resource Name (ARN) of the Outpost on which the Capacity \n\t \t\tReservation was created.

                                                                                                ", "smithy.api#xmlName": "outpostArn" } + }, + "CapacityReservationFleetId": { + "target": "com.amazonaws.ec2#String", + "traits": { + "aws.protocols#ec2QueryName": "CapacityReservationFleetId", + "smithy.api#documentation": "

                                                                                                The ID of the Capacity Reservation Fleet to which the Capacity Reservation belongs. \n\t\t\tOnly valid for Capacity Reservations that were created by a Capacity Reservation Fleet.

                                                                                                ", + "smithy.api#xmlName": "capacityReservationFleetId" + } } }, "traits": { "smithy.api#documentation": "

                                                                                                Describes a Capacity Reservation.

                                                                                                " } }, + "com.amazonaws.ec2#CapacityReservationFleet": { + "type": "structure", + "members": { + "CapacityReservationFleetId": { + "target": "com.amazonaws.ec2#CapacityReservationFleetId", + "traits": { + "aws.protocols#ec2QueryName": "CapacityReservationFleetId", + "smithy.api#documentation": "

                                                                                                The ID of the Capacity Reservation Fleet.

                                                                                                ", + "smithy.api#xmlName": "capacityReservationFleetId" + } + }, + "CapacityReservationFleetArn": { + "target": "com.amazonaws.ec2#String", + "traits": { + "aws.protocols#ec2QueryName": "CapacityReservationFleetArn", + "smithy.api#documentation": "

                                                                                                The ARN of the Capacity Reservation Fleet.

                                                                                                ", + "smithy.api#xmlName": "capacityReservationFleetArn" + } + }, + "State": { + "target": "com.amazonaws.ec2#CapacityReservationFleetState", + "traits": { + "aws.protocols#ec2QueryName": "State", + "smithy.api#documentation": "

                                                                                                The state of the Capacity Reservation Fleet. Possible states include:

                                                                                                \n\t\t
                                                                                                  \n
                                                                                                • \n\t\t\t\t

                                                                                                  \n submitted - The Capacity Reservation Fleet request has been submitted \n\t\t\t\t\tand Amazon Elastic Compute Cloud is preparing to create the Capacity Reservations.

                                                                                                  \n\t\t\t
                                                                                                  • \n
                                                                                                • \n\t\t\t\t

                                                                                                  \n modifying - The Capacity Reservation Fleet is being modified. The Fleet \n\t\t\t\t\tremains in this state until the modification is complete.

                                                                                                  \n\t\t\t
                                                                                                  • \n
                                                                                                • \n\t\t\t\t

                                                                                                  \n active - The Capacity Reservation Fleet has fulfilled its total target \n\t\t\t\t\tcapacity and it is attempting to maintain this capacity. The Fleet remains in this \n\t\t\t\t\tstate until it is modified or deleted.

                                                                                                  \n\t\t\t
                                                                                                  • \n
                                                                                                • \n\t\t\t\t

                                                                                                  \n partially_fulfilled - The Capacity Reservation Fleet has partially \n\t\t\t\t\tfulfilled its total target capacity. There is insufficient Amazon EC2 to \n\t\t\t\t\tfulfill the total target capacity. The Fleet is attempting to asynchronously fulfill \n\t\t\t\t\tits total target capacity.

                                                                                                  \n\t\t\t
                                                                                                  • \n
                                                                                                • \n\t\t\t\t

                                                                                                  \n expiring - The Capacity Reservation Fleet has reach its end date and it \n\t\t\t\t\tis in the process of expiring. One or more of its Capacity reservations might still \n\t\t\t\t\tbe active.

                                                                                                  \n\t\t\t
                                                                                                  • \n
                                                                                                • \n\t\t\t\t

                                                                                                  \n expired - The Capacity Reservation Fleet has reach its end date. The Fleet \n\t\t\t\t\tand its Capacity Reservations are expired. The Fleet can't create new Capacity \n\t\t\t\t\tReservations.

                                                                                                  \n\t\t\t
                                                                                                  • \n
                                                                                                • \n\t\t\t\t

                                                                                                  \n cancelling - The Capacity Reservation Fleet is in the process of being \n\t\t\t\t\tcancelled. One or more of its Capacity reservations might still be active.

                                                                                                  \n\t\t\t
                                                                                                  • \n
                                                                                                • \n\t\t\t\t

                                                                                                  \n cancelled - The Capacity Reservation Fleet has been manually cancelled. \n\t\t\t\t\tThe Fleet and its Capacity Reservations are cancelled and the Fleet can't create new \n\t\t\t\t\tCapacity Reservations.

                                                                                                  \n\t\t\t
                                                                                                  • \n
                                                                                                • \n\t\t\t\t

                                                                                                  \n failed - The Capacity Reservation Fleet failed to reserve capacity for \n\t\t\t\t\tthe specified instance types.

                                                                                                  \n\t\t\t
                                                                                                  • \n
                                                                                                ", + "smithy.api#xmlName": "state" + } + }, + "TotalTargetCapacity": { + "target": "com.amazonaws.ec2#Integer", + "traits": { + "aws.protocols#ec2QueryName": "TotalTargetCapacity", + "smithy.api#documentation": "

                                                                                                The total number of capacity units for which the Capacity Reservation Fleet reserves capacity. \n\t\t\tFor more information, see Total target capacity \n\t\t\tin the Amazon EC2 User Guide.

                                                                                                ", + "smithy.api#xmlName": "totalTargetCapacity" + } + }, + "TotalFulfilledCapacity": { + "target": "com.amazonaws.ec2#Double", + "traits": { + "aws.protocols#ec2QueryName": "TotalFulfilledCapacity", + "smithy.api#documentation": "

                                                                                                The capacity units that have been fulfilled.

                                                                                                ", + "smithy.api#xmlName": "totalFulfilledCapacity" + } + }, + "Tenancy": { + "target": "com.amazonaws.ec2#FleetCapacityReservationTenancy", + "traits": { + "aws.protocols#ec2QueryName": "Tenancy", + "smithy.api#documentation": "

                                                                                                The tenancy of the Capacity Reservation Fleet. Tenancies include:

                                                                                                \n\t\t
                                                                                                  \n
                                                                                                • \n\t\t\t\t

                                                                                                  \n default - The Capacity Reservation Fleet is created on hardware that is \n\t\t\t\t\tshared with other Amazon Web Services accounts.

                                                                                                  \n\t\t\t
                                                                                                  • \n
                                                                                                • \n\t\t\t\t

                                                                                                  \n dedicated - The Capacity Reservation Fleet is created on single-tenant \n\t\t\t\t\thardware that is dedicated to a single Amazon Web Services account.

                                                                                                  \n\t\t\t
                                                                                                  • \n
                                                                                                ", + "smithy.api#xmlName": "tenancy" + } + }, + "EndDate": { + "target": "com.amazonaws.ec2#MillisecondDateTime", + "traits": { + "aws.protocols#ec2QueryName": "EndDate", + "smithy.api#documentation": "

                                                                                                The date and time at which the Capacity Reservation Fleet expires.

                                                                                                ", + "smithy.api#xmlName": "endDate" + } + }, + "CreateTime": { + "target": "com.amazonaws.ec2#MillisecondDateTime", + "traits": { + "aws.protocols#ec2QueryName": "CreateTime", + "smithy.api#documentation": "

                                                                                                The date and time at which the Capacity Reservation Fleet was created.

                                                                                                ", + "smithy.api#xmlName": "createTime" + } + }, + "InstanceMatchCriteria": { + "target": "com.amazonaws.ec2#FleetInstanceMatchCriteria", + "traits": { + "aws.protocols#ec2QueryName": "InstanceMatchCriteria", + "smithy.api#documentation": "

                                                                                                Indicates the type of instance launches that the Capacity Reservation Fleet accepts. All \n\t\t\tCapacity Reservations in the Fleet inherit this instance matching criteria.

                                                                                                \n\t\t

                                                                                                Currently, Capacity Reservation Fleets support open instance matching criteria \n\t\t\tonly. This means that instances that have matching attributes (instance type, platform, and \n\t\t\tAvailability Zone) run in the Capacity Reservations automatically. Instances do not need to \n\t\t\texplicitly target a Capacity Reservation Fleet to use its reserved capacity.

                                                                                                ", + "smithy.api#xmlName": "instanceMatchCriteria" + } + }, + "AllocationStrategy": { + "target": "com.amazonaws.ec2#String", + "traits": { + "aws.protocols#ec2QueryName": "AllocationStrategy", + "smithy.api#documentation": "

                                                                                                The strategy used by the Capacity Reservation Fleet to determine which of the specified \n\t\t\tinstance types to use. For more information, see For more information, see \n\t\t\t\n\t\t\t\tAllocation strategy in the Amazon EC2 User Guide.

                                                                                                ", + "smithy.api#xmlName": "allocationStrategy" + } + }, + "InstanceTypeSpecifications": { + "target": "com.amazonaws.ec2#FleetCapacityReservationSet", + "traits": { + "aws.protocols#ec2QueryName": "InstanceTypeSpecificationSet", + "smithy.api#documentation": "

                                                                                                Information about the instance types for which to reserve the capacity.

                                                                                                ", + "smithy.api#xmlName": "instanceTypeSpecificationSet" + } + }, + "Tags": { + "target": "com.amazonaws.ec2#TagList", + "traits": { + "aws.protocols#ec2QueryName": "TagSet", + "smithy.api#documentation": "

                                                                                                The tags assigned to the Capacity Reservation Fleet.

                                                                                                ", + "smithy.api#xmlName": "tagSet" + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                Information about a Capacity Reservation Fleet.

                                                                                                " + } + }, + "com.amazonaws.ec2#CapacityReservationFleetCancellationState": { + "type": "structure", + "members": { + "CurrentFleetState": { + "target": "com.amazonaws.ec2#CapacityReservationFleetState", + "traits": { + "aws.protocols#ec2QueryName": "CurrentFleetState", + "smithy.api#documentation": "

                                                                                                The current state of the Capacity Reservation Fleet.

                                                                                                ", + "smithy.api#xmlName": "currentFleetState" + } + }, + "PreviousFleetState": { + "target": "com.amazonaws.ec2#CapacityReservationFleetState", + "traits": { + "aws.protocols#ec2QueryName": "PreviousFleetState", + "smithy.api#documentation": "

                                                                                                The previous state of the Capacity Reservation Fleet.

                                                                                                ", + "smithy.api#xmlName": "previousFleetState" + } + }, + "CapacityReservationFleetId": { + "target": "com.amazonaws.ec2#CapacityReservationFleetId", + "traits": { + "aws.protocols#ec2QueryName": "CapacityReservationFleetId", + "smithy.api#documentation": "

                                                                                                The ID of the Capacity Reservation Fleet that was successfully cancelled.

                                                                                                ", + "smithy.api#xmlName": "capacityReservationFleetId" + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                Describes a Capacity Reservation Fleet that was successfully cancelled.

                                                                                                " + } + }, + "com.amazonaws.ec2#CapacityReservationFleetCancellationStateSet": { + "type": "list", + "member": { + "target": "com.amazonaws.ec2#CapacityReservationFleetCancellationState", + "traits": { + "smithy.api#xmlName": "item" + } + } + }, + "com.amazonaws.ec2#CapacityReservationFleetId": { + "type": "string" + }, + "com.amazonaws.ec2#CapacityReservationFleetIdSet": { + "type": "list", + "member": { + "target": "com.amazonaws.ec2#CapacityReservationFleetId", + "traits": { + "smithy.api#xmlName": "item" + } + } + }, + "com.amazonaws.ec2#CapacityReservationFleetSet": { + "type": "list", + "member": { + "target": "com.amazonaws.ec2#CapacityReservationFleet", + "traits": { + "smithy.api#xmlName": "item" + } + } + }, + "com.amazonaws.ec2#CapacityReservationFleetState": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "submitted", + "name": "SUBMITTED" + }, + { + "value": "modifying", + "name": "MODIFYING" + }, + { + "value": "active", + "name": "ACTIVE" + }, + { + "value": "partially_fulfilled", + "name": "PARTIALLY_FULFILLED" + }, + { + "value": "expiring", + "name": "EXPIRING" + }, + { + "value": "expired", + "name": "EXPIRED" + }, + { + "value": "cancelling", + "name": "CANCELLING" + }, + { + "value": "cancelled", + "name": "CANCELLED" + }, + { + "value": "failed", + "name": "FAILED" + } + ] + } + }, "com.amazonaws.ec2#CapacityReservationGroup": { "type": "structure", "members": { @@ -8702,6 +9013,175 @@ "smithy.api#documentation": "

                                                                                                Creates a new Capacity Reservation with the specified attributes.

                                                                                                \n\t\t

                                                                                                Capacity Reservations enable you to reserve capacity for your Amazon EC2 instances in a specific Availability Zone for any duration. This \n\t\t\tgives you the flexibility to selectively add capacity reservations and still get the Regional RI discounts for that usage. \n\t\t\tBy creating Capacity Reservations, you ensure that you always have access to Amazon EC2 capacity when you need it, for as long as you need it. \n\t\t\tFor more information, see Capacity Reservations in the Amazon EC2 User Guide.

                                                                                                \n\t\t\n\t\t

                                                                                                Your request to create a Capacity Reservation could fail if Amazon EC2 does not have sufficient capacity to\n\t\t\tfulfill the request. If your request fails due to Amazon EC2 capacity constraints, either try\n\t\t\tagain at a later time, try in a different Availability Zone, or request a smaller\n\t\t\tcapacity reservation. If your application is flexible across instance types and sizes,\n\t\t\ttry to create a Capacity Reservation with different instance attributes.

                                                                                                \n\t\t\n\t\t

                                                                                                Your request could also fail if the requested quantity exceeds your On-Demand Instance\n\t\t\tlimit for the selected instance type. If your request fails due to limit constraints,\n\t\t\tincrease your On-Demand Instance limit for the required instance type and try again. For\n\t\t\tmore information about increasing your instance limits, see Amazon EC2 Service\n\t\t\t\tQuotas in the Amazon EC2 User Guide.

                                                                                                " } }, + "com.amazonaws.ec2#CreateCapacityReservationFleet": { + "type": "operation", + "input": { + "target": "com.amazonaws.ec2#CreateCapacityReservationFleetRequest" + }, + "output": { + "target": "com.amazonaws.ec2#CreateCapacityReservationFleetResult" + }, + "traits": { + "smithy.api#documentation": "

                                                                                                Creates a Capacity Reservation Fleet. For more information, see Create a Capacity \n\t\t\tReservation Fleet in the Amazon EC2 User Guide.

                                                                                                " + } + }, + "com.amazonaws.ec2#CreateCapacityReservationFleetRequest": { + "type": "structure", + "members": { + "AllocationStrategy": { + "target": "com.amazonaws.ec2#String", + "traits": { + "smithy.api#documentation": "

                                                                                                The strategy used by the Capacity Reservation Fleet to determine which of the \n\t\t\tspecified instance types to use. Currently, only the prioritized \n\t\t\tallocation strategy is supported. For more information, see \n\t\t\t\tAllocation strategy in the Amazon EC2 User Guide.

                                                                                                \n\t\t

                                                                                                Valid values: prioritized\n

                                                                                                " + } + }, + "ClientToken": { + "target": "com.amazonaws.ec2#String", + "traits": { + "smithy.api#documentation": "

                                                                                                Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see Ensure Idempotency.

                                                                                                ", + "smithy.api#idempotencyToken": {} + } + }, + "InstanceTypeSpecifications": { + "target": "com.amazonaws.ec2#ReservationFleetInstanceSpecificationList", + "traits": { + "smithy.api#documentation": "

                                                                                                Information about the instance types for which to reserve the capacity.

                                                                                                ", + "smithy.api#required": {}, + "smithy.api#xmlName": "InstanceTypeSpecification" + } + }, + "Tenancy": { + "target": "com.amazonaws.ec2#FleetCapacityReservationTenancy", + "traits": { + "smithy.api#documentation": "

                                                                                                Indicates the tenancy of the Capacity Reservation Fleet. All Capacity Reservations \n\t\t\tin the Fleet inherit this tenancy. The Capacity Reservation Fleet can have one of \n\t\t\tthe following tenancy settings:

                                                                                                \n\t\t
                                                                                                  \n
                                                                                                • \n\t\t\t\t

                                                                                                  \n\t\t\t\t\t default - The Capacity Reservation Fleet is created on hardware \n\t\t\t\t\tthat is shared with other Amazon Web Services accounts.

                                                                                                  \n\t\t\t
                                                                                                  • \n
                                                                                                • \n\t\t\t\t

                                                                                                  \n\t\t\t\t\t dedicated - The Capacity Reservations are created on single-tenant \n\t\t\t\t\thardware that is dedicated to a single Amazon Web Services account.

                                                                                                  \n\t\t\t
                                                                                                  • \n
                                                                                                " + } + }, + "TotalTargetCapacity": { + "target": "com.amazonaws.ec2#Integer", + "traits": { + "smithy.api#documentation": "

                                                                                                The total number of capacity units to be reserved by the Capacity Reservation Fleet. This \n\t\t\tvalue, together with the instance type weights that you assign to each instance type used by \n\t\t\tthe Fleet determine the number of instances for which the Fleet reserves capacity. Both values \n\t\t\tare based on units that make sense for your workload. For more information, see \n\t\t\t\tTotal target capacity in the Amazon EC2 User Guide.

                                                                                                ", + "smithy.api#required": {} + } + }, + "EndDate": { + "target": "com.amazonaws.ec2#MillisecondDateTime", + "traits": { + "smithy.api#documentation": "

                                                                                                The date and time at which the Capacity Reservation Fleet expires. When the Capacity \n\t\t\tReservation Fleet expires, its state changes to expired and all of the Capacity \n\t\t\tReservations in the Fleet expire.

                                                                                                \t\n\t\t

                                                                                                The Capacity Reservation Fleet expires within an hour after the specified time. For example, \n\t\t\tif you specify 5/31/2019, 13:30:55, the Capacity Reservation Fleet \n\t\t\tis guaranteed to expire between 13:30:55 and 14:30:55 on \n\t\t\t5/31/2019.\n\t\t

                                                                                                " + } + }, + "InstanceMatchCriteria": { + "target": "com.amazonaws.ec2#FleetInstanceMatchCriteria", + "traits": { + "smithy.api#documentation": "

                                                                                                Indicates the type of instance launches that the Capacity Reservation Fleet accepts. All \n\t\t\tCapacity Reservations in the Fleet inherit this instance matching criteria.

                                                                                                \n\t\t

                                                                                                Currently, Capacity Reservation Fleets support open instance matching criteria \n\t\t\tonly. This means that instances that have matching attributes (instance type, platform, and \n\t\t\tAvailability Zone) run in the Capacity Reservations automatically. Instances do not need to \n\t\t\texplicitly target a Capacity Reservation Fleet to use its reserved capacity.

                                                                                                " + } + }, + "TagSpecifications": { + "target": "com.amazonaws.ec2#TagSpecificationList", + "traits": { + "smithy.api#documentation": "

                                                                                                The tags to assign to the Capacity Reservation Fleet. The tags are automatically assigned \n\t\t\tto the Capacity Reservations in the Fleet.

                                                                                                ", + "smithy.api#xmlName": "TagSpecification" + } + }, + "DryRun": { + "target": "com.amazonaws.ec2#Boolean", + "traits": { + "smithy.api#documentation": "

                                                                                                Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                                                                " + } + } + } + }, + "com.amazonaws.ec2#CreateCapacityReservationFleetResult": { + "type": "structure", + "members": { + "CapacityReservationFleetId": { + "target": "com.amazonaws.ec2#CapacityReservationFleetId", + "traits": { + "aws.protocols#ec2QueryName": "CapacityReservationFleetId", + "smithy.api#documentation": "

                                                                                                The ID of the Capacity Reservation Fleet.

                                                                                                ", + "smithy.api#xmlName": "capacityReservationFleetId" + } + }, + "State": { + "target": "com.amazonaws.ec2#CapacityReservationFleetState", + "traits": { + "aws.protocols#ec2QueryName": "State", + "smithy.api#documentation": "

                                                                                                The status of the Capacity Reservation Fleet.

                                                                                                ", + "smithy.api#xmlName": "state" + } + }, + "TotalTargetCapacity": { + "target": "com.amazonaws.ec2#Integer", + "traits": { + "aws.protocols#ec2QueryName": "TotalTargetCapacity", + "smithy.api#documentation": "

                                                                                                The total number of capacity units for which the Capacity Reservation Fleet reserves capacity.

                                                                                                ", + "smithy.api#xmlName": "totalTargetCapacity" + } + }, + "TotalFulfilledCapacity": { + "target": "com.amazonaws.ec2#Double", + "traits": { + "aws.protocols#ec2QueryName": "TotalFulfilledCapacity", + "smithy.api#documentation": "

                                                                                                The requested capacity units that have been successfully reserved.

                                                                                                ", + "smithy.api#xmlName": "totalFulfilledCapacity" + } + }, + "InstanceMatchCriteria": { + "target": "com.amazonaws.ec2#FleetInstanceMatchCriteria", + "traits": { + "aws.protocols#ec2QueryName": "InstanceMatchCriteria", + "smithy.api#documentation": "

                                                                                                The instance matching criteria for the Capacity Reservation Fleet.

                                                                                                ", + "smithy.api#xmlName": "instanceMatchCriteria" + } + }, + "AllocationStrategy": { + "target": "com.amazonaws.ec2#String", + "traits": { + "aws.protocols#ec2QueryName": "AllocationStrategy", + "smithy.api#documentation": "

                                                                                                The allocation strategy used by the Capacity Reservation Fleet.

                                                                                                ", + "smithy.api#xmlName": "allocationStrategy" + } + }, + "CreateTime": { + "target": "com.amazonaws.ec2#MillisecondDateTime", + "traits": { + "aws.protocols#ec2QueryName": "CreateTime", + "smithy.api#documentation": "

                                                                                                The date and time at which the Capacity Reservation Fleet was created.

                                                                                                ", + "smithy.api#xmlName": "createTime" + } + }, + "EndDate": { + "target": "com.amazonaws.ec2#MillisecondDateTime", + "traits": { + "aws.protocols#ec2QueryName": "EndDate", + "smithy.api#documentation": "

                                                                                                The date and time at which the Capacity Reservation Fleet expires.

                                                                                                ", + "smithy.api#xmlName": "endDate" + } + }, + "Tenancy": { + "target": "com.amazonaws.ec2#FleetCapacityReservationTenancy", + "traits": { + "aws.protocols#ec2QueryName": "Tenancy", + "smithy.api#documentation": "

                                                                                                Indicates the tenancy of Capacity Reservation Fleet.

                                                                                                ", + "smithy.api#xmlName": "tenancy" + } + }, + "FleetCapacityReservations": { + "target": "com.amazonaws.ec2#FleetCapacityReservationSet", + "traits": { + "aws.protocols#ec2QueryName": "FleetCapacityReservationSet", + "smithy.api#documentation": "

                                                                                                Information about the individual Capacity Reservations in the Capacity Reservation Fleet.

                                                                                                ", + "smithy.api#xmlName": "fleetCapacityReservationSet" + } + }, + "Tags": { + "target": "com.amazonaws.ec2#TagList", + "traits": { + "aws.protocols#ec2QueryName": "TagSet", + "smithy.api#documentation": "

                                                                                                The tags assigned to the Capacity Reservation Fleet.

                                                                                                ", + "smithy.api#xmlName": "tagSet" + } + } + } + }, "com.amazonaws.ec2#CreateCapacityReservationRequest": { "type": "structure", "members": { @@ -17285,6 +17765,91 @@ } } }, + "com.amazonaws.ec2#DescribeCapacityReservationFleets": { + "type": "operation", + "input": { + "target": "com.amazonaws.ec2#DescribeCapacityReservationFleetsRequest" + }, + "output": { + "target": "com.amazonaws.ec2#DescribeCapacityReservationFleetsResult" + }, + "traits": { + "smithy.api#documentation": "

                                                                                                Describes one or more Capacity Reservation Fleets.

                                                                                                ", + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "items": "CapacityReservationFleets", + "pageSize": "MaxResults" + } + } + }, + "com.amazonaws.ec2#DescribeCapacityReservationFleetsMaxResults": { + "type": "integer", + "traits": { + "smithy.api#range": { + "min": 1, + "max": 100 + } + } + }, + "com.amazonaws.ec2#DescribeCapacityReservationFleetsRequest": { + "type": "structure", + "members": { + "CapacityReservationFleetIds": { + "target": "com.amazonaws.ec2#CapacityReservationFleetIdSet", + "traits": { + "smithy.api#documentation": "

                                                                                                The IDs of the Capacity Reservation Fleets to describe.

                                                                                                ", + "smithy.api#xmlName": "CapacityReservationFleetId" + } + }, + "NextToken": { + "target": "com.amazonaws.ec2#String", + "traits": { + "smithy.api#documentation": "

                                                                                                The token to use to retrieve the next page of results.

                                                                                                " + } + }, + "MaxResults": { + "target": "com.amazonaws.ec2#DescribeCapacityReservationFleetsMaxResults", + "traits": { + "smithy.api#documentation": "

                                                                                                The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned nextToken value. This value can be between 5 and 500. If maxResults is given a larger value than 500, you receive an error.

                                                                                                " + } + }, + "Filters": { + "target": "com.amazonaws.ec2#FilterList", + "traits": { + "smithy.api#documentation": "

                                                                                                One or more filters.

                                                                                                \n\t\t
                                                                                                  \n
                                                                                                • \n\t\t\t\t

                                                                                                  \n state - The state of the Fleet (submitted | modifying | active | \n\t\t\t\t\tpartially_fulfilled | expiring | expired | cancelling | \n\t\t\t\t\tcancelled | failed).

                                                                                                  \n\t\t\t
                                                                                                  • \n
                                                                                                • \n\t\t\t\t

                                                                                                  \n instance-match-criteria - The instance matching criteria for the Fleet. Only open is supported.

                                                                                                  \n\t\t\t
                                                                                                  • \n
                                                                                                • \n\t\t\t\t

                                                                                                  \n tenancy - The tenancy of the Fleet (default | dedicated).

                                                                                                  \n\t\t\t
                                                                                                  • \n
                                                                                                • \n\t\t\t\t

                                                                                                  \n allocation-strategy - The allocation strategy used by the Fleet. Only prioritized is supported.

                                                                                                  \n\t\t\t
                                                                                                  • \n
                                                                                                ", + "smithy.api#xmlName": "Filter" + } + }, + "DryRun": { + "target": "com.amazonaws.ec2#Boolean", + "traits": { + "smithy.api#documentation": "

                                                                                                Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                                                                " + } + } + } + }, + "com.amazonaws.ec2#DescribeCapacityReservationFleetsResult": { + "type": "structure", + "members": { + "CapacityReservationFleets": { + "target": "com.amazonaws.ec2#CapacityReservationFleetSet", + "traits": { + "aws.protocols#ec2QueryName": "CapacityReservationFleetSet", + "smithy.api#documentation": "

                                                                                                Information about the Capacity Reservation Fleets.

                                                                                                ", + "smithy.api#xmlName": "capacityReservationFleetSet" + } + }, + "NextToken": { + "target": "com.amazonaws.ec2#String", + "traits": { + "aws.protocols#ec2QueryName": "NextToken", + "smithy.api#documentation": "

                                                                                                The token to use to retrieve the next page of results. This value is null when there are no more results to return.

                                                                                                ", + "smithy.api#xmlName": "nextToken" + } + } + } + }, "com.amazonaws.ec2#DescribeCapacityReservations": { "type": "operation", "input": { @@ -24065,6 +24630,16 @@ "comparator": "allStringEquals" } } + }, + { + "state": "failure", + "matcher": { + "output": { + "path": "Snapshots[].State", + "expected": "error", + "comparator": "anyStringEquals" + } + } } ], "minDelay": 15 @@ -29268,6 +29843,16 @@ "com.amazonaws.ec2#Double": { "type": "double" }, + "com.amazonaws.ec2#DoubleWithConstraints": { + "type": "double", + "traits": { + "smithy.api#box": {}, + "smithy.api#range": { + "min": 0.001, + "max": 99.999 + } + } + }, "com.amazonaws.ec2#EbsBlockDevice": { "type": "structure", "members": { @@ -31782,6 +32367,39 @@ "com.amazonaws.ec2#ExportVmTaskId": { "type": "string" }, + "com.amazonaws.ec2#FailedCapacityReservationFleetCancellationResult": { + "type": "structure", + "members": { + "CapacityReservationFleetId": { + "target": "com.amazonaws.ec2#CapacityReservationFleetId", + "traits": { + "aws.protocols#ec2QueryName": "CapacityReservationFleetId", + "smithy.api#documentation": "

                                                                                                The ID of the Capacity Reservation Fleet that could not be cancelled.

                                                                                                ", + "smithy.api#xmlName": "capacityReservationFleetId" + } + }, + "CancelCapacityReservationFleetError": { + "target": "com.amazonaws.ec2#CancelCapacityReservationFleetError", + "traits": { + "aws.protocols#ec2QueryName": "CancelCapacityReservationFleetError", + "smithy.api#documentation": "

                                                                                                Information about the Capacity Reservation Fleet cancellation error.

                                                                                                ", + "smithy.api#xmlName": "cancelCapacityReservationFleetError" + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                Describes a Capacity Reservation Fleet that could not be cancelled.

                                                                                                " + } + }, + "com.amazonaws.ec2#FailedCapacityReservationFleetCancellationResultSet": { + "type": "list", + "member": { + "target": "com.amazonaws.ec2#FailedCapacityReservationFleetCancellationResult", + "traits": { + "smithy.api#xmlName": "item" + } + } + }, "com.amazonaws.ec2#FailedQueuedPurchaseDeletion": { "type": "structure", "members": { @@ -31939,6 +32557,122 @@ ] } }, + "com.amazonaws.ec2#FleetCapacityReservation": { + "type": "structure", + "members": { + "CapacityReservationId": { + "target": "com.amazonaws.ec2#CapacityReservationId", + "traits": { + "aws.protocols#ec2QueryName": "CapacityReservationId", + "smithy.api#documentation": "

                                                                                                The ID of the Capacity Reservation.

                                                                                                ", + "smithy.api#xmlName": "capacityReservationId" + } + }, + "AvailabilityZoneId": { + "target": "com.amazonaws.ec2#String", + "traits": { + "aws.protocols#ec2QueryName": "AvailabilityZoneId", + "smithy.api#documentation": "

                                                                                                The ID of the Availability Zone in which the Capacity Reservation reserves capacity.

                                                                                                ", + "smithy.api#xmlName": "availabilityZoneId" + } + }, + "InstanceType": { + "target": "com.amazonaws.ec2#InstanceType", + "traits": { + "aws.protocols#ec2QueryName": "InstanceType", + "smithy.api#documentation": "

                                                                                                The instance type for which the Capacity Reservation reserves capacity.

                                                                                                ", + "smithy.api#xmlName": "instanceType" + } + }, + "InstancePlatform": { + "target": "com.amazonaws.ec2#CapacityReservationInstancePlatform", + "traits": { + "aws.protocols#ec2QueryName": "InstancePlatform", + "smithy.api#documentation": "

                                                                                                The type of operating system for which the Capacity Reservation reserves capacity.

                                                                                                ", + "smithy.api#xmlName": "instancePlatform" + } + }, + "AvailabilityZone": { + "target": "com.amazonaws.ec2#String", + "traits": { + "aws.protocols#ec2QueryName": "AvailabilityZone", + "smithy.api#documentation": "

                                                                                                The Availability Zone in which the Capacity Reservation reserves capacity.

                                                                                                ", + "smithy.api#xmlName": "availabilityZone" + } + }, + "TotalInstanceCount": { + "target": "com.amazonaws.ec2#Integer", + "traits": { + "aws.protocols#ec2QueryName": "TotalInstanceCount", + "smithy.api#documentation": "

                                                                                                The total number of instances for which the Capacity Reservation reserves capacity.

                                                                                                ", + "smithy.api#xmlName": "totalInstanceCount" + } + }, + "FulfilledCapacity": { + "target": "com.amazonaws.ec2#Double", + "traits": { + "aws.protocols#ec2QueryName": "FulfilledCapacity", + "smithy.api#documentation": "

                                                                                                The number of capacity units fulfilled by the Capacity Reservation. For more information, see \n\t\t\t\n\t\t\t\tTotal target capacity in the Amazon EC2 User Guide.

                                                                                                ", + "smithy.api#xmlName": "fulfilledCapacity" + } + }, + "EbsOptimized": { + "target": "com.amazonaws.ec2#Boolean", + "traits": { + "aws.protocols#ec2QueryName": "EbsOptimized", + "smithy.api#documentation": "

                                                                                                Indicates whether the Capacity Reservation reserves capacity for EBS-optimized instance types.

                                                                                                ", + "smithy.api#xmlName": "ebsOptimized" + } + }, + "CreateDate": { + "target": "com.amazonaws.ec2#MillisecondDateTime", + "traits": { + "aws.protocols#ec2QueryName": "CreateDate", + "smithy.api#documentation": "

                                                                                                The date and time at which the Capacity Reservation was created.

                                                                                                ", + "smithy.api#xmlName": "createDate" + } + }, + "Weight": { + "target": "com.amazonaws.ec2#DoubleWithConstraints", + "traits": { + "aws.protocols#ec2QueryName": "Weight", + "smithy.api#documentation": "

                                                                                                The weight of the instance type in the Capacity Reservation Fleet. For more information, \n\t\t\tsee \n\t\t\t\tInstance type weight in the Amazon EC2 User Guide.

                                                                                                ", + "smithy.api#xmlName": "weight" + } + }, + "Priority": { + "target": "com.amazonaws.ec2#IntegerWithConstraints", + "traits": { + "aws.protocols#ec2QueryName": "Priority", + "smithy.api#documentation": "

                                                                                                The priority of the instance type in the Capacity Reservation Fleet. For more information, \n\t\t\tsee \n\t\t\t\tInstance type priority in the Amazon EC2 User Guide.

                                                                                                ", + "smithy.api#xmlName": "priority" + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                Information about a Capacity Reservation in a Capacity Reservation Fleet.

                                                                                                " + } + }, + "com.amazonaws.ec2#FleetCapacityReservationSet": { + "type": "list", + "member": { + "target": "com.amazonaws.ec2#FleetCapacityReservation", + "traits": { + "smithy.api#xmlName": "item" + } + } + }, + "com.amazonaws.ec2#FleetCapacityReservationTenancy": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "default", + "name": "default" + } + ] + } + }, "com.amazonaws.ec2#FleetCapacityReservationUsageStrategy": { "type": "string", "traits": { @@ -32169,6 +32903,17 @@ "target": "com.amazonaws.ec2#FleetId" } }, + "com.amazonaws.ec2#FleetInstanceMatchCriteria": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "open", + "name": "open" + } + ] + } + }, "com.amazonaws.ec2#FleetLaunchTemplateConfig": { "type": "structure", "members": { @@ -39636,7 +40381,7 @@ } }, "NetworkInterfaceId": { - "target": "com.amazonaws.ec2#String", + "target": "com.amazonaws.ec2#NetworkInterfaceId", "traits": { "aws.protocols#ec2QueryName": "NetworkInterfaceId", "smithy.api#documentation": "

                                                                                                The ID of the network interface.

                                                                                                \n

                                                                                                If you are creating a Spot Fleet, omit this parameter because you can’t specify a network interface ID in a launch specification.

                                                                                                ", @@ -42166,6 +42911,15 @@ "com.amazonaws.ec2#Integer": { "type": "integer" }, + "com.amazonaws.ec2#IntegerWithConstraints": { + "type": "integer", + "traits": { + "smithy.api#box": {}, + "smithy.api#range": { + "min": 0 + } + } + }, "com.amazonaws.ec2#IntegrateServices": { "type": "structure", "members": { @@ -44373,7 +45127,7 @@ } }, "SubnetId": { - "target": "com.amazonaws.ec2#String", + "target": "com.amazonaws.ec2#SubnetId", "traits": { "aws.protocols#ec2QueryName": "SubnetId", "smithy.api#documentation": "

                                                                                                The ID of the subnet in which to launch the instances.

                                                                                                ", @@ -46043,6 +46797,67 @@ "smithy.api#documentation": "

                                                                                                Modifies a Capacity Reservation's capacity and the conditions under which it is to be released. You\n\t\t\tcannot change a Capacity Reservation's instance type, EBS optimization, instance store settings,\n\t\t\tplatform, Availability Zone, or instance eligibility. If you need to modify any of these\n\t\t\tattributes, we recommend that you cancel the Capacity Reservation, and then create a new one with\n\t\t\tthe required attributes.

                                                                                                " } }, + "com.amazonaws.ec2#ModifyCapacityReservationFleet": { + "type": "operation", + "input": { + "target": "com.amazonaws.ec2#ModifyCapacityReservationFleetRequest" + }, + "output": { + "target": "com.amazonaws.ec2#ModifyCapacityReservationFleetResult" + }, + "traits": { + "smithy.api#documentation": "

                                                                                                Modifies a Capacity Reservation Fleet.

                                                                                                \n\t\t

                                                                                                When you modify the total target capacity of a Capacity Reservation Fleet, the Fleet automatically \n\t\t\tcreates new Capacity Reservations, or modifies or cancels existing Capacity Reservations in the Fleet \n\t\t\tto meet the new total target capacity. When you modify the end date for the Fleet, the end dates for \n\t\t\tall of the individual Capacity Reservations in the Fleet are updated accordingly.

                                                                                                " + } + }, + "com.amazonaws.ec2#ModifyCapacityReservationFleetRequest": { + "type": "structure", + "members": { + "CapacityReservationFleetId": { + "target": "com.amazonaws.ec2#CapacityReservationFleetId", + "traits": { + "smithy.api#documentation": "

                                                                                                The ID of the Capacity Reservation Fleet to modify.

                                                                                                ", + "smithy.api#required": {} + } + }, + "TotalTargetCapacity": { + "target": "com.amazonaws.ec2#Integer", + "traits": { + "smithy.api#documentation": "

                                                                                                The total number of capacity units to be reserved by the Capacity Reservation Fleet. This value, \n\t\t\ttogether with the instance type weights that you assign to each instance type used by the Fleet \n\t\t\tdetermine the number of instances for which the Fleet reserves capacity. Both values are based on \n\t\t\tunits that make sense for your workload. For more information, see Total target capacity \n\t\t\tin the Amazon EC2 User Guide.

                                                                                                " + } + }, + "EndDate": { + "target": "com.amazonaws.ec2#MillisecondDateTime", + "traits": { + "smithy.api#documentation": "

                                                                                                The date and time at which the Capacity Reservation Fleet expires. When the Capacity Reservation \n\t\t\tFleet expires, its state changes to expired and all of the Capacity Reservations in the \n\t\t\tFleet expire.

                                                                                                \t\n\t\t

                                                                                                The Capacity Reservation Fleet expires within an hour after the specified time. For example, if you \n\t\t\tspecify 5/31/2019, 13:30:55, the Capacity Reservation Fleet is guaranteed \n\t\t\tto expire between 13:30:55 and 14:30:55 on 5/31/2019.

                                                                                                \n\t\t

                                                                                                You can't specify EndDate and \n\t\t\tRemoveEndDate in the same request.

                                                                                                " + } + }, + "DryRun": { + "target": "com.amazonaws.ec2#Boolean", + "traits": { + "smithy.api#documentation": "

                                                                                                Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

                                                                                                " + } + }, + "RemoveEndDate": { + "target": "com.amazonaws.ec2#Boolean", + "traits": { + "smithy.api#documentation": "

                                                                                                Indicates whether to remove the end date from the Capacity Reservation Fleet. If you remove the \n\t\t\tend date, the Capacity Reservation Fleet does not expire and it remains active until you explicitly \n\t\t\tcancel it using the CancelCapacityReservationFleet action.

                                                                                                \n\t\t

                                                                                                You can't specify RemoveEndDate and \n\t\t\tEndDate in the same request.

                                                                                                " + } + } + } + }, + "com.amazonaws.ec2#ModifyCapacityReservationFleetResult": { + "type": "structure", + "members": { + "Return": { + "target": "com.amazonaws.ec2#Boolean", + "traits": { + "aws.protocols#ec2QueryName": "Return", + "smithy.api#documentation": "

                                                                                                Returns true if the request succeeds; otherwise, it returns an error.

                                                                                                ", + "smithy.api#xmlName": "return" + } + } + } + }, "com.amazonaws.ec2#ModifyCapacityReservationRequest": { "type": "structure", "members": { @@ -55492,6 +56307,62 @@ "smithy.api#documentation": "

                                                                                                Describes a launch request for one or more instances, and includes \n owner, requester, and security group information that applies to all \n instances in the launch request.

                                                                                                " } }, + "com.amazonaws.ec2#ReservationFleetInstanceSpecification": { + "type": "structure", + "members": { + "InstanceType": { + "target": "com.amazonaws.ec2#InstanceType", + "traits": { + "smithy.api#documentation": "

                                                                                                The instance type for which the Capacity Reservation Fleet reserves capacity.

                                                                                                " + } + }, + "InstancePlatform": { + "target": "com.amazonaws.ec2#CapacityReservationInstancePlatform", + "traits": { + "smithy.api#documentation": "

                                                                                                The type of operating system for which the Capacity Reservation Fleet reserves capacity.

                                                                                                " + } + }, + "Weight": { + "target": "com.amazonaws.ec2#DoubleWithConstraints", + "traits": { + "smithy.api#documentation": "

                                                                                                The number of capacity units provided by the specified instance type. This value, together with the \n\t\t\ttotal target capacity that you specify for the Fleet determine the number of instances for which the \n\t\t\tFleet reserves capacity. Both values are based on units that make sense for your workload. For more \n\t\t\tinformation, see Total target capacity \n\t\t\tin the Amazon EC2 User Guide.

                                                                                                " + } + }, + "AvailabilityZone": { + "target": "com.amazonaws.ec2#String", + "traits": { + "smithy.api#documentation": "

                                                                                                The Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity \n\t\t\tReservation Fleet can't span Availability Zones. All instance type specifications that you specify \n\t\t\tfor the Fleet must use the same Availability Zone.

                                                                                                " + } + }, + "AvailabilityZoneId": { + "target": "com.amazonaws.ec2#String", + "traits": { + "smithy.api#documentation": "

                                                                                                The ID of the Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A \n\t\t\tCapacity Reservation Fleet can't span Availability Zones. All instance type specifications that you \n\t\t\tspecify for the Fleet must use the same Availability Zone.

                                                                                                " + } + }, + "EbsOptimized": { + "target": "com.amazonaws.ec2#Boolean", + "traits": { + "smithy.api#documentation": "

                                                                                                Indicates whether the Capacity Reservation Fleet supports EBS-optimized instances types. This \n\t\t\toptimization provides dedicated throughput to Amazon EBS and an optimized configuration stack \n\t\t\tto provide optimal I/O performance. This optimization isn't available with all instance types. Additional \n\t\t\tusage charges apply when using EBS-optimized instance types.

                                                                                                " + } + }, + "Priority": { + "target": "com.amazonaws.ec2#IntegerWithConstraints", + "traits": { + "smithy.api#documentation": "

                                                                                                The priority to assign to the instance type. This value is used to determine which of the instance types \n\t\t\tspecified for the Fleet should be prioritized for use. A lower value indicates a high priority. For more \n\t\t\tinformation, see Instance type priority \n\t\t\tin the Amazon EC2 User Guide.

                                                                                                " + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                Information about an instance type to use in a Capacity Reservation Fleet.

                                                                                                " + } + }, + "com.amazonaws.ec2#ReservationFleetInstanceSpecificationList": { + "type": "list", + "member": { + "target": "com.amazonaws.ec2#ReservationFleetInstanceSpecification" + } + }, "com.amazonaws.ec2#ReservationId": { "type": "string" }, diff --git a/codegen/sdk-codegen/aws-models/efs.2015-02-01.json b/codegen/sdk-codegen/aws-models/efs.2015-02-01.json index 9c696efa8d55..75272d760c25 100644 --- a/codegen/sdk-codegen/aws-models/efs.2015-02-01.json +++ b/codegen/sdk-codegen/aws-models/efs.2015-02-01.json @@ -2590,6 +2590,9 @@ "target": "com.amazonaws.efs#PutAccountPreferencesResponse" }, "errors": [ + { + "target": "com.amazonaws.efs#BadRequest" + }, { "target": "com.amazonaws.efs#InternalServerError" } diff --git a/codegen/sdk-codegen/aws-models/firehose.2015-08-04.json b/codegen/sdk-codegen/aws-models/firehose.2015-08-04.json index c27a98d9b81f..80cd16ea0150 100644 --- a/codegen/sdk-codegen/aws-models/firehose.2015-08-04.json +++ b/codegen/sdk-codegen/aws-models/firehose.2015-08-04.json @@ -39,6 +39,272 @@ "smithy.api#pattern": "^arn:" } }, + "com.amazonaws.firehose#AmazonopensearchserviceBufferingHints": { + "type": "structure", + "members": { + "IntervalInSeconds": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceBufferingIntervalInSeconds" + }, + "SizeInMBs": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceBufferingSizeInMBs" + } + } + }, + "com.amazonaws.firehose#AmazonopensearchserviceBufferingIntervalInSeconds": { + "type": "integer", + "traits": { + "smithy.api#box": {}, + "smithy.api#range": { + "min": 60, + "max": 900 + } + } + }, + "com.amazonaws.firehose#AmazonopensearchserviceBufferingSizeInMBs": { + "type": "integer", + "traits": { + "smithy.api#box": {}, + "smithy.api#range": { + "min": 1, + "max": 100 + } + } + }, + "com.amazonaws.firehose#AmazonopensearchserviceClusterEndpoint": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 512 + }, + "smithy.api#pattern": "^https:" + } + }, + "com.amazonaws.firehose#AmazonopensearchserviceDestinationConfiguration": { + "type": "structure", + "members": { + "RoleARN": { + "target": "com.amazonaws.firehose#RoleARN", + "traits": { + "smithy.api#required": {} + } + }, + "DomainARN": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceDomainARN" + }, + "ClusterEndpoint": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceClusterEndpoint" + }, + "IndexName": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceIndexName", + "traits": { + "smithy.api#required": {} + } + }, + "TypeName": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceTypeName" + }, + "IndexRotationPeriod": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceIndexRotationPeriod" + }, + "BufferingHints": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceBufferingHints" + }, + "RetryOptions": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceRetryOptions" + }, + "S3BackupMode": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceS3BackupMode" + }, + "S3Configuration": { + "target": "com.amazonaws.firehose#S3DestinationConfiguration", + "traits": { + "smithy.api#required": {} + } + }, + "ProcessingConfiguration": { + "target": "com.amazonaws.firehose#ProcessingConfiguration" + }, + "CloudWatchLoggingOptions": { + "target": "com.amazonaws.firehose#CloudWatchLoggingOptions" + }, + "VpcConfiguration": { + "target": "com.amazonaws.firehose#VpcConfiguration" + } + } + }, + "com.amazonaws.firehose#AmazonopensearchserviceDestinationDescription": { + "type": "structure", + "members": { + "RoleARN": { + "target": "com.amazonaws.firehose#RoleARN" + }, + "DomainARN": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceDomainARN" + }, + "ClusterEndpoint": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceClusterEndpoint" + }, + "IndexName": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceIndexName" + }, + "TypeName": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceTypeName" + }, + "IndexRotationPeriod": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceIndexRotationPeriod" + }, + "BufferingHints": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceBufferingHints" + }, + "RetryOptions": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceRetryOptions" + }, + "S3BackupMode": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceS3BackupMode" + }, + "S3DestinationDescription": { + "target": "com.amazonaws.firehose#S3DestinationDescription" + }, + "ProcessingConfiguration": { + "target": "com.amazonaws.firehose#ProcessingConfiguration" + }, + "CloudWatchLoggingOptions": { + "target": "com.amazonaws.firehose#CloudWatchLoggingOptions" + }, + "VpcConfigurationDescription": { + "target": "com.amazonaws.firehose#VpcConfigurationDescription" + } + } + }, + "com.amazonaws.firehose#AmazonopensearchserviceDestinationUpdate": { + "type": "structure", + "members": { + "RoleARN": { + "target": "com.amazonaws.firehose#RoleARN" + }, + "DomainARN": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceDomainARN" + }, + "ClusterEndpoint": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceClusterEndpoint" + }, + "IndexName": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceIndexName" + }, + "TypeName": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceTypeName" + }, + "IndexRotationPeriod": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceIndexRotationPeriod" + }, + "BufferingHints": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceBufferingHints" + }, + "RetryOptions": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceRetryOptions" + }, + "S3Update": { + "target": "com.amazonaws.firehose#S3DestinationUpdate" + }, + "ProcessingConfiguration": { + "target": "com.amazonaws.firehose#ProcessingConfiguration" + }, + "CloudWatchLoggingOptions": { + "target": "com.amazonaws.firehose#CloudWatchLoggingOptions" + } + } + }, + "com.amazonaws.firehose#AmazonopensearchserviceDomainARN": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 512 + }, + "smithy.api#pattern": "^arn:" + } + }, + "com.amazonaws.firehose#AmazonopensearchserviceIndexName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 80 + }, + "smithy.api#pattern": ".*" + } + }, + "com.amazonaws.firehose#AmazonopensearchserviceIndexRotationPeriod": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "NoRotation", + "name": "NoRotation" + }, + { + "value": "OneHour", + "name": "OneHour" + }, + { + "value": "OneDay", + "name": "OneDay" + }, + { + "value": "OneWeek", + "name": "OneWeek" + }, + { + "value": "OneMonth", + "name": "OneMonth" + } + ] + } + }, + "com.amazonaws.firehose#AmazonopensearchserviceRetryDurationInSeconds": { + "type": "integer", + "traits": { + "smithy.api#box": {}, + "smithy.api#range": { + "min": 0, + "max": 7200 + } + } + }, + "com.amazonaws.firehose#AmazonopensearchserviceRetryOptions": { + "type": "structure", + "members": { + "DurationInSeconds": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceRetryDurationInSeconds" + } + } + }, + "com.amazonaws.firehose#AmazonopensearchserviceS3BackupMode": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "FailedDocumentsOnly", + "name": "FailedDocumentsOnly" + }, + { + "value": "AllDocuments", + "name": "AllDocuments" + } + ] + } + }, + "com.amazonaws.firehose#AmazonopensearchserviceTypeName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 100 + }, + "smithy.api#pattern": ".*" + } + }, "com.amazonaws.firehose#BlockSizeBytes": { "type": "integer", "traits": { @@ -302,6 +568,9 @@ "smithy.api#documentation": "

                                                                                                The destination in Amazon ES. You can specify only one destination.

                                                                                                " } }, + "AmazonopensearchserviceDestinationConfiguration": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceDestinationConfiguration" + }, "SplunkDestinationConfiguration": { "target": "com.amazonaws.firehose#SplunkDestinationConfiguration", "traits": { @@ -872,6 +1141,9 @@ "smithy.api#documentation": "

                                                                                                The destination in Amazon ES.

                                                                                                " } }, + "AmazonopensearchserviceDestinationDescription": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceDestinationDescription" + }, "SplunkDestinationDescription": { "target": "com.amazonaws.firehose#SplunkDestinationDescription", "traits": { @@ -4386,6 +4658,9 @@ "smithy.api#documentation": "

                                                                                                Describes an update for a destination in Amazon ES.

                                                                                                " } }, + "AmazonopensearchserviceDestinationUpdate": { + "target": "com.amazonaws.firehose#AmazonopensearchserviceDestinationUpdate" + }, "SplunkDestinationUpdate": { "target": "com.amazonaws.firehose#SplunkDestinationUpdate", "traits": { diff --git a/codegen/sdk-codegen/aws-models/fsx.2018-03-01.json b/codegen/sdk-codegen/aws-models/fsx.2018-03-01.json index 1f1d9d6399d9..4a741aa25e6f 100644 --- a/codegen/sdk-codegen/aws-models/fsx.2018-03-01.json +++ b/codegen/sdk-codegen/aws-models/fsx.2018-03-01.json @@ -1304,6 +1304,12 @@ }, "KmsKeyId": { "target": "com.amazonaws.fsx#KmsKeyId" + }, + "FileSystemTypeVersion": { + "target": "com.amazonaws.fsx#FileSystemTypeVersion", + "traits": { + "smithy.api#documentation": "

                                                                                                Sets the version for the Amazon FSx for Lustre file system you're creating from a backup.\n Valid values are 2.10 and 2.12.

                                                                                                \n

                                                                                                You don't need to specify FileSystemTypeVersion because it will\n be applied using the backup's FileSystemTypeVersion setting.\n If you choose to specify FileSystemTypeVersion when creating from backup, the\n value must match the backup's FileSystemTypeVersion setting.

                                                                                                " + } } }, "traits": { @@ -1518,6 +1524,12 @@ }, "OntapConfiguration": { "target": "com.amazonaws.fsx#CreateFileSystemOntapConfiguration" + }, + "FileSystemTypeVersion": { + "target": "com.amazonaws.fsx#FileSystemTypeVersion", + "traits": { + "smithy.api#documentation": "

                                                                                                Sets the version of the Amazon FSx for Lustre file system you're creating.\n Valid values are 2.10 and 2.12.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Set the value to 2.10 to create a Lustre 2.10\n file system.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Set the value to 2.12 to create a Lustre 2.12\n file system.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                Default value is 2.10.

                                                                                                " + } } }, "traits": { @@ -3488,6 +3500,12 @@ "traits": { "smithy.api#documentation": "

                                                                                                The configuration for this FSx for NetApp ONTAP file system.

                                                                                                " } + }, + "FileSystemTypeVersion": { + "target": "com.amazonaws.fsx#FileSystemTypeVersion", + "traits": { + "smithy.api#documentation": "

                                                                                                The version of your Amazon FSx for Lustre file system, either\n 2.10 or 2.12.

                                                                                                " + } } }, "traits": { @@ -3672,6 +3690,16 @@ ] } }, + "com.amazonaws.fsx#FileSystemTypeVersion": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 20 + }, + "smithy.api#pattern": "^[0-9](\\.[0-9]*)*$" + } + }, "com.amazonaws.fsx#FileSystems": { "type": "list", "member": { @@ -4700,7 +4728,7 @@ "DnsIps": { "target": "com.amazonaws.fsx#DnsIps", "traits": { - "smithy.api#documentation": "

                                                                                                A list of up to two IP addresses of DNS servers or domain controllers in the\n self-managed AD directory.

                                                                                                " + "smithy.api#documentation": "

                                                                                                A list of up to three IP addresses of DNS servers or domain controllers in the\n self-managed AD directory.

                                                                                                " } } }, @@ -4747,13 +4775,13 @@ "DnsIps": { "target": "com.amazonaws.fsx#DnsIps", "traits": { - "smithy.api#documentation": "

                                                                                                A list of up to two IP addresses of DNS servers or domain controllers in the\n self-managed AD directory.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                A list of up to three IP addresses of DNS servers or domain controllers in the\n self-managed AD directory.

                                                                                                ", "smithy.api#required": {} } } }, "traits": { - "smithy.api#documentation": "

                                                                                                The configuration that Amazon FSx uses to join a Amazon FSx for Windows File Server file system or an ONTAP storage virtual machine (SVM) to\n a self-managed (including on-premises) Microsoft Active Directory (AD)\n directory. For more information, see \n \n Using Amazon FSx with your self-managed Microsoft Active Directory or \n Managing SVMs.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The configuration that Amazon FSx uses to join a FSx for Windows File Server file system or an ONTAP storage virtual machine (SVM) to\n a self-managed (including on-premises) Microsoft Active Directory (AD)\n directory. For more information, see \n \n Using Amazon FSx with your self-managed Microsoft Active Directory or \n Managing SVMs.

                                                                                                " } }, "com.amazonaws.fsx#SelfManagedActiveDirectoryConfigurationUpdates": { @@ -4774,7 +4802,7 @@ "DnsIps": { "target": "com.amazonaws.fsx#DnsIps", "traits": { - "smithy.api#documentation": "

                                                                                                A list of up to two IP addresses of DNS servers or domain controllers in the\n self-managed AD directory.

                                                                                                " + "smithy.api#documentation": "

                                                                                                A list of up to three IP addresses of DNS servers or domain controllers in the\n self-managed AD directory.

                                                                                                " } } }, diff --git a/codegen/sdk-codegen/aws-models/glue.2017-03-31.json b/codegen/sdk-codegen/aws-models/glue.2017-03-31.json index 63ace705eee7..1591323bd21c 100644 --- a/codegen/sdk-codegen/aws-models/glue.2017-03-31.json +++ b/codegen/sdk-codegen/aws-models/glue.2017-03-31.json @@ -3983,6 +3983,12 @@ "smithy.api#documentation": "

                                                                                                A ConnectionInput object defining the connection\n to create.

                                                                                                ", "smithy.api#required": {} } + }, + "Tags": { + "target": "com.amazonaws.glue#TagsMap", + "traits": { + "smithy.api#documentation": "

                                                                                                The tags you assign to the connection.

                                                                                                " + } } } }, @@ -10240,7 +10246,10 @@ } }, "ExcludeColumnSchema": { - "target": "com.amazonaws.glue#BooleanNullable" + "target": "com.amazonaws.glue#BooleanNullable", + "traits": { + "smithy.api#documentation": "

                                                                                                When true, specifies not returning the partition column schema. Useful when you are interested only in other partition attributes such as partition values or location. This approach avoids the problem of a large response by not returning duplicate data.

                                                                                                " + } } } }, diff --git a/codegen/sdk-codegen/aws-models/grafana.2020-08-18.json b/codegen/sdk-codegen/aws-models/grafana.2020-08-18.json new file mode 100644 index 000000000000..157b5ee2cbac --- /dev/null +++ b/codegen/sdk-codegen/aws-models/grafana.2020-08-18.json @@ -0,0 +1,2311 @@ +{ + "smithy": "1.0", + "shapes": { + "com.amazonaws.grafana#AWSGrafanaControlPlane": { + "type": "service", + "version": "2020-08-18", + "resources": [ + { + "target": "com.amazonaws.grafana#Authentication" + }, + { + "target": "com.amazonaws.grafana#License" + }, + { + "target": "com.amazonaws.grafana#Permission" + }, + { + "target": "com.amazonaws.grafana#Workspace" + } + ], + "traits": { + "aws.api#controlPlane": {}, + "aws.api#service": { + "sdkId": "grafana", + "arnNamespace": "grafana", + "cloudFormationName": "AWSGrafanaControlPlane", + "cloudTrailEventSource": "EVENT_SOURCE_VALUE", + "endpointPrefix": "grafana" + }, + "aws.auth#sigv4": { + "name": "grafana" + }, + "aws.protocols#restJson1": {}, + "smithy.api#cors": { + "additionalAllowedHeaders": [ + "x-amz-content-sha256", + "x-amzn-trace-id", + "x-amz-user-agent", + "*", + "content-type", + "x-amzn-platform-id" + ], + "additionalExposedHeaders": [ + "x-amzn-trace-id", + "x-amzn-errortype", + "x-amzn-requestid", + "x-amzn-errormessage", + "x-amz-apigw-id,date", + "cache-control" + ] + }, + "smithy.api#documentation": "

                                                                                                Amazon Managed Grafana is a fully managed and secure data visualization service that you can use to \n instantly query, correlate, and visualize operational metrics, logs, and traces from multiple sources. \n Amazon Managed Grafana makes it easy to deploy, operate, and scale Grafana, a widely deployed data visualization tool \n that is popular for its extensible data support.

                                                                                                \n

                                                                                                With Amazon Managed Grafana, you create logically isolated Grafana servers called workspaces. In\n a workspace, you can create Grafana dashboards and visualizations to analyze your metrics, logs, and traces without having to\n build, package, or deploy any hardware to run Grafana servers.

                                                                                                ", + "smithy.api#title": "Amazon Managed Grafana" + } + }, + "com.amazonaws.grafana#AccessDeniedException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                You do not have sufficient permissions to perform this action.

                                                                                                ", + "smithy.api#error": "client", + "smithy.api#httpError": 403 + } + }, + "com.amazonaws.grafana#AccountAccessType": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "CURRENT_ACCOUNT", + "name": "CURRENT_ACCOUNT", + "documentation": "Indicates that the customer is using Grafana to monitor resources in their current account." + }, + { + "value": "ORGANIZATION", + "name": "ORGANIZATION", + "documentation": "Indicates that the customer is using Grafana to monitor resources in organizational units." + } + ] + } + }, + "com.amazonaws.grafana#AllowedOrganization": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 256 + } + } + }, + "com.amazonaws.grafana#AllowedOrganizations": { + "type": "list", + "member": { + "target": "com.amazonaws.grafana#AllowedOrganization" + } + }, + "com.amazonaws.grafana#AssertionAttribute": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 256 + } + } + }, + "com.amazonaws.grafana#AssertionAttributes": { + "type": "structure", + "members": { + "name": { + "target": "com.amazonaws.grafana#AssertionAttribute", + "traits": { + "smithy.api#documentation": "

                                                                                                The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for SAML users.

                                                                                                " + } + }, + "login": { + "target": "com.amazonaws.grafana#AssertionAttribute", + "traits": { + "smithy.api#documentation": "

                                                                                                The name of the attribute within the SAML assertion to use as the login names for SAML users.

                                                                                                " + } + }, + "email": { + "target": "com.amazonaws.grafana#AssertionAttribute", + "traits": { + "smithy.api#documentation": "

                                                                                                The name of the attribute within the SAML assertion to use as the email names for SAML users.

                                                                                                " + } + }, + "groups": { + "target": "com.amazonaws.grafana#AssertionAttribute", + "traits": { + "smithy.api#documentation": "

                                                                                                The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for user groups.

                                                                                                " + } + }, + "role": { + "target": "com.amazonaws.grafana#AssertionAttribute", + "traits": { + "smithy.api#documentation": "

                                                                                                The name of the attribute within the SAML assertion to use as the user roles.

                                                                                                " + } + }, + "org": { + "target": "com.amazonaws.grafana#AssertionAttribute", + "traits": { + "smithy.api#documentation": "

                                                                                                The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for the users' organizations.

                                                                                                " + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                A structure that defines which attributes in the IdP assertion are to be used to define\n information about the users authenticated by the IdP to use the workspace.

                                                                                                " + } + }, + "com.amazonaws.grafana#AssociateLicense": { + "type": "operation", + "input": { + "target": "com.amazonaws.grafana#AssociateLicenseRequest" + }, + "output": { + "target": "com.amazonaws.grafana#AssociateLicenseResponse" + }, + "errors": [ + { + "target": "com.amazonaws.grafana#AccessDeniedException" + }, + { + "target": "com.amazonaws.grafana#InternalServerException" + }, + { + "target": "com.amazonaws.grafana#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.grafana#ThrottlingException" + }, + { + "target": "com.amazonaws.grafana#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

                                                                                                Assigns a Grafana Enterprise license to a workspace. Upgrading to Grafana Enterprise\n incurs additional fees. For more information, see Upgrade a workspace to\n Grafana Enterprise.

                                                                                                ", + "smithy.api#http": { + "method": "POST", + "uri": "/workspaces/{workspaceId}/licenses/{licenseType}", + "code": 202 + } + } + }, + "com.amazonaws.grafana#AssociateLicenseRequest": { + "type": "structure", + "members": { + "workspaceId": { + "target": "com.amazonaws.grafana#WorkspaceId", + "traits": { + "smithy.api#documentation": "

                                                                                                The ID of the workspace to associate the license with.

                                                                                                ", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "licenseType": { + "target": "com.amazonaws.grafana#LicenseType", + "traits": { + "smithy.api#documentation": "

                                                                                                The type of license to associate with the workspace.

                                                                                                ", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.grafana#AssociateLicenseResponse": { + "type": "structure", + "members": { + "workspace": { + "target": "com.amazonaws.grafana#WorkspaceDescription", + "traits": { + "smithy.api#documentation": "

                                                                                                A structure containing data about the workspace.

                                                                                                ", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.grafana#Authentication": { + "type": "resource", + "identifiers": { + "workspaceId": { + "target": "com.amazonaws.grafana#WorkspaceId" + } + }, + "operations": [ + { + "target": "com.amazonaws.grafana#DescribeWorkspaceAuthentication" + }, + { + "target": "com.amazonaws.grafana#UpdateWorkspaceAuthentication" + } + ], + "traits": { + "aws.api#arn": { + "template": "workspaces/{workspaceId}/authentication", + "absolute": false, + "noAccount": false, + "noRegion": false + } + } + }, + "com.amazonaws.grafana#AuthenticationDescription": { + "type": "structure", + "members": { + "providers": { + "target": "com.amazonaws.grafana#AuthenticationProviders", + "traits": { + "smithy.api#documentation": "

                                                                                                Specifies whether this workspace uses Amazon Web Services SSO, SAML, or both methods to authenticate\n users to use the Grafana console in the Amazon Managed Grafana workspace.

                                                                                                ", + "smithy.api#required": {} + } + }, + "saml": { + "target": "com.amazonaws.grafana#SamlAuthentication", + "traits": { + "smithy.api#documentation": "

                                                                                                A structure containing information about how this workspace works with \n SAML, including what attributes within the assertion are to be mapped to user information in the workspace.

                                                                                                " + } + }, + "awsSso": { + "target": "com.amazonaws.grafana#AwsSsoAuthentication", + "traits": { + "smithy.api#documentation": "

                                                                                                A structure containing information about how this workspace works with \n Amazon Web Services SSO.

                                                                                                " + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                A structure containing information about the user authentication methods used by the workspace.

                                                                                                " + } + }, + "com.amazonaws.grafana#AuthenticationProviderTypes": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "AWS_SSO", + "name": "AWS_SSO", + "documentation": "Indicates that AMG workspace has AWS SSO enabled as its authentication provider." + }, + { + "value": "SAML", + "name": "SAML", + "documentation": "Indicates that the AMG workspace has SAML enabled as its authentication provider." + } + ] + } + }, + "com.amazonaws.grafana#AuthenticationProviders": { + "type": "list", + "member": { + "target": "com.amazonaws.grafana#AuthenticationProviderTypes" + } + }, + "com.amazonaws.grafana#AuthenticationSummary": { + "type": "structure", + "members": { + "providers": { + "target": "com.amazonaws.grafana#AuthenticationProviders", + "traits": { + "smithy.api#documentation": "

                                                                                                Specifies whether the workspace uses SAML, Amazon Web Services SSO, or both methods for user\n authentication.

                                                                                                ", + "smithy.api#required": {} + } + }, + "samlConfigurationStatus": { + "target": "com.amazonaws.grafana#SamlConfigurationStatus", + "traits": { + "smithy.api#documentation": "

                                                                                                Specifies whether the workplace's user authentication method is fully configured.

                                                                                                " + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                A structure that describes whether the workspace uses SAML, Amazon Web Services SSO, or both methods\n for user authentication, and whether that authentication is fully configured.

                                                                                                " + } + }, + "com.amazonaws.grafana#AwsSsoAuthentication": { + "type": "structure", + "members": { + "ssoClientId": { + "target": "com.amazonaws.grafana#SSOClientId", + "traits": { + "smithy.api#documentation": "

                                                                                                The ID of the Amazon Web Services SSO-managed application that is created by Amazon Managed Grafana.

                                                                                                " + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                A structure containing information about how this workspace works with \n Amazon Web Services SSO.

                                                                                                " + } + }, + "com.amazonaws.grafana#ClientToken": { + "type": "string", + "traits": { + "smithy.api#pattern": "^[!-~]{1,64}$" + } + }, + "com.amazonaws.grafana#ConflictException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

                                                                                                A description of the error.

                                                                                                ", + "smithy.api#required": {} + } + }, + "resourceId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

                                                                                                The ID of the resource that is associated with the error.

                                                                                                ", + "smithy.api#required": {} + } + }, + "resourceType": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

                                                                                                The type of the resource that is associated with the error.

                                                                                                ", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                A resource was in an inconsistent state during an update or a deletion.

                                                                                                ", + "smithy.api#error": "client", + "smithy.api#httpError": 409 + } + }, + "com.amazonaws.grafana#CreateWorkspace": { + "type": "operation", + "input": { + "target": "com.amazonaws.grafana#CreateWorkspaceRequest" + }, + "output": { + "target": "com.amazonaws.grafana#CreateWorkspaceResponse" + }, + "errors": [ + { + "target": "com.amazonaws.grafana#AccessDeniedException" + }, + { + "target": "com.amazonaws.grafana#ConflictException" + }, + { + "target": "com.amazonaws.grafana#InternalServerException" + }, + { + "target": "com.amazonaws.grafana#ServiceQuotaExceededException" + }, + { + "target": "com.amazonaws.grafana#ThrottlingException" + }, + { + "target": "com.amazonaws.grafana#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

                                                                                                Creates a workspace. In a workspace, you can create Grafana\n dashboards and visualizations to analyze your metrics, logs, and traces. You don't have to\n build, package, or deploy any hardware to run the Grafana server.

                                                                                                \n

                                                                                                Don't use CreateWorkspace to modify an existing workspace. Instead, \n use UpdateWorkspace.

                                                                                                ", + "smithy.api#http": { + "method": "POST", + "uri": "/workspaces", + "code": 202 + }, + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.grafana#CreateWorkspaceRequest": { + "type": "structure", + "members": { + "accountAccessType": { + "target": "com.amazonaws.grafana#AccountAccessType", + "traits": { + "smithy.api#documentation": "

                                                                                                Specifies whether the workspace can access Amazon Web Services resources in this Amazon Web Services account only, or whether it can also access Amazon Web Services resources in\n other accounts in the same organization. If you specify ORGANIZATION, you must\n specify which organizational units the workspace can access in the\n workspaceOrganizationalUnits parameter.

                                                                                                ", + "smithy.api#required": {} + } + }, + "clientToken": { + "target": "com.amazonaws.grafana#ClientToken", + "traits": { + "smithy.api#documentation": "

                                                                                                A unique, case-sensitive, user-provided identifier to ensure the idempotency of the request.

                                                                                                ", + "smithy.api#idempotencyToken": {} + } + }, + "organizationRoleName": { + "target": "com.amazonaws.grafana#OrganizationRoleName", + "traits": { + "smithy.api#documentation": "

                                                                                                The name of an IAM role that already exists to use with Organizations to access Amazon Web Services\n data sources and notification channels in other accounts in an organization.

                                                                                                " + } + }, + "permissionType": { + "target": "com.amazonaws.grafana#PermissionType", + "traits": { + "smithy.api#documentation": "

                                                                                                If you specify Service Managed, Amazon Managed Grafana automatically creates\n the IAM roles and provisions the permissions that the workspace needs to use\n Amazon Web Services data sources and notification channels.

                                                                                                \n

                                                                                                If you specify CUSTOMER_MANAGED, you will manage those roles and\n permissions yourself. If you are creating this workspace in a member account of an\n organization that is not a delegated administrator account, and you want the workspace to access data sources in other Amazon Web Services\n accounts in the organization, you must choose CUSTOMER_MANAGED.

                                                                                                \n

                                                                                                For more information, see Amazon Managed Grafana permissions and policies for\n Amazon Web Services data sources and notification channels\n

                                                                                                ", + "smithy.api#required": {} + } + }, + "stackSetName": { + "target": "com.amazonaws.grafana#StackSetName", + "traits": { + "smithy.api#documentation": "

                                                                                                The name of the CloudFormation stack set to use to generate IAM roles\n to be used for this workspace.

                                                                                                " + } + }, + "workspaceDataSources": { + "target": "com.amazonaws.grafana#DataSourceTypesList", + "traits": { + "smithy.api#documentation": "

                                                                                                Specify the Amazon Web Services data sources that you want to be queried in this\n workspace. Specifying these data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow Amazon Managed Grafana to read data from these\n sources. You must still add them as data sources in the Grafana console in the\n workspace.

                                                                                                \n

                                                                                                If you don't specify a data source here, you can still add it as a data source in the\n workspace console later. However, you will then have to manually configure permissions for\n it.

                                                                                                " + } + }, + "workspaceDescription": { + "target": "com.amazonaws.grafana#Description", + "traits": { + "smithy.api#documentation": "

                                                                                                A description for the workspace. This is used only to help you identify this workspace.

                                                                                                " + } + }, + "workspaceName": { + "target": "com.amazonaws.grafana#WorkspaceName", + "traits": { + "smithy.api#documentation": "

                                                                                                The name for the workspace. It does not have to be unique.

                                                                                                " + } + }, + "workspaceNotificationDestinations": { + "target": "com.amazonaws.grafana#NotificationDestinationsList", + "traits": { + "smithy.api#documentation": "

                                                                                                Specify the Amazon Web Services notification channels that you plan to use in this workspace. Specifying these \n data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow \n Amazon Managed Grafana to use these channels.

                                                                                                " + } + }, + "workspaceOrganizationalUnits": { + "target": "com.amazonaws.grafana#OrganizationalUnitList", + "traits": { + "smithy.api#documentation": "

                                                                                                Specifies the organizational units that this workspace is allowed to use data sources\n from, if this workspace is in an account that is part of an organization.

                                                                                                " + } + }, + "workspaceRoleArn": { + "target": "com.amazonaws.grafana#IamRoleArn", + "traits": { + "smithy.api#documentation": "

                                                                                                The workspace needs an IAM role that grants permissions to the Amazon Web Services resources that the \n workspace will view data from. If you already have a role that you want to use, specify it here. If you omit\n this field and you specify some Amazon Web Services resources in workspaceDataSources or\n workspaceNotificationDestinations, a new IAM role with the necessary permissions is \n automatically created.

                                                                                                " + } + }, + "authenticationProviders": { + "target": "com.amazonaws.grafana#AuthenticationProviders", + "traits": { + "smithy.api#documentation": "

                                                                                                Specifies whether this workspace uses SAML 2.0, Amazon Web Services Single Sign On, or both to authenticate \n users for using the Grafana console within a workspace. For more information, \n see User authentication in \n Amazon Managed Grafana.

                                                                                                ", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.grafana#CreateWorkspaceResponse": { + "type": "structure", + "members": { + "workspace": { + "target": "com.amazonaws.grafana#WorkspaceDescription", + "traits": { + "smithy.api#documentation": "

                                                                                                A structure containing data about the workspace that was created.

                                                                                                ", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.grafana#DataSourceType": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "AMAZON_OPENSEARCH_SERVICE", + "name": "AMAZON_OPENSEARCH_SERVICE", + "documentation": "Amazon OpenSearch Service" + }, + { + "value": "CLOUDWATCH", + "name": "CLOUDWATCH", + "documentation": "CloudWatch Logs" + }, + { + "value": "PROMETHEUS", + "name": "PROMETHEUS", + "documentation": "Managed Prometheus" + }, + { + "value": "XRAY", + "name": "XRAY", + "documentation": "X-Ray" + }, + { + "value": "TIMESTREAM", + "name": "TIMESTREAM", + "documentation": "Timestream" + }, + { + "value": "SITEWISE", + "name": "SITEWISE", + "documentation": "IoT SiteWise" + } + ] + } + }, + "com.amazonaws.grafana#DataSourceTypesList": { + "type": "list", + "member": { + "target": "com.amazonaws.grafana#DataSourceType" + } + }, + "com.amazonaws.grafana#DeleteWorkspace": { + "type": "operation", + "input": { + "target": "com.amazonaws.grafana#DeleteWorkspaceRequest" + }, + "output": { + "target": "com.amazonaws.grafana#DeleteWorkspaceResponse" + }, + "errors": [ + { + "target": "com.amazonaws.grafana#AccessDeniedException" + }, + { + "target": "com.amazonaws.grafana#ConflictException" + }, + { + "target": "com.amazonaws.grafana#InternalServerException" + }, + { + "target": "com.amazonaws.grafana#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.grafana#ThrottlingException" + }, + { + "target": "com.amazonaws.grafana#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

                                                                                                Deletes an Amazon Managed Grafana workspace.

                                                                                                ", + "smithy.api#http": { + "method": "DELETE", + "uri": "/workspaces/{workspaceId}", + "code": 202 + }, + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.grafana#DeleteWorkspaceRequest": { + "type": "structure", + "members": { + "workspaceId": { + "target": "com.amazonaws.grafana#WorkspaceId", + "traits": { + "smithy.api#documentation": "

                                                                                                The ID of the workspace to delete.

                                                                                                ", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.grafana#DeleteWorkspaceResponse": { + "type": "structure", + "members": { + "workspace": { + "target": "com.amazonaws.grafana#WorkspaceDescription", + "traits": { + "smithy.api#documentation": "

                                                                                                A structure containing information about the workspace that was deleted.

                                                                                                ", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.grafana#DescribeWorkspace": { + "type": "operation", + "input": { + "target": "com.amazonaws.grafana#DescribeWorkspaceRequest" + }, + "output": { + "target": "com.amazonaws.grafana#DescribeWorkspaceResponse" + }, + "errors": [ + { + "target": "com.amazonaws.grafana#AccessDeniedException" + }, + { + "target": "com.amazonaws.grafana#InternalServerException" + }, + { + "target": "com.amazonaws.grafana#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.grafana#ThrottlingException" + }, + { + "target": "com.amazonaws.grafana#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

                                                                                                Displays information about one Amazon Managed Grafana workspace.

                                                                                                ", + "smithy.api#http": { + "method": "GET", + "uri": "/workspaces/{workspaceId}", + "code": 200 + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.grafana#DescribeWorkspaceAuthentication": { + "type": "operation", + "input": { + "target": "com.amazonaws.grafana#DescribeWorkspaceAuthenticationRequest" + }, + "output": { + "target": "com.amazonaws.grafana#DescribeWorkspaceAuthenticationResponse" + }, + "errors": [ + { + "target": "com.amazonaws.grafana#AccessDeniedException" + }, + { + "target": "com.amazonaws.grafana#InternalServerException" + }, + { + "target": "com.amazonaws.grafana#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.grafana#ThrottlingException" + }, + { + "target": "com.amazonaws.grafana#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

                                                                                                Displays information about the authentication methods used in one Amazon Managed Grafana workspace.

                                                                                                ", + "smithy.api#http": { + "method": "GET", + "uri": "/workspaces/{workspaceId}/authentication", + "code": 200 + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.grafana#DescribeWorkspaceAuthenticationRequest": { + "type": "structure", + "members": { + "workspaceId": { + "target": "com.amazonaws.grafana#WorkspaceId", + "traits": { + "smithy.api#documentation": "

                                                                                                The ID of the workspace to return authentication information about.

                                                                                                ", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.grafana#DescribeWorkspaceAuthenticationResponse": { + "type": "structure", + "members": { + "authentication": { + "target": "com.amazonaws.grafana#AuthenticationDescription", + "traits": { + "smithy.api#documentation": "

                                                                                                A structure containing information about the authentication methods used in \n the workspace.

                                                                                                ", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.grafana#DescribeWorkspaceRequest": { + "type": "structure", + "members": { + "workspaceId": { + "target": "com.amazonaws.grafana#WorkspaceId", + "traits": { + "smithy.api#documentation": "

                                                                                                The ID of the workspace to display information about.

                                                                                                ", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.grafana#DescribeWorkspaceResponse": { + "type": "structure", + "members": { + "workspace": { + "target": "com.amazonaws.grafana#WorkspaceDescription", + "traits": { + "smithy.api#documentation": "

                                                                                                A structure containing information about the workspace.

                                                                                                ", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.grafana#Description": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 2048 + }, + "smithy.api#sensitive": {} + } + }, + "com.amazonaws.grafana#DisassociateLicense": { + "type": "operation", + "input": { + "target": "com.amazonaws.grafana#DisassociateLicenseRequest" + }, + "output": { + "target": "com.amazonaws.grafana#DisassociateLicenseResponse" + }, + "errors": [ + { + "target": "com.amazonaws.grafana#AccessDeniedException" + }, + { + "target": "com.amazonaws.grafana#InternalServerException" + }, + { + "target": "com.amazonaws.grafana#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.grafana#ThrottlingException" + }, + { + "target": "com.amazonaws.grafana#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

                                                                                                Removes the Grafana Enterprise license from a workspace.

                                                                                                ", + "smithy.api#http": { + "method": "DELETE", + "uri": "/workspaces/{workspaceId}/licenses/{licenseType}", + "code": 202 + } + } + }, + "com.amazonaws.grafana#DisassociateLicenseRequest": { + "type": "structure", + "members": { + "workspaceId": { + "target": "com.amazonaws.grafana#WorkspaceId", + "traits": { + "smithy.api#documentation": "

                                                                                                The ID of the workspace to remove the Grafana Enterprise license from.

                                                                                                ", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "licenseType": { + "target": "com.amazonaws.grafana#LicenseType", + "traits": { + "smithy.api#documentation": "

                                                                                                The type of license to remove from the workspace.

                                                                                                ", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.grafana#DisassociateLicenseResponse": { + "type": "structure", + "members": { + "workspace": { + "target": "com.amazonaws.grafana#WorkspaceDescription", + "traits": { + "smithy.api#documentation": "

                                                                                                A structure containing information about the workspace.

                                                                                                ", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.grafana#Endpoint": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 2048 + } + } + }, + "com.amazonaws.grafana#GrafanaVersion": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 255 + } + } + }, + "com.amazonaws.grafana#IamRoleArn": { + "type": "string", + "traits": { + "aws.api#arnReference": { + "type": "AWS::IAM::Role" + }, + "smithy.api#length": { + "min": 1, + "max": 2048 + }, + "smithy.api#sensitive": {} + } + }, + "com.amazonaws.grafana#IdpMetadata": { + "type": "union", + "members": { + "url": { + "target": "com.amazonaws.grafana#IdpMetadataUrl", + "traits": { + "smithy.api#documentation": "

                                                                                                The URL of the location containing the metadata.

                                                                                                " + } + }, + "xml": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

                                                                                                The actual full metadata file, in XML format.

                                                                                                " + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                A structure containing the identity provider (IdP) metadata used to integrate the\n identity provider with this workspace. You can specify the metadata either by providing a\n URL to its location in the url parameter, or by specifying the full metadata\n in XML format in the xml parameter.

                                                                                                " + } + }, + "com.amazonaws.grafana#IdpMetadataUrl": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 2048 + } + } + }, + "com.amazonaws.grafana#InternalServerException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

                                                                                                A description of the error.

                                                                                                ", + "smithy.api#required": {} + } + }, + "retryAfterSeconds": { + "target": "smithy.api#Integer", + "traits": { + "smithy.api#documentation": "

                                                                                                How long to wait before you retry this operation.

                                                                                                ", + "smithy.api#httpHeader": "Retry-After" + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                Unexpected error while processing the request. Retry the request.

                                                                                                ", + "smithy.api#error": "server", + "smithy.api#httpError": 500, + "smithy.api#retryable": {} + } + }, + "com.amazonaws.grafana#License": { + "type": "resource", + "identifiers": { + "workspaceId": { + "target": "com.amazonaws.grafana#WorkspaceId" + }, + "licenseType": { + "target": "com.amazonaws.grafana#LicenseType" + } + }, + "operations": [ + { + "target": "com.amazonaws.grafana#AssociateLicense" + }, + { + "target": "com.amazonaws.grafana#DisassociateLicense" + } + ], + "traits": { + "aws.api#arn": { + "template": "workspaces/{workspaceId}/licenses/{licenseType}", + "absolute": false, + "noAccount": false, + "noRegion": false + } + } + }, + "com.amazonaws.grafana#LicenseType": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "ENTERPRISE", + "name": "ENTERPRISE", + "documentation": "Grafana Enterprise License." + }, + { + "value": "ENTERPRISE_FREE_TRIAL", + "name": "ENTERPRISE_FREE_TRIAL", + "documentation": "Grafana Enterprise Free Trial License." + } + ] + } + }, + "com.amazonaws.grafana#ListPermissions": { + "type": "operation", + "input": { + "target": "com.amazonaws.grafana#ListPermissionsRequest" + }, + "output": { + "target": "com.amazonaws.grafana#ListPermissionsResponse" + }, + "errors": [ + { + "target": "com.amazonaws.grafana#AccessDeniedException" + }, + { + "target": "com.amazonaws.grafana#InternalServerException" + }, + { + "target": "com.amazonaws.grafana#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.grafana#ThrottlingException" + }, + { + "target": "com.amazonaws.grafana#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

                                                                                                Lists the users and groups who have the Grafana Admin and \n Editor roles in this workspace. If you use this \n operation without specifying userId or groupId, the operation returns\n the roles of all users\n and groups. If you specify a userId or a groupId, only the roles\n for that user or group are returned. If you do this, you can specify only one userId or \n one groupId.

                                                                                                ", + "smithy.api#http": { + "method": "GET", + "uri": "/workspaces/{workspaceId}/permissions", + "code": 200 + }, + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "items": "permissions", + "pageSize": "maxResults" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.grafana#ListPermissionsRequest": { + "type": "structure", + "members": { + "maxResults": { + "target": "smithy.api#Integer", + "traits": { + "smithy.api#documentation": "

                                                                                                The maximum number of results to include in the response.

                                                                                                ", + "smithy.api#httpQuery": "maxResults", + "smithy.api#range": { + "min": 1, + "max": 100 + } + } + }, + "nextToken": { + "target": "com.amazonaws.grafana#PaginationToken", + "traits": { + "smithy.api#documentation": "

                                                                                                The token to use when requesting the next set of results. You received this token from a previous \n ListPermissions operation.

                                                                                                ", + "smithy.api#httpQuery": "nextToken" + } + }, + "userType": { + "target": "com.amazonaws.grafana#UserType", + "traits": { + "smithy.api#documentation": "

                                                                                                (Optional) If you specify SSO_USER, then only the permissions of Amazon Web Services SSO users\n are returned. If you specify SSO_GROUP, only the permissions of Amazon Web Services SSO groups\n are returned.

                                                                                                ", + "smithy.api#httpQuery": "userType" + } + }, + "userId": { + "target": "com.amazonaws.grafana#SsoId", + "traits": { + "smithy.api#documentation": "

                                                                                                (Optional) Limits the results to only the user that matches this ID.

                                                                                                ", + "smithy.api#httpQuery": "userId" + } + }, + "groupId": { + "target": "com.amazonaws.grafana#SsoId", + "traits": { + "smithy.api#documentation": "

                                                                                                (Optional) Limits the results to only the group that matches this ID.

                                                                                                ", + "smithy.api#httpQuery": "groupId" + } + }, + "workspaceId": { + "target": "com.amazonaws.grafana#WorkspaceId", + "traits": { + "smithy.api#documentation": "

                                                                                                The ID of the workspace to list permissions for. This parameter is required.

                                                                                                ", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.grafana#ListPermissionsResponse": { + "type": "structure", + "members": { + "nextToken": { + "target": "com.amazonaws.grafana#PaginationToken", + "traits": { + "smithy.api#documentation": "

                                                                                                The token to use in a subsequent ListPermissions operation to return\n the next set of results.

                                                                                                " + } + }, + "permissions": { + "target": "com.amazonaws.grafana#PermissionEntryList", + "traits": { + "smithy.api#documentation": "

                                                                                                The permissions returned by the operation.

                                                                                                ", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.grafana#ListWorkspaces": { + "type": "operation", + "input": { + "target": "com.amazonaws.grafana#ListWorkspacesRequest" + }, + "output": { + "target": "com.amazonaws.grafana#ListWorkspacesResponse" + }, + "errors": [ + { + "target": "com.amazonaws.grafana#AccessDeniedException" + }, + { + "target": "com.amazonaws.grafana#InternalServerException" + }, + { + "target": "com.amazonaws.grafana#ThrottlingException" + } + ], + "traits": { + "smithy.api#documentation": "

                                                                                                Returns a list of Amazon Managed Grafana workspaces in the account, with some information\n about each workspace. For more complete information about one workspace, use DescribeWorkspace.

                                                                                                ", + "smithy.api#http": { + "method": "GET", + "uri": "/workspaces", + "code": 200 + }, + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "items": "workspaces", + "pageSize": "maxResults" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.grafana#ListWorkspacesRequest": { + "type": "structure", + "members": { + "maxResults": { + "target": "smithy.api#Integer", + "traits": { + "smithy.api#documentation": "

                                                                                                The maximum number of workspaces to include in the results.

                                                                                                ", + "smithy.api#httpQuery": "maxResults", + "smithy.api#range": { + "min": 1, + "max": 100 + } + } + }, + "nextToken": { + "target": "com.amazonaws.grafana#PaginationToken", + "traits": { + "smithy.api#documentation": "

                                                                                                The token for the next set of workspaces to return. (You receive this token from a\n previous ListWorkspaces operation.)

                                                                                                ", + "smithy.api#httpQuery": "nextToken" + } + } + } + }, + "com.amazonaws.grafana#ListWorkspacesResponse": { + "type": "structure", + "members": { + "workspaces": { + "target": "com.amazonaws.grafana#WorkspaceList", + "traits": { + "smithy.api#documentation": "

                                                                                                An array of structures that contain some information about the workspaces in the account.

                                                                                                ", + "smithy.api#required": {} + } + }, + "nextToken": { + "target": "com.amazonaws.grafana#PaginationToken", + "traits": { + "smithy.api#documentation": "

                                                                                                The token to use when requesting the next set of workspaces.

                                                                                                " + } + } + } + }, + "com.amazonaws.grafana#LoginValidityDuration": { + "type": "integer" + }, + "com.amazonaws.grafana#NotificationDestinationType": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "SNS", + "name": "SNS", + "documentation": "AWS Simple Notification Service" + } + ] + } + }, + "com.amazonaws.grafana#NotificationDestinationsList": { + "type": "list", + "member": { + "target": "com.amazonaws.grafana#NotificationDestinationType" + } + }, + "com.amazonaws.grafana#OrganizationRoleName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 2048 + }, + "smithy.api#sensitive": {} + } + }, + "com.amazonaws.grafana#OrganizationalUnit": { + "type": "string" + }, + "com.amazonaws.grafana#OrganizationalUnitList": { + "type": "list", + "member": { + "target": "com.amazonaws.grafana#OrganizationalUnit" + }, + "traits": { + "smithy.api#sensitive": {} + } + }, + "com.amazonaws.grafana#PaginationToken": { + "type": "string" + }, + "com.amazonaws.grafana#Permission": { + "type": "resource", + "identifiers": { + "permissionId": { + "target": "smithy.api#String" + }, + "workspaceId": { + "target": "com.amazonaws.grafana#WorkspaceId" + } + }, + "list": { + "target": "com.amazonaws.grafana#ListPermissions" + }, + "collectionOperations": [ + { + "target": "com.amazonaws.grafana#UpdatePermissions" + } + ], + "traits": { + "aws.api#arn": { + "template": "workspaces/{workspaceId}/permissions/{permissionId}", + "absolute": false, + "noAccount": false, + "noRegion": false + } + } + }, + "com.amazonaws.grafana#PermissionEntry": { + "type": "structure", + "members": { + "user": { + "target": "com.amazonaws.grafana#User", + "traits": { + "smithy.api#documentation": "

                                                                                                A structure with the ID of the user or group with this role.

                                                                                                ", + "smithy.api#required": {} + } + }, + "role": { + "target": "com.amazonaws.grafana#Role", + "traits": { + "smithy.api#documentation": "

                                                                                                Specifies whether the user or group has the Admin\n or Editor role.

                                                                                                ", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                A structure containing the identity of one user or group and the Admin\n or Editor role that they have.

                                                                                                " + } + }, + "com.amazonaws.grafana#PermissionEntryList": { + "type": "list", + "member": { + "target": "com.amazonaws.grafana#PermissionEntry" + } + }, + "com.amazonaws.grafana#PermissionType": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "CUSTOMER_MANAGED", + "name": "CUSTOMER_MANAGED", + "documentation": "Customer Managed" + }, + { + "value": "SERVICE_MANAGED", + "name": "SERVICE_MANAGED", + "documentation": "Service Managed" + } + ] + } + }, + "com.amazonaws.grafana#ResourceNotFoundException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

                                                                                                The value of a parameter in the request caused an error.

                                                                                                ", + "smithy.api#required": {} + } + }, + "resourceId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

                                                                                                The ID of the resource that is associated with the error.

                                                                                                ", + "smithy.api#required": {} + } + }, + "resourceType": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

                                                                                                The type of the resource that is associated with the error.

                                                                                                ", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                The request references a resource that does not exist.

                                                                                                ", + "smithy.api#error": "client", + "smithy.api#httpError": 404 + } + }, + "com.amazonaws.grafana#Role": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "ADMIN", + "name": "ADMIN", + "documentation": "Role Admin." + }, + { + "value": "EDITOR", + "name": "EDITOR", + "documentation": "Role Editor." + } + ] + } + }, + "com.amazonaws.grafana#RoleValue": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 256 + } + } + }, + "com.amazonaws.grafana#RoleValueList": { + "type": "list", + "member": { + "target": "com.amazonaws.grafana#RoleValue" + } + }, + "com.amazonaws.grafana#RoleValues": { + "type": "structure", + "members": { + "editor": { + "target": "com.amazonaws.grafana#RoleValueList", + "traits": { + "smithy.api#documentation": "

                                                                                                A list of groups from the SAML assertion attribute to grant the Grafana\n Editor role to.

                                                                                                " + } + }, + "admin": { + "target": "com.amazonaws.grafana#RoleValueList", + "traits": { + "smithy.api#documentation": "

                                                                                                A list of groups from the SAML assertion attribute to grant the Grafana\n Admin role to.

                                                                                                " + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                This structure defines which groups defined in the SAML assertion attribute are to be mapped \n to the Grafana Admin and Editor roles in the workspace.

                                                                                                " + } + }, + "com.amazonaws.grafana#SSOClientId": { + "type": "string" + }, + "com.amazonaws.grafana#SamlAuthentication": { + "type": "structure", + "members": { + "status": { + "target": "com.amazonaws.grafana#SamlConfigurationStatus", + "traits": { + "smithy.api#documentation": "

                                                                                                Specifies whether the workspace's SAML configuration is complete.

                                                                                                ", + "smithy.api#required": {} + } + }, + "configuration": { + "target": "com.amazonaws.grafana#SamlConfiguration", + "traits": { + "smithy.api#documentation": "

                                                                                                A structure containing details about how this workspace works with \n SAML.

                                                                                                " + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                A structure containing information about how this workspace works with \n SAML.

                                                                                                " + } + }, + "com.amazonaws.grafana#SamlConfiguration": { + "type": "structure", + "members": { + "idpMetadata": { + "target": "com.amazonaws.grafana#IdpMetadata", + "traits": { + "smithy.api#documentation": "

                                                                                                A structure containing the identity provider (IdP) metadata used to integrate the\n identity provider with this workspace.

                                                                                                ", + "smithy.api#required": {} + } + }, + "assertionAttributes": { + "target": "com.amazonaws.grafana#AssertionAttributes", + "traits": { + "smithy.api#documentation": "

                                                                                                A structure that defines which attributes in the SAML assertion are to be used to define information about\n the users authenticated by that IdP to use the workspace.

                                                                                                " + } + }, + "roleValues": { + "target": "com.amazonaws.grafana#RoleValues", + "traits": { + "smithy.api#documentation": "

                                                                                                A structure containing arrays that map group names in the SAML assertion to the \n Grafana Admin and Editor roles in the workspace.

                                                                                                " + } + }, + "allowedOrganizations": { + "target": "com.amazonaws.grafana#AllowedOrganizations", + "traits": { + "smithy.api#documentation": "

                                                                                                Lists which organizations defined in the SAML assertion are allowed to use the Amazon Managed Grafana workspace.\n If this is empty, all organizations in the assertion attribute have access.

                                                                                                " + } + }, + "loginValidityDuration": { + "target": "com.amazonaws.grafana#LoginValidityDuration", + "traits": { + "smithy.api#documentation": "

                                                                                                How long a sign-on session by a SAML user is valid, before the user has to sign on\n again.

                                                                                                " + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                A structure containing information about how this workspace works with \n SAML.

                                                                                                " + } + }, + "com.amazonaws.grafana#SamlConfigurationStatus": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "CONFIGURED", + "name": "CONFIGURED", + "documentation": "Indicates that SAML on an AMG workspace is enabled and has been configured." + }, + { + "value": "NOT_CONFIGURED", + "name": "NOT_CONFIGURED", + "documentation": "Indicates that SAML on an AMG workspace is enabled but has not been configured." + } + ] + } + }, + "com.amazonaws.grafana#ServiceQuotaExceededException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

                                                                                                A description of the error.

                                                                                                ", + "smithy.api#required": {} + } + }, + "resourceId": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

                                                                                                The ID of the resource that is associated with the error.

                                                                                                ", + "smithy.api#required": {} + } + }, + "resourceType": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

                                                                                                The type of the resource that is associated with the error.

                                                                                                ", + "smithy.api#required": {} + } + }, + "serviceCode": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

                                                                                                The value of a parameter in the request caused an error.

                                                                                                ", + "smithy.api#required": {} + } + }, + "quotaCode": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

                                                                                                The ID of the service quota that was exceeded.

                                                                                                ", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                The request would cause a service quota to be exceeded.

                                                                                                ", + "smithy.api#error": "client", + "smithy.api#httpError": 402 + } + }, + "com.amazonaws.grafana#SsoId": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 47 + } + } + }, + "com.amazonaws.grafana#StackSetName": { + "type": "string" + }, + "com.amazonaws.grafana#ThrottlingException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

                                                                                                A description of the error.

                                                                                                ", + "smithy.api#required": {} + } + }, + "serviceCode": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

                                                                                                The ID of the service that is associated with the error.

                                                                                                " + } + }, + "quotaCode": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

                                                                                                The ID of the service quota that was exceeded.

                                                                                                " + } + }, + "retryAfterSeconds": { + "target": "smithy.api#Integer", + "traits": { + "smithy.api#documentation": "

                                                                                                The value of a parameter in the request caused an error.

                                                                                                ", + "smithy.api#httpHeader": "Retry-After" + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                The request was denied because of request throttling. Retry the request.

                                                                                                ", + "smithy.api#error": "client", + "smithy.api#httpError": 429, + "smithy.api#retryable": {} + } + }, + "com.amazonaws.grafana#UpdateAction": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "ADD", + "name": "ADD", + "documentation": "Add permissions." + }, + { + "value": "REVOKE", + "name": "REVOKE", + "documentation": "Revoke permissions." + } + ] + } + }, + "com.amazonaws.grafana#UpdateError": { + "type": "structure", + "members": { + "code": { + "target": "smithy.api#Integer", + "traits": { + "smithy.api#documentation": "

                                                                                                The error code.

                                                                                                ", + "smithy.api#range": { + "min": 100, + "max": 999 + }, + "smithy.api#required": {} + } + }, + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

                                                                                                The message for this error.

                                                                                                ", + "smithy.api#required": {} + } + }, + "causedBy": { + "target": "com.amazonaws.grafana#UpdateInstruction", + "traits": { + "smithy.api#documentation": "

                                                                                                Specifies which permission update caused the error.

                                                                                                ", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                A structure containing information about one error encountered while performing an\n UpdatePermissions operation.

                                                                                                " + } + }, + "com.amazonaws.grafana#UpdateErrorList": { + "type": "list", + "member": { + "target": "com.amazonaws.grafana#UpdateError" + } + }, + "com.amazonaws.grafana#UpdateInstruction": { + "type": "structure", + "members": { + "action": { + "target": "com.amazonaws.grafana#UpdateAction", + "traits": { + "smithy.api#documentation": "

                                                                                                Specifies whether this update is to add or revoke role permissions.

                                                                                                ", + "smithy.api#required": {} + } + }, + "role": { + "target": "com.amazonaws.grafana#Role", + "traits": { + "smithy.api#documentation": "

                                                                                                The role to add or revoke for the user or the group specified in users.

                                                                                                ", + "smithy.api#required": {} + } + }, + "users": { + "target": "com.amazonaws.grafana#UserList", + "traits": { + "smithy.api#documentation": "

                                                                                                A structure that specifies the user or group to add or revoke the role for.

                                                                                                ", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                Contains the instructions for one Grafana role permission update in a\n UpdatePermissions operation.

                                                                                                " + } + }, + "com.amazonaws.grafana#UpdateInstructionBatch": { + "type": "list", + "member": { + "target": "com.amazonaws.grafana#UpdateInstruction" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 20 + } + } + }, + "com.amazonaws.grafana#UpdatePermissions": { + "type": "operation", + "input": { + "target": "com.amazonaws.grafana#UpdatePermissionsRequest" + }, + "output": { + "target": "com.amazonaws.grafana#UpdatePermissionsResponse" + }, + "errors": [ + { + "target": "com.amazonaws.grafana#AccessDeniedException" + }, + { + "target": "com.amazonaws.grafana#InternalServerException" + }, + { + "target": "com.amazonaws.grafana#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.grafana#ThrottlingException" + }, + { + "target": "com.amazonaws.grafana#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

                                                                                                Updates which users in a workspace have the Grafana Admin or Editor roles.

                                                                                                ", + "smithy.api#http": { + "method": "PATCH", + "uri": "/workspaces/{workspaceId}/permissions", + "code": 200 + } + } + }, + "com.amazonaws.grafana#UpdatePermissionsRequest": { + "type": "structure", + "members": { + "updateInstructionBatch": { + "target": "com.amazonaws.grafana#UpdateInstructionBatch", + "traits": { + "smithy.api#documentation": "

                                                                                                An array of structures that contain the permission updates to make.

                                                                                                ", + "smithy.api#required": {} + } + }, + "workspaceId": { + "target": "com.amazonaws.grafana#WorkspaceId", + "traits": { + "smithy.api#documentation": "

                                                                                                The ID of the workspace to update.

                                                                                                ", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.grafana#UpdatePermissionsResponse": { + "type": "structure", + "members": { + "errors": { + "target": "com.amazonaws.grafana#UpdateErrorList", + "traits": { + "smithy.api#documentation": "

                                                                                                An array of structures that contain the errors from the operation, if any.

                                                                                                ", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.grafana#UpdateWorkspace": { + "type": "operation", + "input": { + "target": "com.amazonaws.grafana#UpdateWorkspaceRequest" + }, + "output": { + "target": "com.amazonaws.grafana#UpdateWorkspaceResponse" + }, + "errors": [ + { + "target": "com.amazonaws.grafana#AccessDeniedException" + }, + { + "target": "com.amazonaws.grafana#ConflictException" + }, + { + "target": "com.amazonaws.grafana#InternalServerException" + }, + { + "target": "com.amazonaws.grafana#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.grafana#ThrottlingException" + }, + { + "target": "com.amazonaws.grafana#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

                                                                                                Modifies an existing Amazon Managed Grafana workspace. If you use this operation and omit any \n optional parameters, the existing values of those parameters are not changed.

                                                                                                \n

                                                                                                To modify the user authentication methods that the workspace uses, such as SAML or Amazon Web Services SSO, \n use UpdateWorkspaceAuthentication.

                                                                                                \n

                                                                                                To modify which users in the workspace have the Admin and Editor Grafana roles, \n use UpdatePermissions.

                                                                                                ", + "smithy.api#http": { + "method": "PUT", + "uri": "/workspaces/{workspaceId}", + "code": 202 + } + } + }, + "com.amazonaws.grafana#UpdateWorkspaceAuthentication": { + "type": "operation", + "input": { + "target": "com.amazonaws.grafana#UpdateWorkspaceAuthenticationRequest" + }, + "output": { + "target": "com.amazonaws.grafana#UpdateWorkspaceAuthenticationResponse" + }, + "errors": [ + { + "target": "com.amazonaws.grafana#AccessDeniedException" + }, + { + "target": "com.amazonaws.grafana#ConflictException" + }, + { + "target": "com.amazonaws.grafana#InternalServerException" + }, + { + "target": "com.amazonaws.grafana#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.grafana#ThrottlingException" + }, + { + "target": "com.amazonaws.grafana#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

                                                                                                Use this operation to define the identity provider (IdP) that this workspace\n authenticates users from, using SAML. You can also map SAML assertion attributes to\n workspace user information and define which groups in the assertion attribute are to have\n the Admin and Editor roles in the workspace.

                                                                                                ", + "smithy.api#http": { + "method": "POST", + "uri": "/workspaces/{workspaceId}/authentication", + "code": 200 + } + } + }, + "com.amazonaws.grafana#UpdateWorkspaceAuthenticationRequest": { + "type": "structure", + "members": { + "workspaceId": { + "target": "com.amazonaws.grafana#WorkspaceId", + "traits": { + "smithy.api#documentation": "

                                                                                                The ID of the workspace to update the authentication for.

                                                                                                ", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "authenticationProviders": { + "target": "com.amazonaws.grafana#AuthenticationProviders", + "traits": { + "smithy.api#documentation": "

                                                                                                Specifies whether this workspace uses SAML 2.0, Amazon Web Services Single Sign On, or both to authenticate \n users for using the Grafana console within a workspace. For more information, \n see User authentication in \n Amazon Managed Grafana.

                                                                                                ", + "smithy.api#required": {} + } + }, + "samlConfiguration": { + "target": "com.amazonaws.grafana#SamlConfiguration", + "traits": { + "smithy.api#documentation": "

                                                                                                If the workspace uses SAML, use this structure to\n map SAML assertion attributes to workspace user information and \n define which groups in the assertion attribute are to have the Admin and Editor roles\n in the workspace.

                                                                                                " + } + } + } + }, + "com.amazonaws.grafana#UpdateWorkspaceAuthenticationResponse": { + "type": "structure", + "members": { + "authentication": { + "target": "com.amazonaws.grafana#AuthenticationDescription", + "traits": { + "smithy.api#documentation": "

                                                                                                A structure that describes the user authentication for this workspace after the update is made.

                                                                                                ", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.grafana#UpdateWorkspaceRequest": { + "type": "structure", + "members": { + "accountAccessType": { + "target": "com.amazonaws.grafana#AccountAccessType", + "traits": { + "smithy.api#documentation": "

                                                                                                Specifies whether the workspace can access Amazon Web Services resources in this Amazon Web Services account only, or whether it can also access Amazon Web Services resources in\n other accounts in the same organization. If you specify ORGANIZATION, you must\n specify which organizational units the workspace can access in the\n workspaceOrganizationalUnits parameter.

                                                                                                " + } + }, + "organizationRoleName": { + "target": "com.amazonaws.grafana#OrganizationRoleName", + "traits": { + "smithy.api#documentation": "

                                                                                                The name of an IAM role that already exists to use to access resources through Organizations.

                                                                                                " + } + }, + "permissionType": { + "target": "com.amazonaws.grafana#PermissionType", + "traits": { + "smithy.api#documentation": "

                                                                                                If you specify Service Managed, Amazon Managed Grafana automatically creates\n the IAM roles and provisions the permissions that the workspace needs to use\n Amazon Web Services data sources and notification channels.

                                                                                                \n

                                                                                                If you specify CUSTOMER_MANAGED, you will manage those roles and\n permissions yourself. If you are creating this workspace in a member account of an\n organization and that account is not a delegated administrator account, and you want the workspace to access data sources in other Amazon Web Services\n accounts in the organization, you must choose CUSTOMER_MANAGED.

                                                                                                \n

                                                                                                For more information, see Amazon Managed Grafana permissions and policies for\n Amazon Web Services data sources and notification channels\n

                                                                                                " + } + }, + "stackSetName": { + "target": "com.amazonaws.grafana#StackSetName", + "traits": { + "smithy.api#documentation": "

                                                                                                The name of the CloudFormation stack set to use to generate IAM roles\n to be used for this workspace.

                                                                                                " + } + }, + "workspaceDataSources": { + "target": "com.amazonaws.grafana#DataSourceTypesList", + "traits": { + "smithy.api#documentation": "

                                                                                                Specify the Amazon Web Services data sources that you want to be queried in this\n workspace. Specifying these data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow Amazon Managed Grafana to read data from these\n sources. You must still add them as data sources in the Grafana console in the\n workspace.

                                                                                                \n

                                                                                                If you don't specify a data source here, you can still add it as a data source later in\n the workspace console. However, you will then have to manually configure permissions for\n it.

                                                                                                " + } + }, + "workspaceDescription": { + "target": "com.amazonaws.grafana#Description", + "traits": { + "smithy.api#documentation": "

                                                                                                A description for the workspace. This is used only to help you identify this workspace.

                                                                                                " + } + }, + "workspaceId": { + "target": "com.amazonaws.grafana#WorkspaceId", + "traits": { + "smithy.api#documentation": "

                                                                                                The ID of the workspace to update.

                                                                                                ", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "workspaceName": { + "target": "com.amazonaws.grafana#WorkspaceName", + "traits": { + "smithy.api#documentation": "

                                                                                                A new name for the workspace to update.

                                                                                                " + } + }, + "workspaceNotificationDestinations": { + "target": "com.amazonaws.grafana#NotificationDestinationsList", + "traits": { + "smithy.api#documentation": "

                                                                                                Specify the Amazon Web Services notification channels that you plan to use in this workspace. Specifying these \n data sources here enables Amazon Managed Grafana to create IAM roles and permissions that allow \n Amazon Managed Grafana to use these channels.

                                                                                                " + } + }, + "workspaceOrganizationalUnits": { + "target": "com.amazonaws.grafana#OrganizationalUnitList", + "traits": { + "smithy.api#documentation": "

                                                                                                Specifies the organizational units that this workspace is allowed to use data sources\n from, if this workspace is in an account that is part of an organization.

                                                                                                " + } + }, + "workspaceRoleArn": { + "target": "com.amazonaws.grafana#IamRoleArn", + "traits": { + "smithy.api#documentation": "

                                                                                                The workspace needs an IAM role that grants permissions to the Amazon Web Services resources that the \n workspace will view data from. If you already have a role that you want to use, specify it here. If you omit\n this field and you specify some Amazon Web Services resources in workspaceDataSources or\n workspaceNotificationDestinations, a new IAM role with the necessary permissions is \n automatically created.

                                                                                                " + } + } + } + }, + "com.amazonaws.grafana#UpdateWorkspaceResponse": { + "type": "structure", + "members": { + "workspace": { + "target": "com.amazonaws.grafana#WorkspaceDescription", + "traits": { + "smithy.api#documentation": "

                                                                                                A structure containing data about the workspace that was created.

                                                                                                ", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.grafana#User": { + "type": "structure", + "members": { + "id": { + "target": "com.amazonaws.grafana#SsoId", + "traits": { + "smithy.api#documentation": "

                                                                                                The ID of the user or group.

                                                                                                ", + "smithy.api#required": {} + } + }, + "type": { + "target": "com.amazonaws.grafana#UserType", + "traits": { + "smithy.api#documentation": "

                                                                                                Specifies whether this is a single user or a group.

                                                                                                ", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                A structure that specifies one user or group in the workspace.

                                                                                                " + } + }, + "com.amazonaws.grafana#UserList": { + "type": "list", + "member": { + "target": "com.amazonaws.grafana#User" + } + }, + "com.amazonaws.grafana#UserType": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "SSO_USER", + "name": "SSO_USER", + "documentation": "SSO user." + }, + { + "value": "SSO_GROUP", + "name": "SSO_GROUP", + "documentation": "SSO group." + } + ] + } + }, + "com.amazonaws.grafana#ValidationException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

                                                                                                A description of the error.

                                                                                                ", + "smithy.api#required": {} + } + }, + "reason": { + "target": "com.amazonaws.grafana#ValidationExceptionReason", + "traits": { + "smithy.api#documentation": "

                                                                                                The reason that the operation failed.

                                                                                                ", + "smithy.api#required": {} + } + }, + "fieldList": { + "target": "com.amazonaws.grafana#ValidationExceptionFieldList", + "traits": { + "smithy.api#documentation": "

                                                                                                A list of fields that might be associated with the error.

                                                                                                " + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                The value of a parameter in the request caused an error.

                                                                                                ", + "smithy.api#error": "client", + "smithy.api#httpError": 400 + } + }, + "com.amazonaws.grafana#ValidationExceptionField": { + "type": "structure", + "members": { + "name": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

                                                                                                The name of the field that caused the validation error.

                                                                                                ", + "smithy.api#required": {} + } + }, + "message": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

                                                                                                A message describing why this field couldn't be validated.

                                                                                                ", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                A structure that contains information about a request parameter that caused an error.

                                                                                                " + } + }, + "com.amazonaws.grafana#ValidationExceptionFieldList": { + "type": "list", + "member": { + "target": "com.amazonaws.grafana#ValidationExceptionField" + } + }, + "com.amazonaws.grafana#ValidationExceptionReason": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "UNKNOWN_OPERATION", + "name": "UNKNOWN_OPERATION" + }, + { + "value": "CANNOT_PARSE", + "name": "CANNOT_PARSE" + }, + { + "value": "FIELD_VALIDATION_FAILED", + "name": "FIELD_VALIDATION_FAILED" + }, + { + "value": "OTHER", + "name": "OTHER" + } + ] + } + }, + "com.amazonaws.grafana#Workspace": { + "type": "resource", + "identifiers": { + "workspaceId": { + "target": "com.amazonaws.grafana#WorkspaceId" + } + }, + "create": { + "target": "com.amazonaws.grafana#CreateWorkspace" + }, + "read": { + "target": "com.amazonaws.grafana#DescribeWorkspace" + }, + "update": { + "target": "com.amazonaws.grafana#UpdateWorkspace" + }, + "delete": { + "target": "com.amazonaws.grafana#DeleteWorkspace" + }, + "list": { + "target": "com.amazonaws.grafana#ListWorkspaces" + }, + "traits": { + "aws.api#arn": { + "template": "workspaces/{workspaceId}", + "absolute": false, + "noAccount": false, + "noRegion": false + } + } + }, + "com.amazonaws.grafana#WorkspaceDescription": { + "type": "structure", + "members": { + "accountAccessType": { + "target": "com.amazonaws.grafana#AccountAccessType", + "traits": { + "smithy.api#documentation": "

                                                                                                Specifies whether the workspace can access Amazon Web Services resources in this Amazon Web Services account only, or whether it can also access Amazon Web Services resources in\n other accounts in the same organization. If this is ORGANIZATION, the\n workspaceOrganizationalUnits parameter specifies which organizational units\n the workspace can access.

                                                                                                " + } + }, + "created": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "

                                                                                                The date that the workspace was created.

                                                                                                ", + "smithy.api#required": {} + } + }, + "dataSources": { + "target": "com.amazonaws.grafana#DataSourceTypesList", + "traits": { + "smithy.api#documentation": "

                                                                                                Specifies the Amazon Web Services data sources that have been configured to have IAM \n roles and permissions created to allow \n Amazon Managed Grafana to read data from these sources.

                                                                                                ", + "smithy.api#required": {} + } + }, + "description": { + "target": "com.amazonaws.grafana#Description", + "traits": { + "smithy.api#documentation": "

                                                                                                The user-defined description of the workspace.

                                                                                                " + } + }, + "endpoint": { + "target": "com.amazonaws.grafana#Endpoint", + "traits": { + "smithy.api#documentation": "

                                                                                                The URL that users can use to access the Grafana console in the workspace.

                                                                                                ", + "smithy.api#required": {} + } + }, + "grafanaVersion": { + "target": "com.amazonaws.grafana#GrafanaVersion", + "traits": { + "smithy.api#documentation": "

                                                                                                The version of Grafana supported in this workspace.

                                                                                                ", + "smithy.api#required": {} + } + }, + "id": { + "target": "com.amazonaws.grafana#WorkspaceId", + "traits": { + "smithy.api#documentation": "

                                                                                                The unique ID of this workspace.

                                                                                                ", + "smithy.api#required": {} + } + }, + "modified": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "

                                                                                                The most recent date that the workspace was modified.

                                                                                                ", + "smithy.api#required": {} + } + }, + "name": { + "target": "com.amazonaws.grafana#WorkspaceName", + "traits": { + "smithy.api#documentation": "

                                                                                                The name of the workspace.

                                                                                                " + } + }, + "organizationRoleName": { + "target": "com.amazonaws.grafana#OrganizationRoleName", + "traits": { + "smithy.api#documentation": "

                                                                                                The name of the IAM role that is used to access resources through Organizations.

                                                                                                " + } + }, + "notificationDestinations": { + "target": "com.amazonaws.grafana#NotificationDestinationsList", + "traits": { + "smithy.api#documentation": "

                                                                                                The Amazon Web Services notification channels that Amazon Managed Grafana can automatically create IAM \n roles and permissions for, to allow \n Amazon Managed Grafana to use these channels.

                                                                                                " + } + }, + "organizationalUnits": { + "target": "com.amazonaws.grafana#OrganizationalUnitList", + "traits": { + "smithy.api#documentation": "

                                                                                                Specifies the organizational units that this workspace is allowed to use data sources\n from, if this workspace is in an account that is part of an organization.

                                                                                                " + } + }, + "permissionType": { + "target": "com.amazonaws.grafana#PermissionType", + "traits": { + "smithy.api#documentation": "

                                                                                                If this is Service Managed, Amazon Managed Grafana automatically creates the IAM roles \n and provisions the permissions that the workspace needs to use Amazon Web Services data sources and notification channels.

                                                                                                \n

                                                                                                If this is CUSTOMER_MANAGED, you manage those roles and permissions\n yourself. If you are creating this workspace in a member account of an organization and that account is not a\n delegated administrator account, and\n you want the workspace to access data sources in other Amazon Web Services accounts in the\n organization, you must choose CUSTOMER_MANAGED.

                                                                                                \n

                                                                                                For more information, see Amazon Managed Grafana permissions and policies for\n Amazon Web Services data sources and notification channels\n

                                                                                                " + } + }, + "stackSetName": { + "target": "com.amazonaws.grafana#StackSetName", + "traits": { + "smithy.api#documentation": "

                                                                                                The name of the CloudFormation stack set that is used to generate IAM roles\n to be used for this workspace.

                                                                                                " + } + }, + "status": { + "target": "com.amazonaws.grafana#WorkspaceStatus", + "traits": { + "smithy.api#documentation": "

                                                                                                The current status of the workspace.

                                                                                                ", + "smithy.api#required": {} + } + }, + "workspaceRoleArn": { + "target": "com.amazonaws.grafana#IamRoleArn", + "traits": { + "smithy.api#documentation": "

                                                                                                The IAM role that grants permissions to the Amazon Web Services resources that the \n workspace will view data from. This role must already exist.

                                                                                                " + } + }, + "licenseType": { + "target": "com.amazonaws.grafana#LicenseType", + "traits": { + "smithy.api#documentation": "

                                                                                                Specifies whether this workspace has a full Grafana Enterprise license or a free trial license.

                                                                                                " + } + }, + "freeTrialConsumed": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "

                                                                                                Specifies whether this workspace has already fully used its free trial for Grafana Enterprise.

                                                                                                " + } + }, + "licenseExpiration": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "

                                                                                                If this workspace has a full Grafana Enterprise license, this specifies when the license ends and\n will need to be renewed.

                                                                                                " + } + }, + "freeTrialExpiration": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "

                                                                                                If this workspace is currently in the free trial period for Grafana Enterprise, this value specifies\n when that free trial ends.

                                                                                                " + } + }, + "authentication": { + "target": "com.amazonaws.grafana#AuthenticationSummary", + "traits": { + "smithy.api#documentation": "

                                                                                                A structure that describes whether the workspace uses SAML, Amazon Web Services SSO, or both methods\n for user authentication.

                                                                                                ", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                A structure containing information about an Amazon Managed Grafana workspace in your account.

                                                                                                " + } + }, + "com.amazonaws.grafana#WorkspaceId": { + "type": "string", + "traits": { + "smithy.api#pattern": "^g-[0-9a-f]{10}$" + } + }, + "com.amazonaws.grafana#WorkspaceList": { + "type": "list", + "member": { + "target": "com.amazonaws.grafana#WorkspaceSummary" + } + }, + "com.amazonaws.grafana#WorkspaceName": { + "type": "string", + "traits": { + "smithy.api#pattern": "^[a-zA-Z0-9-._~]{1,255}$", + "smithy.api#sensitive": {} + } + }, + "com.amazonaws.grafana#WorkspaceStatus": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "ACTIVE", + "name": "ACTIVE", + "documentation": "Workspace is active." + }, + { + "value": "CREATING", + "name": "CREATING", + "documentation": "Workspace is being created." + }, + { + "value": "DELETING", + "name": "DELETING", + "documentation": "Workspace is being deleted." + }, + { + "value": "FAILED", + "name": "FAILED", + "documentation": "Workspace is in an invalid state, it can only and should be deleted." + }, + { + "value": "UPDATING", + "name": "UPDATING", + "documentation": "Workspace is being updated." + }, + { + "value": "UPGRADING", + "name": "UPGRADING", + "documentation": "Workspace is being upgraded to enterprise." + }, + { + "value": "DELETION_FAILED", + "name": "DELETION_FAILED", + "documentation": "Workspace deletion failed." + }, + { + "value": "CREATION_FAILED", + "name": "CREATION_FAILED", + "documentation": "Workspace creation failed." + }, + { + "value": "UPDATE_FAILED", + "name": "UPDATE_FAILED", + "documentation": "Workspace update failed." + }, + { + "value": "UPGRADE_FAILED", + "name": "UPGRADE_FAILED", + "documentation": "Workspace upgrade failed." + }, + { + "value": "LICENSE_REMOVAL_FAILED", + "name": "LICENSE_REMOVAL_FAILED", + "documentation": "Failed to remove enterprise license from workspace." + } + ] + } + }, + "com.amazonaws.grafana#WorkspaceSummary": { + "type": "structure", + "members": { + "created": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "

                                                                                                The date that the workspace was created.

                                                                                                ", + "smithy.api#required": {} + } + }, + "description": { + "target": "com.amazonaws.grafana#Description", + "traits": { + "smithy.api#documentation": "

                                                                                                The customer-entered description of the workspace.

                                                                                                " + } + }, + "endpoint": { + "target": "com.amazonaws.grafana#Endpoint", + "traits": { + "smithy.api#documentation": "

                                                                                                The URL endpoint to use to access the Grafana console in the workspace.

                                                                                                ", + "smithy.api#required": {} + } + }, + "grafanaVersion": { + "target": "com.amazonaws.grafana#GrafanaVersion", + "traits": { + "smithy.api#documentation": "

                                                                                                The Grafana version that the workspace is running.

                                                                                                ", + "smithy.api#required": {} + } + }, + "id": { + "target": "com.amazonaws.grafana#WorkspaceId", + "traits": { + "smithy.api#documentation": "

                                                                                                The unique ID of the workspace.

                                                                                                ", + "smithy.api#required": {} + } + }, + "modified": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "

                                                                                                The most recent date that the workspace was modified.

                                                                                                ", + "smithy.api#required": {} + } + }, + "name": { + "target": "com.amazonaws.grafana#WorkspaceName", + "traits": { + "smithy.api#documentation": "

                                                                                                The name of the workspace.

                                                                                                " + } + }, + "notificationDestinations": { + "target": "com.amazonaws.grafana#NotificationDestinationsList", + "traits": { + "smithy.api#documentation": "

                                                                                                The Amazon Web Services notification channels that Amazon Managed Grafana can automatically\n create IAM roles and permissions for, which allows Amazon Managed Grafana to use\n these channels.

                                                                                                " + } + }, + "status": { + "target": "com.amazonaws.grafana#WorkspaceStatus", + "traits": { + "smithy.api#documentation": "

                                                                                                The current status of the workspace.

                                                                                                ", + "smithy.api#required": {} + } + }, + "authentication": { + "target": "com.amazonaws.grafana#AuthenticationSummary", + "traits": { + "smithy.api#documentation": "

                                                                                                A structure containing information about the authentication methods used in \n the workspace.

                                                                                                ", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                A structure that contains some information about one workspace in the account.

                                                                                                " + } + } + } +} diff --git a/codegen/sdk-codegen/aws-models/kendra.2019-02-03.json b/codegen/sdk-codegen/aws-models/kendra.2019-02-03.json index 46454d50ba28..1a2083f1ab39 100644 --- a/codegen/sdk-codegen/aws-models/kendra.2019-02-03.json +++ b/codegen/sdk-codegen/aws-models/kendra.2019-02-03.json @@ -332,30 +332,30 @@ "GreaterThan": { "target": "com.amazonaws.kendra#DocumentAttribute", "traits": { - "smithy.api#documentation": "

                                                                                                Performs a greater than operation on two document attributes. Use\n with a document attribute of type Integer or\n Long.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Performs a greater than operation on two document attributes. Use\n with a document attribute of type Date or\n Long.

                                                                                                " } }, "GreaterThanOrEquals": { "target": "com.amazonaws.kendra#DocumentAttribute", "traits": { - "smithy.api#documentation": "

                                                                                                Performs a greater or equals than operation on two document\n attributes. Use with a document attribute of type Integer\n or Long.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Performs a greater or equals than operation on two document\n attributes. Use with a document attribute of type Date\n or Long.

                                                                                                " } }, "LessThan": { "target": "com.amazonaws.kendra#DocumentAttribute", "traits": { - "smithy.api#documentation": "

                                                                                                Performs a less than operation on two document attributes. Use with\n a document attribute of type Integer or\n Long.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Performs a less than operation on two document attributes. Use with\n a document attribute of type Date or\n Long.

                                                                                                " } }, "LessThanOrEquals": { "target": "com.amazonaws.kendra#DocumentAttribute", "traits": { - "smithy.api#documentation": "

                                                                                                Performs a less than or equals operation on two document attributes.\n Use with a document attribute of type Integer or\n Long.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Performs a less than or equals operation on two document attributes.\n Use with a document attribute of type Date or\n Long.

                                                                                                " } } }, "traits": { - "smithy.api#documentation": "

                                                                                                Provides filtering the query results based on document\n attributes.

                                                                                                \n

                                                                                                When you use the AndAllFilters or\n OrAllFilters, filters you can use 2 layers under the\n first attribute filter. For example, you can use:

                                                                                                \n

                                                                                                \n \n

                                                                                                \n
                                                                                                  \n
                                                                                                1. \n

                                                                                                  \n \n

                                                                                                  \n
                                                                                                  2. \n
                                                                                                2. \n

                                                                                                  \n \n

                                                                                                  \n
                                                                                                  3. \n
                                                                                                \n

                                                                                                If you use more than 2 layers, you receive a\n ValidationException exception with the message\n \"AttributeFilter cannot have a depth of more than\n 2.\"

                                                                                                \n

                                                                                                If you use more than 10 attribute filters, you receive a \n ValidationException exception with the message \n \"AttributeFilter cannot have a length of more than 10\".

                                                                                                " + "smithy.api#documentation": "

                                                                                                Provides filtering the query results based on document\n attributes.

                                                                                                \n

                                                                                                When you use the AndAllFilters or\n OrAllFilters, filters you can use 2 layers under the\n first attribute filter. For example, you can use:

                                                                                                \n

                                                                                                \n \n

                                                                                                \n
                                                                                                  \n
                                                                                                1. \n

                                                                                                  \n \n

                                                                                                  \n
                                                                                                  2. \n
                                                                                                2. \n

                                                                                                  \n \n

                                                                                                  \n
                                                                                                  3. \n
                                                                                                \n

                                                                                                If you use more than 2 layers, you receive a\n ValidationException exception with the message\n \"AttributeFilter cannot have a depth of more \n than 2.\"

                                                                                                \n

                                                                                                If you use more than 10 attribute filters in a given list for \n AndAllFilters or OrAllFilters, you receive \n a ValidationException with the message \n \"AttributeFilter cannot have a length of more than 10\".

                                                                                                " } }, "com.amazonaws.kendra#AttributeFilterList": { @@ -1543,7 +1543,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Creates a data source that you use to with an Amazon Kendra index.

                                                                                                \n

                                                                                                You specify a name, data source connector type and description for\n your data source. You also specify configuration information such as\n document metadata (author, source URI, and so on) and user context\n information.

                                                                                                \n

                                                                                                \n CreateDataSource is a synchronous operation. The\n operation returns 200 if the data source was successfully created.\n Otherwise, an exception is raised.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Creates a data source that you want to use with an Amazon Kendra index.

                                                                                                \n

                                                                                                You specify a name, data source connector type and description for\n your data source. You also specify configuration information for the \n data source connector.

                                                                                                \n

                                                                                                \n CreateDataSource is a synchronous operation. The\n operation returns 200 if the data source was successfully created.\n Otherwise, an exception is raised.

                                                                                                " } }, "com.amazonaws.kendra#CreateDataSourceRequest": { @@ -1606,6 +1606,12 @@ "smithy.api#documentation": "

                                                                                                A token that you provide to identify the request to create a data\n source. Multiple calls to the CreateDataSource operation with\n the same client token will create only one data source.

                                                                                                ", "smithy.api#idempotencyToken": {} } + }, + "LanguageCode": { + "target": "com.amazonaws.kendra#LanguageCode", + "traits": { + "smithy.api#documentation": "

                                                                                                The code for a language. This allows you to support a language for all \n documents when creating the data source. English is supported \n by default. For more information on supported languages, including their codes, \n see Adding \n documents in languages other than English.

                                                                                                " + } } } }, @@ -1711,6 +1717,12 @@ "smithy.api#documentation": "

                                                                                                A token that you provide to identify the request to create a FAQ. Multiple calls to\n the CreateFaqRequest operation with the same client token will create only\n one FAQ.

                                                                                                ", "smithy.api#idempotencyToken": {} } + }, + "LanguageCode": { + "target": "com.amazonaws.kendra#LanguageCode", + "traits": { + "smithy.api#documentation": "

                                                                                                The code for a language. This allows you to support a language \n for the FAQ document. English is supported by default. \n For more information on supported languages, including their codes, \n see Adding \n documents in languages other than English.

                                                                                                " + } } } }, @@ -1817,7 +1829,13 @@ "UserContextPolicy": { "target": "com.amazonaws.kendra#UserContextPolicy", "traits": { - "smithy.api#documentation": "

                                                                                                The user context policy.

                                                                                                \n
                                                                                                \n
                                                                                                ATTRIBUTE_FILTER
                                                                                                \n
                                                                                                \n

                                                                                                All indexed content is searchable and displayable\n for all users. If there is an access control list, it\n is ignored. You can filter on user and group attributes.\n

                                                                                                \n
                                                                                                \n
                                                                                                USER_TOKEN
                                                                                                \n
                                                                                                \n

                                                                                                Enables SSO and token-based user access control.\n All documents with no access control and all documents\n accessible to the user will be searchable and\n displayable.\n

                                                                                                \n
                                                                                                \n
                                                                                                " + "smithy.api#documentation": "

                                                                                                The user context policy.

                                                                                                \n
                                                                                                \n
                                                                                                ATTRIBUTE_FILTER
                                                                                                \n
                                                                                                \n

                                                                                                All indexed content is searchable and displayable\n for all users. If you want to filter search results on \n user context, you can use the attribute filters of\n _user_id and _group_ids or\n you can provide user and group information in UserContext.\n

                                                                                                \n
                                                                                                \n
                                                                                                USER_TOKEN
                                                                                                \n
                                                                                                \n

                                                                                                Enables token-based user access control to filter \n search results on user context. All documents with no \n access control and all documents accessible to the user \n will be searchable and displayable.\n

                                                                                                \n
                                                                                                \n
                                                                                                " + } + }, + "UserGroupResolutionConfiguration": { + "target": "com.amazonaws.kendra#UserGroupResolutionConfiguration", + "traits": { + "smithy.api#documentation": "

                                                                                                Enables fetching access levels of groups and users from an AWS Single Sign-On \n identity source. To configure this, see \n UserGroupResolutionConfiguration.

                                                                                                " } } } @@ -2012,7 +2030,7 @@ "ClientToken": { "target": "com.amazonaws.kendra#ClientTokenName", "traits": { - "smithy.api#documentation": "

                                                                                                A token that you provide to identify the request to create a \n thesaurus. Multiple calls to the CreateThesaurus operation \n with the same client token will create only one index.\n

                                                                                                ", + "smithy.api#documentation": "

                                                                                                A token that you provide to identify the request to create a \n thesaurus. Multiple calls to the CreateThesaurus operation \n with the same client token will create only one thesaurus.\n

                                                                                                ", "smithy.api#idempotencyToken": {} } } @@ -2254,6 +2272,12 @@ "traits": { "smithy.api#documentation": "

                                                                                                The status of the data source. When the status is\n ACTIVE the data source is ready to use.

                                                                                                " } + }, + "LanguageCode": { + "target": "com.amazonaws.kendra#LanguageCode", + "traits": { + "smithy.api#documentation": "

                                                                                                The code for a language. This shows a supported language for all documents \n in the data source. English is supported by default. \n For more information on supported languages, including their codes, \n see Adding \n documents in languages other than English.

                                                                                                " + } } }, "traits": { @@ -3056,6 +3080,12 @@ "traits": { "smithy.api#documentation": "

                                                                                                When the Status field value is FAILED, the\n ErrorMessage field contains a description of the error that\n caused the data source to fail.

                                                                                                " } + }, + "LanguageCode": { + "target": "com.amazonaws.kendra#LanguageCode", + "traits": { + "smithy.api#documentation": "

                                                                                                The code for a language. This shows a supported language for all \n documents in the data source. English is supported by \n default. For more information on supported languages, including their codes, \n see Adding \n documents in languages other than English.

                                                                                                " + } } } }, @@ -3172,6 +3202,12 @@ "traits": { "smithy.api#documentation": "

                                                                                                The file format used by the input files for the FAQ.

                                                                                                " } + }, + "LanguageCode": { + "target": "com.amazonaws.kendra#LanguageCode", + "traits": { + "smithy.api#documentation": "

                                                                                                The code for a language. This shows a supported language \n for the FAQ document. English is supported by default. \n For more information on supported languages, including their codes, \n see Adding \n documents in languages other than English.

                                                                                                " + } } } }, @@ -3308,6 +3344,12 @@ "traits": { "smithy.api#documentation": "

                                                                                                The user context policy for the Amazon Kendra index.

                                                                                                " } + }, + "UserGroupResolutionConfiguration": { + "target": "com.amazonaws.kendra#UserGroupResolutionConfiguration", + "traits": { + "smithy.api#documentation": "

                                                                                                Shows whether you have enabled the configuration for fetching access \n levels of groups and users from an AWS Single Sign-On identity source.

                                                                                                " + } } } }, @@ -3484,7 +3526,7 @@ "CreatedAt": { "target": "com.amazonaws.kendra#Timestamp", "traits": { - "smithy.api#documentation": "

                                                                                                Shows the date-time a block list for query suggestions was last created.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Shows the date-time a block list for query suggestions was created.

                                                                                                " } }, "UpdatedAt": { @@ -4420,6 +4462,12 @@ "traits": { "smithy.api#documentation": "

                                                                                                The file type used to create the FAQ.

                                                                                                " } + }, + "LanguageCode": { + "target": "com.amazonaws.kendra#LanguageCode", + "traits": { + "smithy.api#documentation": "

                                                                                                The code for a language. This shows a supported language for the FAQ document \n as part of the summary information for FAQs. English is supported by default. \n For more information on supported languages, including their codes, \n see Adding \n documents in languages other than English.

                                                                                                " + } } }, "traits": { @@ -4608,7 +4656,7 @@ "S3PathforGroupMembers": { "target": "com.amazonaws.kendra#S3Path", "traits": { - "smithy.api#documentation": "

                                                                                                If you have more than 1000 users and/or sub groups for a single group, \n you need to provide the path to the S3 file that lists your users and sub \n groups for a group. Your sub groups can contain more than 1000 users, but \n the list of sub groups that belong to a group (and/or users) must be no \n more than 1000.

                                                                                                " + "smithy.api#documentation": "

                                                                                                If you have more than 1000 users and/or sub groups for a single group, \n you need to provide the path to the S3 file that lists your users and sub \n groups for a group. Your sub groups can contain more than 1000 users, but \n the list of sub groups that belong to a group (and/or users) must be no \n more than 1000.

                                                                                                \n

                                                                                                You can download this \n example \n S3 file that uses the correct format for listing group members. Note, \n dataSourceId is optional. The value of type \n for a group is always GROUP and for a user it is \n always USER.

                                                                                                " } } }, @@ -5103,6 +5151,17 @@ "smithy.api#sensitive": {} } }, + "com.amazonaws.kendra#LanguageCode": { + "type": "string", + "traits": { + "smithy.api#documentation": "

                                                                                                The code for a language. The default language is English. \n For more information on supported languages, including their codes, \n see Adding \n documents in languages other than English.

                                                                                                ", + "smithy.api#length": { + "min": 2, + "max": 10 + }, + "smithy.api#pattern": "^[a-zA-Z-]*$" + } + }, "com.amazonaws.kendra#ListDataSourceSyncJobs": { "type": "operation", "input": { @@ -5160,7 +5219,7 @@ "NextToken": { "target": "com.amazonaws.kendra#NextToken", "traits": { - "smithy.api#documentation": "

                                                                                                If the result of the previous request to\n GetDataSourceSyncJobHistory was truncated, include the\n NextToken to fetch the next set of jobs.

                                                                                                " + "smithy.api#documentation": "

                                                                                                If the previous response was incomplete (because there is more data to retrieve), \n Amazon Kendra returns a pagination token in the response. You can use this pagination token \n to retrieve the next set of jobs.

                                                                                                " } }, "MaxResults": { @@ -5195,7 +5254,7 @@ "NextToken": { "target": "com.amazonaws.kendra#NextToken", "traits": { - "smithy.api#documentation": "

                                                                                                The GetDataSourceSyncJobHistory operation returns a page\n of vocabularies at a time. The maximum size of the page is set by the\n MaxResults parameter. If there are more jobs in the list\n than the page size, Amazon Kendra returns the NextPage token. Include the\n token in the next request to the GetDataSourceSyncJobHistory\n operation to return in the next page of jobs.

                                                                                                " + "smithy.api#documentation": "

                                                                                                If the response is truncated, Amazon Kendra returns this token that you \n can use in the subsequent request to retrieve the next set of jobs.

                                                                                                " } } } @@ -5317,7 +5376,7 @@ "NextToken": { "target": "com.amazonaws.kendra#NextToken", "traits": { - "smithy.api#documentation": "

                                                                                                If the result of the previous request to ListFaqs was truncated, include\n the NextToken to fetch the next set of FAQs.

                                                                                                " + "smithy.api#documentation": "

                                                                                                If the previous response was incomplete (because there is more data to retrieve), \n Amazon Kendra returns a pagination token in the response. You can use this pagination token \n to retrieve the next set of FAQs.

                                                                                                " } }, "MaxResults": { @@ -5334,7 +5393,7 @@ "NextToken": { "target": "com.amazonaws.kendra#NextToken", "traits": { - "smithy.api#documentation": "

                                                                                                The ListFaqs operation returns a page of FAQs at a time. The maximum size\n of the page is set by the MaxResults parameter. If there are more jobs in\n the list than the page size, Amazon Kendra returns the NextPage token.\n Include the token in the next request to the ListFaqs operation to return\n the next page of FAQs.

                                                                                                " + "smithy.api#documentation": "

                                                                                                If the response is truncated, Amazon Kendra returns this token that you can use \n in the subsequent request to retrieve the next set of FAQs.

                                                                                                " } }, "FaqSummaryItems": { @@ -5403,13 +5462,13 @@ "NextToken": { "target": "com.amazonaws.kendra#NextToken", "traits": { - "smithy.api#documentation": "

                                                                                                \n The next items in the list of groups that go beyond the maximum.\n

                                                                                                " + "smithy.api#documentation": "

                                                                                                \n If the previous response was incomplete (because there is more data to retrieve), \n Amazon Kendra returns a pagination token in the response. You can use this pagination \n token to retrieve the next set of groups that are mapped to users before a \n given ordering or timestamp identifier.\n

                                                                                                " } }, "MaxResults": { "target": "com.amazonaws.kendra#MaxResultsIntegerForListPrincipalsRequest", "traits": { - "smithy.api#documentation": "

                                                                                                \n The maximum results shown for a list of groups that are mapped to users before a \n given ordering or timestamp identifier. \n

                                                                                                " + "smithy.api#documentation": "

                                                                                                \n The maximum number of returned groups that are mapped to users before a \n given ordering or timestamp identifier. \n

                                                                                                " } } } @@ -5426,7 +5485,7 @@ "NextToken": { "target": "com.amazonaws.kendra#NextToken", "traits": { - "smithy.api#documentation": "

                                                                                                \n The next items in the list of groups that go beyond the maximum.\n

                                                                                                " + "smithy.api#documentation": "

                                                                                                \n If the response is truncated, Amazon Kendra returns this token that you can use \n in the subsequent request to retrieve the next set of groups that are \n mapped to users before a given ordering or timestamp identifier.\n

                                                                                                " } } } @@ -5689,7 +5748,7 @@ "ThesaurusSummaryItems": { "target": "com.amazonaws.kendra#ThesaurusSummaryItems", "traits": { - "smithy.api#documentation": "

                                                                                                An array of summary information for one or more thesauruses.

                                                                                                " + "smithy.api#documentation": "

                                                                                                An array of summary information for a thesaurus or multiple thesauri.

                                                                                                " } } } @@ -6216,7 +6275,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Maps users to their groups. You can also map sub groups to groups. \n For example, the group \"Company Intellectual Property Teams\" includes \n sub groups \"Research\" and \"Engineering\". These sub groups include their\n own list of users or people who work in these teams. Only users who work \n in research and engineering, and therefore belong in the intellectual \n property group, can see top-secret company documents in their search \n results.

                                                                                                \n

                                                                                                You map users to their groups when you want to filter search results \n for different users based on their group’s access to documents. For more \n information on filtering search results for different users, see \n Filtering \n on user context.

                                                                                                \n

                                                                                                If more than five PUT actions for a group are currently \n processing, a validation exception is thrown.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Maps users to their groups so that you only need to provide \n the user ID when you issue the query.

                                                                                                \n

                                                                                                You can also map sub groups to groups. \n For example, the group \"Company Intellectual Property Teams\" includes \n sub groups \"Research\" and \"Engineering\". These sub groups include their\n own list of users or people who work in these teams. Only users who work \n in research and engineering, and therefore belong in the intellectual \n property group, can see top-secret company documents in their search \n results.

                                                                                                \n

                                                                                                You map users to their groups when you want to filter search results \n for different users based on their group’s access to documents. For more \n information on filtering search results for different users, see \n Filtering \n on user context.

                                                                                                \n

                                                                                                If more than five PUT actions for a group are currently \n processing, a validation exception is thrown.

                                                                                                " } }, "com.amazonaws.kendra#PutPrincipalMappingRequest": { @@ -6400,7 +6459,7 @@ "UserContext": { "target": "com.amazonaws.kendra#UserContext", "traits": { - "smithy.api#documentation": "

                                                                                                The user context token.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The user context token or user and group information.

                                                                                                " } }, "VisitorId": { @@ -7361,6 +7420,10 @@ { "value": "LOW", "name": "LOW" + }, + { + "value": "NOT_AVAILABLE", + "name": "NOT_AVAILABLE" } ] } @@ -8486,7 +8549,7 @@ } }, "traits": { - "smithy.api#documentation": "

                                                                                                An array of summary information for one or more thesauruses.

                                                                                                " + "smithy.api#documentation": "

                                                                                                An array of summary information for a thesaurus or multiple thesauri.

                                                                                                " } }, "com.amazonaws.kendra#ThesaurusSummaryItems": { @@ -8668,6 +8731,12 @@ "traits": { "smithy.api#documentation": "

                                                                                                The Amazon Resource Name (ARN) of the new role to use when the data\n source is accessing resources on your behalf.

                                                                                                " } + }, + "LanguageCode": { + "target": "com.amazonaws.kendra#LanguageCode", + "traits": { + "smithy.api#documentation": "

                                                                                                The code for a language. This allows you to support a language for all \n documents when updating the data source. English is supported \n by default. For more information on supported languages, including their codes, \n see Adding \n documents in languages other than English.

                                                                                                " + } } } }, @@ -8752,7 +8821,13 @@ "UserContextPolicy": { "target": "com.amazonaws.kendra#UserContextPolicy", "traits": { - "smithy.api#documentation": "

                                                                                                The user user token context policy.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The user context policy.

                                                                                                " + } + }, + "UserGroupResolutionConfiguration": { + "target": "com.amazonaws.kendra#UserGroupResolutionConfiguration", + "traits": { + "smithy.api#documentation": "

                                                                                                Enables fetching access levels of groups and users from an AWS Single Sign-On \n identity source. To configure this, see \n UserGroupResolutionConfiguration.

                                                                                                " } } } @@ -8996,7 +9071,7 @@ } }, "traits": { - "smithy.api#documentation": "

                                                                                                Provides the configuration information of the URLs to crawl.

                                                                                                \n

                                                                                                \n When selecting websites to index, you must adhere to \n the Amazon Acceptable Use Policy \n and all other Amazon terms. Remember that you must only use the Amazon Kendra web \n crawler to index your own webpages, or webpages that you have authorization to \n index.\n

                                                                                                " + "smithy.api#documentation": "

                                                                                                Provides the configuration information of the URLs to crawl.

                                                                                                \n

                                                                                                You can only crawl websites that use the secure communication protocol, \n Hypertext Transfer Protocol Secure (HTTPS). If you receive an error when \n crawling a website, it could be that the website is blocked from crawling.

                                                                                                \n

                                                                                                \n When selecting websites to index, you must adhere to \n the Amazon Acceptable Use Policy \n and all other Amazon terms. Remember that you must only use the Amazon Kendra web \n crawler to index your own webpages, or webpages that you have authorization to \n index.\n

                                                                                                " } }, "com.amazonaws.kendra#UserAccount": { @@ -9038,7 +9113,7 @@ } }, "traits": { - "smithy.api#documentation": "

                                                                                                Provides information about the user context for a Amazon Kendra index.

                                                                                                \n

                                                                                                This is used for filtering search results for different users based on their access \n to documents.

                                                                                                \n

                                                                                                You provide one of the following:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  User token

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  User ID, the groups the user belongs to, and the data sources \n the groups can access

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                If you provide both, an exception is thrown.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Provides information about the user context for\n an\n Amazon Kendra index.

                                                                                                \n

                                                                                                This is used for filtering search results for different users based on their access \n to documents.

                                                                                                \n

                                                                                                You provide one of the following:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  User token

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  User ID, the groups the user belongs to, and any data sources the groups can\n access.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                If you provide both, an exception is thrown.

                                                                                                " } }, "com.amazonaws.kendra#UserContextPolicy": { @@ -9056,6 +9131,36 @@ ] } }, + "com.amazonaws.kendra#UserGroupResolutionConfiguration": { + "type": "structure", + "members": { + "UserGroupResolutionMode": { + "target": "com.amazonaws.kendra#UserGroupResolutionMode", + "traits": { + "smithy.api#documentation": "

                                                                                                The identity store provider (mode) you want to use to fetch access levels of groups and\n users. AWS Single Sign-On is currently the only available mode. Your users and groups\n must\n exist in an AWS SSO identity source in order to use this mode.

                                                                                                ", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "

                                                                                                Provides the configuration information to fetch access levels \n of groups and users from an AWS Single Sign-On identity \n source. This is useful for setting up user context filtering, where \n Amazon Kendra filters search results for different users based on their \n group's access to documents. You can also map your users to their \n groups for user context filtering using the \n PutPrincipalMapping \n operation.

                                                                                                \n

                                                                                                To set up an AWS SSO identity source in the console to use with \n Amazon Kendra, see Getting started \n with an AWS SSO identity source. You must also grant the required \n permissions to use AWS SSO with Amazon Kendra. For more information, see \n IAM roles for \n AWS Single Sign-On.

                                                                                                " + } + }, + "com.amazonaws.kendra#UserGroupResolutionMode": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "AWS_SSO", + "name": "AWS_SSO" + }, + { + "value": "NONE", + "name": "NONE" + } + ] + } + }, "com.amazonaws.kendra#UserId": { "type": "string", "traits": { @@ -9165,7 +9270,7 @@ "Urls": { "target": "com.amazonaws.kendra#Urls", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies the seed or starting point URLs of the \n websites or the sitemap URLs of the websites you want to crawl.

                                                                                                \n

                                                                                                You can include website subdomains. You can list up to 100 seed \n URLs and up to three sitemap URLs.

                                                                                                \n

                                                                                                \n When selecting websites to index, you must adhere to \n the Amazon Acceptable Use Policy \n and all other Amazon terms. Remember that you must only use the Amazon Kendra \n web crawler to index your own webpages, or webpages that you have \n authorization to index.\n

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Specifies the seed or starting point URLs of the \n websites or the sitemap URLs of the websites you want to crawl.

                                                                                                \n

                                                                                                You can include website subdomains. You can list up to 100 seed \n URLs and up to three sitemap URLs.

                                                                                                \n

                                                                                                You can only crawl websites that use the secure communication protocol, \n Hypertext Transfer Protocol Secure (HTTPS). If you receive an error when \n crawling a website, it could be that the website is blocked from crawling.

                                                                                                \n

                                                                                                \n When selecting websites to index, you must adhere to \n the Amazon Acceptable Use Policy \n and all other Amazon terms. Remember that you must only use the Amazon Kendra \n web crawler to index your own webpages, or webpages that you have \n authorization to index.\n

                                                                                                ", "smithy.api#required": {} } }, diff --git a/codegen/sdk-codegen/aws-models/kms.2014-11-01.json b/codegen/sdk-codegen/aws-models/kms.2014-11-01.json index 15377e5f9d68..5c295854d2da 100644 --- a/codegen/sdk-codegen/aws-models/kms.2014-11-01.json +++ b/codegen/sdk-codegen/aws-models/kms.2014-11-01.json @@ -81,13 +81,13 @@ "CreationDate": { "target": "com.amazonaws.kms#DateType", "traits": { - "smithy.api#documentation": "

                                                                                                Date and time that the alias was most recently created in the account and Region. Formatted as Unix time.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Date and time that the alias was most recently created in the account and Region.\n Formatted as Unix time.

                                                                                                " } }, "LastUpdatedDate": { "target": "com.amazonaws.kms#DateType", "traits": { - "smithy.api#documentation": "

                                                                                                Date and time that the alias was most recently associated with a KMS key in the account and Region. Formatted as Unix time.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Date and time that the alias was most recently associated with a KMS key in the account\n and Region. Formatted as Unix time.

                                                                                                " } } }, @@ -160,7 +160,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Cancels the deletion of a KMS key. When this operation succeeds, the key\n state of the KMS key is Disabled. To enable the KMS key, use EnableKey.

                                                                                                \n

                                                                                                For more information about scheduling and canceling deletion of a KMS key, see Deleting KMS keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n

                                                                                                \n Required permissions: kms:CancelKeyDeletion (key policy)

                                                                                                \n

                                                                                                \n Related operations: ScheduleKeyDeletion\n

                                                                                                " + "smithy.api#documentation": "

                                                                                                Cancels the deletion of a KMS key. When this operation succeeds, the key state of the KMS\n key is Disabled. To enable the KMS key, use EnableKey.

                                                                                                \n

                                                                                                For more information about scheduling and canceling deletion of a KMS key, see Deleting KMS keys in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account\n use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n

                                                                                                \n Required permissions: kms:CancelKeyDeletion (key policy)

                                                                                                \n

                                                                                                \n Related operations: ScheduleKeyDeletion\n

                                                                                                " } }, "com.amazonaws.kms#CancelKeyDeletionRequest": { @@ -169,7 +169,7 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Identifies the KMS key whose deletion is being canceled.

                                                                                                \n

                                                                                                Specify the key ID or key ARN of the KMS key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Identifies the KMS key whose deletion is being canceled.

                                                                                                \n \n

                                                                                                Specify the key ID or key ARN of the KMS key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", "smithy.api#required": {} } } @@ -315,7 +315,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Connects or reconnects a custom key store to its associated CloudHSM cluster.

                                                                                                \n

                                                                                                The custom key store must be connected before you can create KMS keys\n in the key store or use the KMS keys it contains. You can disconnect and reconnect a custom key\n store at any time.

                                                                                                \n

                                                                                                To connect a custom key store, its associated CloudHSM cluster must have at least one active\n HSM. To get the number of active HSMs in a cluster, use the DescribeClusters operation. To add HSMs\n to the cluster, use the CreateHsm operation. Also, the \n kmsuser crypto\n user (CU) must not be logged into the cluster. This prevents KMS from using this\n account to log in.

                                                                                                \n

                                                                                                The connection process can take an extended amount of time to complete; up to 20 minutes.\n This operation starts the connection process, but it does not wait for it to complete. When it\n succeeds, this operation quickly returns an HTTP 200 response and a JSON object with no\n properties. However, this response does not indicate that the custom key store is connected.\n To get the connection state of the custom key store, use the DescribeCustomKeyStores operation.

                                                                                                \n

                                                                                                During the connection process, KMS finds the CloudHSM cluster that is associated with the\n custom key store, creates the connection infrastructure, connects to the cluster, logs into\n the CloudHSM client as the kmsuser CU, and rotates its password.

                                                                                                \n

                                                                                                The ConnectCustomKeyStore operation might fail for various reasons. To find\n the reason, use the DescribeCustomKeyStores operation and see the\n ConnectionErrorCode in the response. For help interpreting the\n ConnectionErrorCode, see CustomKeyStoresListEntry.

                                                                                                \n

                                                                                                To fix the failure, use the DisconnectCustomKeyStore operation to\n disconnect the custom key store, correct the error, use the UpdateCustomKeyStore operation if necessary, and then use\n ConnectCustomKeyStore again.

                                                                                                \n

                                                                                                If you are having trouble connecting or disconnecting a custom key store, see Troubleshooting a Custom Key\n Store in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:ConnectCustomKeyStore (IAM policy)

                                                                                                \n

                                                                                                \n Related operations\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Connects or reconnects a custom key store to its associated CloudHSM cluster.

                                                                                                \n

                                                                                                The custom key store must be connected before you can create KMS keys in the key store or\n use the KMS keys it contains. You can disconnect and reconnect a custom key store at any\n time.

                                                                                                \n

                                                                                                To connect a custom key store, its associated CloudHSM cluster must have at least one active\n HSM. To get the number of active HSMs in a cluster, use the DescribeClusters operation. To add HSMs\n to the cluster, use the CreateHsm operation. Also, the \n kmsuser crypto\n user (CU) must not be logged into the cluster. This prevents KMS from using this\n account to log in.

                                                                                                \n

                                                                                                The connection process can take an extended amount of time to complete; up to 20 minutes.\n This operation starts the connection process, but it does not wait for it to complete. When it\n succeeds, this operation quickly returns an HTTP 200 response and a JSON object with no\n properties. However, this response does not indicate that the custom key store is connected.\n To get the connection state of the custom key store, use the DescribeCustomKeyStores operation.

                                                                                                \n

                                                                                                During the connection process, KMS finds the CloudHSM cluster that is associated with the\n custom key store, creates the connection infrastructure, connects to the cluster, logs into\n the CloudHSM client as the kmsuser CU, and rotates its password.

                                                                                                \n

                                                                                                The ConnectCustomKeyStore operation might fail for various reasons. To find\n the reason, use the DescribeCustomKeyStores operation and see the\n ConnectionErrorCode in the response. For help interpreting the\n ConnectionErrorCode, see CustomKeyStoresListEntry.

                                                                                                \n

                                                                                                To fix the failure, use the DisconnectCustomKeyStore operation to\n disconnect the custom key store, correct the error, use the UpdateCustomKeyStore operation if necessary, and then use\n ConnectCustomKeyStore again.

                                                                                                \n

                                                                                                If you are having trouble connecting or disconnecting a custom key store, see Troubleshooting a Custom Key\n Store in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:ConnectCustomKeyStore (IAM policy)

                                                                                                \n

                                                                                                \n Related operations\n

                                                                                                \n " } }, "com.amazonaws.kms#ConnectCustomKeyStoreRequest": { @@ -433,7 +433,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Creates a friendly name for a KMS key.

                                                                                                \n \n

                                                                                                Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                                                                \n                                                                                                 \n

                                                                                                You can use an alias to identify a KMS key in the KMS console, in the DescribeKey operation and in cryptographic operations, such as Encrypt and\n GenerateDataKey. You can also change the KMS key that's associated with the\n alias (UpdateAlias) or delete the alias (DeleteAlias) at\n any time. These operations don't affect the underlying KMS key.

                                                                                                \n

                                                                                                You can associate the alias with any customer managed key in the same Amazon Web Services Region. Each\n alias is associated with only one KMS key at a time, but a KMS key can have multiple aliases. A valid KMS key is required. You can't create an alias without a KMS key.

                                                                                                \n

                                                                                                The alias must be unique in the account and Region, but you can have aliases with the same\n name in different Regions. For detailed information about aliases, see Using aliases in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                This operation does not return a response. To get the alias that you created, use the\n ListAliases operation.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on an alias in a different Amazon Web Services account.

                                                                                                \n \n

                                                                                                \n Required permissions\n

                                                                                                \n \n

                                                                                                For details, see Controlling access to aliases in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Creates a friendly name for a KMS key.

                                                                                                \n \n

                                                                                                Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                                                                \n                                                                                                 \n

                                                                                                You can use an alias to identify a KMS key in the KMS console, in the DescribeKey operation and in cryptographic operations, such as Encrypt and\n GenerateDataKey. You can also change the KMS key that's associated with\n the alias (UpdateAlias) or delete the alias (DeleteAlias)\n at any time. These operations don't affect the underlying KMS key.

                                                                                                \n

                                                                                                You can associate the alias with any customer managed key in the same Amazon Web Services Region. Each\n alias is associated with only one KMS key at a time, but a KMS key can have multiple aliases.\n A valid KMS key is required. You can't create an alias without a KMS key.

                                                                                                \n

                                                                                                The alias must be unique in the account and Region, but you can have aliases with the same\n name in different Regions. For detailed information about aliases, see Using aliases in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                This operation does not return a response. To get the alias that you created, use the\n ListAliases operation.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on an alias in a different Amazon Web Services account.

                                                                                                \n\n

                                                                                                \n Required permissions\n

                                                                                                \n \n

                                                                                                For details, see Controlling access to aliases in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#CreateAliasRequest": { @@ -442,14 +442,14 @@ "AliasName": { "target": "com.amazonaws.kms#AliasNameType", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies the alias name. This value must begin with alias/ followed by a\n name, such as alias/ExampleAlias.

                                                                                                \n

                                                                                                The AliasName value must be string of 1-256 characters. It can contain only alphanumeric characters,\n forward slashes (/), underscores (_), and dashes (-). The alias name cannot begin with alias/aws/. The alias/aws/ prefix is reserved\n for Amazon Web Services managed keys.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Specifies the alias name. This value must begin with alias/ followed by a\n name, such as alias/ExampleAlias.

                                                                                                \n

                                                                                                The AliasName value must be string of 1-256 characters. It can contain only\n alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). The alias name\n cannot begin with alias/aws/. The alias/aws/ prefix is reserved for\n Amazon Web Services managed\n keys.

                                                                                                ", "smithy.api#required": {} } }, "TargetKeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Associates the alias with the specified customer managed key. The KMS key must be\n in the same Amazon Web Services Region.

                                                                                                \n

                                                                                                A valid key ID is required. If you supply a null or empty string value, this operation\n returns an error.

                                                                                                \n

                                                                                                For help finding the key ID and ARN, see Finding the Key ID and\n ARN in the \n Key Management Service Developer Guide\n .

                                                                                                \n \n

                                                                                                Specify the key ID or key ARN of the KMS key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Associates the alias with the specified customer managed key. The KMS key must\n be in the same Amazon Web Services Region.

                                                                                                \n

                                                                                                A valid key ID is required. If you supply a null or empty string value, this operation\n returns an error.

                                                                                                \n

                                                                                                For help finding the key ID and ARN, see Finding the Key ID and\n ARN in the \n Key Management Service Developer Guide\n .

                                                                                                \n

                                                                                                Specify the key ID or key ARN of the KMS key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", "smithy.api#required": {} } } @@ -496,7 +496,7 @@ "CustomKeyStoreName": { "target": "com.amazonaws.kms#CustomKeyStoreNameType", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies a friendly name for the custom key store. The name must be unique in your Amazon Web Services account.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Specifies a friendly name for the custom key store. The name must be unique in your\n Amazon Web Services account.

                                                                                                ", "smithy.api#required": {} } }, @@ -569,7 +569,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Adds a grant to a KMS key.

                                                                                                \n

                                                                                                A grant is a policy instrument that allows Amazon Web Services principals to use KMS keys in cryptographic operations. It also can allow them to view a KMS key (DescribeKey) and create and manage grants. When authorizing access to a KMS key, grants are considered along with key policies and IAM policies. Grants are often used for\n temporary permissions because you can create one, use its permissions, and delete it without\n changing your key policies or IAM policies.

                                                                                                \n

                                                                                                For detailed information about grants, including grant terminology, see Using grants in the\n \n Key Management Service Developer Guide\n . For examples of working with grants in several\n programming languages, see Programming grants.

                                                                                                \n

                                                                                                The CreateGrant operation returns a GrantToken and a\n GrantId.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  When you create, retire, or revoke a grant, there might be a brief delay, usually less than five minutes, until the grant is available throughout KMS. This state is known as eventual consistency. Once the grant has achieved eventual consistency, the grantee principal\n can use the permissions in the grant without identifying the grant.

                                                                                                  \n

                                                                                                  However, to use the permissions in the grant immediately, use the\n GrantToken that CreateGrant returns. For details, see Using a grant\n token in the \n Key Management Service Developer Guide\n .

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  The CreateGrant operation also returns a GrantId. You can use the\n GrantId and a key identifier to identify the grant in the RetireGrant and RevokeGrant operations. To find the grant\n ID, use the ListGrants or ListRetirableGrants\n operations.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: Yes. To perform this operation on a KMS key in a different Amazon Web Services account, specify the key\n ARN in the value of the KeyId parameter.

                                                                                                \n

                                                                                                \n Required permissions: kms:CreateGrant (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Adds a grant to a KMS key.

                                                                                                \n

                                                                                                A grant is a policy instrument that allows Amazon Web Services principals to use\n KMS keys in cryptographic operations. It also can allow them to view a KMS key (DescribeKey) and create and manage grants. When authorizing access to a KMS key,\n grants are considered along with key policies and IAM policies. Grants are often used for\n temporary permissions because you can create one, use its permissions, and delete it without\n changing your key policies or IAM policies.

                                                                                                \n

                                                                                                For detailed information about grants, including grant terminology, see Using grants in the\n \n Key Management Service Developer Guide\n . For examples of working with grants in several\n programming languages, see Programming grants.

                                                                                                \n

                                                                                                The CreateGrant operation returns a GrantToken and a\n GrantId.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  When you create, retire, or revoke a grant, there might be a brief delay, usually less than five minutes, until the grant is available throughout KMS. This state is known as eventual consistency. Once the grant has achieved eventual consistency, the grantee\n principal can use the permissions in the grant without identifying the grant.

                                                                                                  \n

                                                                                                  However, to use the permissions in the grant immediately, use the\n GrantToken that CreateGrant returns. For details, see Using a\n grant token in the \n Key Management Service Developer Guide\n .

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  The CreateGrant operation also returns a GrantId. You can\n use the GrantId and a key identifier to identify the grant in the RetireGrant and RevokeGrant operations. To find the grant\n ID, use the ListGrants or ListRetirableGrants\n operations.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: Yes.\n To perform this operation on a KMS key in a different Amazon Web Services account, specify the key\n ARN in the value of the KeyId parameter.

                                                                                                \n

                                                                                                \n Required permissions: kms:CreateGrant (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#CreateGrantRequest": { @@ -578,34 +578,34 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Identifies the KMS key for the grant. The grant gives principals permission to use this KMS key.

                                                                                                \n \n

                                                                                                Specify the key ID or key ARN of the KMS key. To specify a KMS key in a\ndifferent Amazon Web Services account, you must use the key ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Identifies the KMS key for the grant. The grant gives principals permission to use this\n KMS key.

                                                                                                \n

                                                                                                Specify the key ID or key ARN of the KMS key. To specify a KMS key in a\ndifferent Amazon Web Services account, you must use the key ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", "smithy.api#required": {} } }, "GranteePrincipal": { "target": "com.amazonaws.kms#PrincipalIdType", "traits": { - "smithy.api#documentation": "

                                                                                                The identity that gets the permissions specified in the grant.

                                                                                                \n

                                                                                                To specify the principal, use the Amazon Resource Name (ARN) of an Amazon Web Services principal. Valid Amazon Web Services principals include Amazon Web Services accounts (root), IAM users, IAM roles, federated\n users, and assumed role users. For examples of the ARN syntax to use for specifying a\n principal, see Amazon Web Services Identity and Access\n Management (IAM) in the Example ARNs section of the Amazon Web Services General\n Reference.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The identity that gets the permissions specified in the grant.

                                                                                                \n

                                                                                                To specify the principal, use the Amazon Resource Name (ARN) of an\n Amazon Web Services principal. Valid Amazon Web Services principals include Amazon Web Services accounts (root), IAM users, IAM roles,\n federated users, and assumed role users. For examples of the ARN syntax to use for specifying\n a principal, see Amazon Web Services Identity and Access\n Management (IAM) in the Example ARNs section of the Amazon Web Services General\n Reference.

                                                                                                ", "smithy.api#required": {} } }, "RetiringPrincipal": { "target": "com.amazonaws.kms#PrincipalIdType", "traits": { - "smithy.api#documentation": "

                                                                                                The principal that has permission to use the RetireGrant operation to\n retire the grant.

                                                                                                \n

                                                                                                To specify the principal, use the Amazon Resource Name (ARN) of an Amazon Web Services principal. Valid Amazon Web Services principals include Amazon Web Services accounts (root), IAM users, federated users, and\n assumed role users. For examples of the ARN syntax to use for specifying a principal, see\n Amazon Web Services Identity and Access Management (IAM) in the Example ARNs section of the\n Amazon Web Services General Reference.

                                                                                                \n

                                                                                                The grant determines the retiring principal. Other principals might have permission to\n retire the grant or revoke the grant. For details, see RevokeGrant and\n Retiring and revoking grants in the Key Management Service Developer Guide.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The principal that has permission to use the RetireGrant operation to\n retire the grant.

                                                                                                \n

                                                                                                To specify the principal, use the Amazon Resource Name (ARN) of an\n Amazon Web Services principal. Valid Amazon Web Services principals include Amazon Web Services accounts (root), IAM users, federated\n users, and assumed role users. For examples of the ARN syntax to use for specifying a\n principal, see Amazon Web Services Identity and Access\n Management (IAM) in the Example ARNs section of the Amazon Web Services General\n Reference.

                                                                                                \n

                                                                                                The grant determines the retiring principal. Other principals might have permission to\n retire the grant or revoke the grant. For details, see RevokeGrant and\n Retiring and\n revoking grants in the Key Management Service Developer Guide.

                                                                                                " } }, "Operations": { "target": "com.amazonaws.kms#GrantOperationList", "traits": { - "smithy.api#documentation": "

                                                                                                A list of operations that the grant permits.

                                                                                                \n

                                                                                                The operation must be supported on the KMS key. For example, you cannot create a grant for a\n symmetric KMS key that allows the Sign operation, or a grant for an asymmetric KMS key that allows the GenerateDataKey operation. If you try, KMS returns a\n ValidationError exception. For details, see Grant operations in the\n Key Management Service Developer Guide.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                A list of operations that the grant permits.

                                                                                                \n

                                                                                                The operation must be supported on the KMS key. For example, you cannot create a grant for\n a symmetric KMS key that allows the Sign operation, or a grant for an\n asymmetric KMS key that allows the GenerateDataKey operation. If you try,\n KMS returns a ValidationError exception. For details, see Grant\n operations in the Key Management Service Developer Guide.

                                                                                                ", "smithy.api#required": {} } }, "Constraints": { "target": "com.amazonaws.kms#GrantConstraints", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies a grant constraint.

                                                                                                \n

                                                                                                KMS supports the EncryptionContextEquals and\n EncryptionContextSubset grant constraints. Each constraint value can include up\n to 8 encryption context pairs. The encryption context value in each constraint cannot exceed\n 384 characters.

                                                                                                \n

                                                                                                These grant constraints allow the permissions in the grant only when the encryption\n context in the request matches (EncryptionContextEquals) or includes\n (EncryptionContextSubset) the encryption context specified in this structure.\n For information about grant constraints, see Using grant\n constraints in the Key Management Service Developer Guide. For more information about encryption context,\n see Encryption\n Context in the \n Key Management Service Developer Guide\n .

                                                                                                \n

                                                                                                The encryption context grant constraints are supported only on operations that include an\n encryption context. You cannot use an encryption context grant constraint for cryptographic\n operations with asymmetric KMS keys or for management operations, such as DescribeKey or RetireGrant.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Specifies a grant constraint.

                                                                                                \n

                                                                                                KMS supports the EncryptionContextEquals and\n EncryptionContextSubset grant constraints. Each constraint value can include up\n to 8 encryption context pairs. The encryption context value in each constraint cannot exceed\n 384 characters.

                                                                                                \n

                                                                                                These grant constraints allow the permissions in the grant only when the encryption\n context in the request matches (EncryptionContextEquals) or includes\n (EncryptionContextSubset) the encryption context specified in this structure.\n For information about grant constraints, see Using grant\n constraints in the Key Management Service Developer Guide. For more information about encryption context,\n see Encryption\n Context in the \n Key Management Service Developer Guide\n .

                                                                                                \n

                                                                                                The encryption context grant constraints are supported only on operations that include an\n encryption context. You cannot use an encryption context grant constraint for cryptographic\n operations with asymmetric KMS keys or for management operations, such as DescribeKey or RetireGrant.

                                                                                                " } }, "GrantTokens": { @@ -617,7 +617,7 @@ "Name": { "target": "com.amazonaws.kms#GrantNameType", "traits": { - "smithy.api#documentation": "

                                                                                                A friendly name for the grant. Use this value to prevent the unintended\n creation of duplicate grants when retrying this request.

                                                                                                \n

                                                                                                When this value is absent, all CreateGrant requests result in a new grant\n with a unique GrantId even if all the supplied parameters are identical. This can\n result in unintended duplicates when you retry the CreateGrant request.

                                                                                                \n

                                                                                                When this value is present, you can retry a CreateGrant request with\n identical parameters; if the grant already exists, the original GrantId is\n returned without creating a new grant. Note that the returned grant token is unique with every\n CreateGrant request, even when a duplicate GrantId is returned.\n All grant tokens for the same grant ID can be used interchangeably.

                                                                                                " + "smithy.api#documentation": "

                                                                                                A friendly name for the grant. Use this value to prevent the unintended creation of\n duplicate grants when retrying this request.

                                                                                                \n

                                                                                                When this value is absent, all CreateGrant requests result in a new grant\n with a unique GrantId even if all the supplied parameters are identical. This can\n result in unintended duplicates when you retry the CreateGrant request.

                                                                                                \n

                                                                                                When this value is present, you can retry a CreateGrant request with\n identical parameters; if the grant already exists, the original GrantId is\n returned without creating a new grant. Note that the returned grant token is unique with every\n CreateGrant request, even when a duplicate GrantId is returned.\n All grant tokens for the same grant ID can be used interchangeably.

                                                                                                " } } } @@ -680,7 +680,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Creates a unique customer managed KMS key in your Amazon Web Services account and Region.

                                                                                                \n \n

                                                                                                KMS is replacing the term customer master key (CMK) with KMS key and KMS key. The concept has not changed. To prevent breaking changes, KMS is keeping some variations of this term.

                                                                                                \n                                                                                                 \n\n

                                                                                                You can use the CreateKey operation to create symmetric or asymmetric KMS keys.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n Symmetric KMS keys contain a 256-bit symmetric key that\n never leaves KMS unencrypted. To use the KMS key, you must call KMS. You can use a\n symmetric KMS key to encrypt and decrypt small amounts of data, but they are typically used to\n generate data\n keys and data keys pairs. For details,\n see GenerateDataKey and GenerateDataKeyPair.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n Asymmetric KMS keys can contain an RSA key pair or an\n Elliptic Curve (ECC) key pair. The private key in an asymmetric KMS key never leaves KMS\n unencrypted. However, you can use the GetPublicKey operation to download\n the public key so it can be used outside of KMS. KMS keys with RSA key pairs can be used to\n encrypt or decrypt data or sign and verify messages (but not both). KMS keys with ECC key\n pairs can be used only to sign and verify messages.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                                                                \n\n\n

                                                                                                To create different types of KMS keys, use the following guidance:

                                                                                                \n\n
                                                                                                \n
                                                                                                Asymmetric KMS keys
                                                                                                \n
                                                                                                \n

                                                                                                To create an asymmetric KMS key, use the KeySpec parameter to specify\n the type of key material in the KMS key. Then, use the KeyUsage parameter\n to determine whether the KMS key will be used to encrypt and decrypt or sign and verify.\n You can't change these properties after the KMS key is created.

                                                                                                \n

                                                                                                \n
                                                                                                \n
                                                                                                Symmetric KMS keys
                                                                                                \n
                                                                                                \n

                                                                                                When creating a symmetric KMS key, you don't need to specify the\n KeySpec or KeyUsage parameters. The default value for\n KeySpec, SYMMETRIC_DEFAULT, and the default value for\n KeyUsage, ENCRYPT_DECRYPT, are the only valid values for\n symmetric KMS keys.

                                                                                                \n

                                                                                                \n
                                                                                                \n
                                                                                                Multi-Region primary keys
                                                                                                \n
                                                                                                Imported key material
                                                                                                \n
                                                                                                \n

                                                                                                To create a multi-Region primary key in the local Amazon Web Services Region,\n use the MultiRegion parameter with a value of True. To create\n a multi-Region replica key, that is, a KMS key with the same key ID and\n key material as a primary key, but in a different Amazon Web Services Region, use the ReplicateKey operation. To change a replica key to a primary key, and its\n primary key to a replica key, use the UpdatePrimaryRegion\n operation.

                                                                                                \n

                                                                                                This operation supports multi-Region keys, an KMS feature that lets you create multiple\n interoperable KMS keys in different Amazon Web Services Regions. Because these KMS keys have the same key ID, key\n material, and other metadata, you can use them interchangeably to encrypt data in one Amazon Web Services Region and decrypt\n it in a different Amazon Web Services Region without re-encrypting the data or making a cross-Region call. For more information about multi-Region keys, see Using multi-Region keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                You can create symmetric and asymmetric multi-Region keys and multi-Region keys with\n imported key material. You cannot create multi-Region keys in a custom key store.

                                                                                                \n

                                                                                                \n
                                                                                                \n
                                                                                                \n

                                                                                                To import your own key material, begin by creating a symmetric KMS key with no key\n material. To do this, use the Origin parameter of CreateKey\n with a value of EXTERNAL. Next, use GetParametersForImport operation to get a public key and import token, and use the public key to encrypt\n your key material. Then, use ImportKeyMaterial with your import token\n to import the key material. For step-by-step instructions, see Importing Key Material in the \n Key Management Service Developer Guide\n . You\n cannot import the key material into an asymmetric KMS key.

                                                                                                \n

                                                                                                To create a multi-Region primary key with imported key material, use the\n Origin parameter of CreateKey with a value of\n EXTERNAL and the MultiRegion parameter with a value of\n True. To create replicas of the multi-Region primary key, use the ReplicateKey operation. For more information about multi-Region keys, see Using multi-Region keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n
                                                                                                \n
                                                                                                Custom key store
                                                                                                \n
                                                                                                \n

                                                                                                To create a symmetric KMS key in a custom key store, use the\n CustomKeyStoreId parameter to specify the custom key store. You must also\n use the Origin parameter with a value of AWS_CLOUDHSM. The\n CloudHSM cluster that is associated with the custom key store must have at least two active\n HSMs in different Availability Zones in the Amazon Web Services Region.

                                                                                                \n

                                                                                                You cannot create an asymmetric KMS key in a custom key store. For information about\n custom key stores in KMS see Using Custom Key Stores in\n the \n Key Management Service Developer Guide\n .

                                                                                                \n
                                                                                                \n
                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot use this operation to\n create a KMS key in a different Amazon Web Services account.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:CreateKey (IAM policy). To use the\n Tags parameter, kms:TagResource (IAM policy). For examples and information about related\n permissions, see Allow a user to create KMS keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Creates a unique customer managed KMS key in your Amazon Web Services account and\n Region.

                                                                                                \n \n

                                                                                                KMS is replacing the term customer master key (CMK) with KMS key and KMS key. The concept has not changed. To prevent breaking changes, KMS is keeping some variations of this term.

                                                                                                \n                                                                                                 \n\n

                                                                                                You can use the CreateKey operation to create symmetric or asymmetric KMS\n keys.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n Symmetric KMS keys contain a 256-bit symmetric key\n that never leaves KMS unencrypted. To use the KMS key, you must call KMS. You can use\n a symmetric KMS key to encrypt and decrypt small amounts of data, but they are typically\n used to generate data keys and data keys pairs. For details,\n see GenerateDataKey and GenerateDataKeyPair.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n Asymmetric KMS keys can contain an RSA key pair or an\n Elliptic Curve (ECC) key pair. The private key in an asymmetric KMS key never leaves KMS\n unencrypted. However, you can use the GetPublicKey operation to download\n the public key so it can be used outside of KMS. KMS keys with RSA key pairs can be used\n to encrypt or decrypt data or sign and verify messages (but not both). KMS keys with ECC\n key pairs can be used only to sign and verify messages.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                                                                \n\n\n

                                                                                                To create different types of KMS keys, use the following guidance:

                                                                                                \n\n
                                                                                                \n
                                                                                                Asymmetric KMS keys
                                                                                                \n
                                                                                                \n

                                                                                                To create an asymmetric KMS key, use the KeySpec parameter to specify\n the type of key material in the KMS key. Then, use the KeyUsage parameter\n to determine whether the KMS key will be used to encrypt and decrypt or sign and verify.\n You can't change these properties after the KMS key is created.

                                                                                                \n

                                                                                                \n
                                                                                                \n
                                                                                                Symmetric KMS keys
                                                                                                \n
                                                                                                \n

                                                                                                When creating a symmetric KMS key, you don't need to specify the\n KeySpec or KeyUsage parameters. The default value for\n KeySpec, SYMMETRIC_DEFAULT, and the default value for\n KeyUsage, ENCRYPT_DECRYPT, are the only valid values for\n symmetric KMS keys.

                                                                                                \n

                                                                                                \n
                                                                                                \n
                                                                                                Multi-Region primary keys
                                                                                                \n
                                                                                                Imported key material
                                                                                                \n
                                                                                                \n

                                                                                                To create a multi-Region primary key in the local Amazon Web Services Region,\n use the MultiRegion parameter with a value of True. To create\n a multi-Region replica key, that is, a KMS key with the same key ID\n and key material as a primary key, but in a different Amazon Web Services Region, use the ReplicateKey operation. To change a replica key to a primary key, and its\n primary key to a replica key, use the UpdatePrimaryRegion\n operation.

                                                                                                \n

                                                                                                This operation supports multi-Region keys, an KMS feature that lets you create multiple\n interoperable KMS keys in different Amazon Web Services Regions. Because these KMS keys have the same key ID, key\n material, and other metadata, you can use them interchangeably to encrypt data in one Amazon Web Services Region and decrypt\n it in a different Amazon Web Services Region without re-encrypting the data or making a cross-Region call. For more information about multi-Region keys, see Using multi-Region keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                You can create symmetric and asymmetric multi-Region keys and multi-Region keys with\n imported key material. You cannot create multi-Region keys in a custom key store.

                                                                                                \n

                                                                                                \n
                                                                                                \n
                                                                                                \n

                                                                                                To import your own key material, begin by creating a symmetric KMS key with no key\n material. To do this, use the Origin parameter of CreateKey\n with a value of EXTERNAL. Next, use GetParametersForImport operation to get a public key and import token, and use the public key to encrypt\n your key material. Then, use ImportKeyMaterial with your import token\n to import the key material. For step-by-step instructions, see Importing Key Material in the \n Key Management Service Developer Guide\n . You\n cannot import the key material into an asymmetric KMS key.

                                                                                                \n

                                                                                                To create a multi-Region primary key with imported key material, use the\n Origin parameter of CreateKey with a value of\n EXTERNAL and the MultiRegion parameter with a value of\n True. To create replicas of the multi-Region primary key, use the ReplicateKey operation. For more information about multi-Region keys, see Using multi-Region keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n
                                                                                                \n
                                                                                                Custom key store
                                                                                                \n
                                                                                                \n

                                                                                                To create a symmetric KMS key in a custom key store, use the\n CustomKeyStoreId parameter to specify the custom key store. You must also\n use the Origin parameter with a value of AWS_CLOUDHSM. The\n CloudHSM cluster that is associated with the custom key store must have at least two active\n HSMs in different Availability Zones in the Amazon Web Services Region.

                                                                                                \n

                                                                                                You cannot create an asymmetric KMS key in a custom key store. For information about\n custom key stores in KMS see Using Custom Key Stores in\n the \n Key Management Service Developer Guide\n .

                                                                                                \n
                                                                                                \n
                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot use this operation to\n create a KMS key in a different Amazon Web Services account.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:CreateKey (IAM policy). To use the\n Tags parameter, kms:TagResource (IAM policy). For examples and information about related\n permissions, see Allow a user to create\n KMS keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#CreateKeyRequest": { @@ -689,19 +689,19 @@ "Policy": { "target": "com.amazonaws.kms#PolicyType", "traits": { - "smithy.api#documentation": "

                                                                                                The key policy to attach to the KMS key.

                                                                                                \n

                                                                                                If you provide a key policy, it must meet the following criteria:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy\n must allow the principal that is making the CreateKey request to make a\n subsequent PutKeyPolicy request on the KMS key. This reduces the risk that\n the KMS key becomes unmanageable. For more information, refer to the scenario in the Default Key Policy section of the \n Key Management Service Developer Guide\n .

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Each statement in the key policy must contain one or more principals. The principals\n in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services principal\n (for example, an IAM user or role), you might need to enforce a delay before including the\n new principal in a key policy because the new principal might not be immediately visible\n to KMS. For more information, see Changes that I make are not always immediately visible in the Amazon Web Services Identity and Access Management User Guide.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                If you do not provide a key policy, KMS attaches a default key policy to the KMS key. For\n more information, see Default Key Policy in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The key policy size quota is 32 kilobytes (32768 bytes).

                                                                                                \n

                                                                                                For help writing and formatting a JSON policy document, see the IAM JSON Policy Reference in the \n Identity and Access Management User Guide\n .

                                                                                                " + "smithy.api#documentation": "

                                                                                                The key policy to attach to the KMS key.

                                                                                                \n

                                                                                                If you provide a key policy, it must meet the following criteria:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy\n must allow the principal that is making the CreateKey request to make a\n subsequent PutKeyPolicy request on the KMS key. This reduces the risk\n that the KMS key becomes unmanageable. For more information, refer to the scenario in the\n Default Key Policy section of the \n Key Management Service Developer Guide\n .

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Each statement in the key policy must contain one or more principals. The principals\n in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services\n principal (for example, an IAM user or role), you might need to enforce a delay before\n including the new principal in a key policy because the new principal might not be\n immediately visible to KMS. For more information, see Changes that I make are not always immediately visible in the Amazon Web Services\n Identity and Access Management User Guide.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                If you do not provide a key policy, KMS attaches a default key policy to the KMS key.\n For more information, see Default Key Policy in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The key policy size quota is 32 kilobytes (32768 bytes).

                                                                                                \n

                                                                                                For help writing and formatting a JSON policy document, see the IAM JSON Policy Reference in the \n Identity and Access Management User Guide\n .

                                                                                                " } }, "Description": { "target": "com.amazonaws.kms#DescriptionType", "traits": { - "smithy.api#documentation": "

                                                                                                A description of the KMS key.

                                                                                                \n

                                                                                                Use a description that helps you decide whether the KMS key is\n appropriate for a task. The default value is an empty string (no description).

                                                                                                \n

                                                                                                To set or change the description after the key is created, use UpdateKeyDescription.

                                                                                                " + "smithy.api#documentation": "

                                                                                                A description of the KMS key.

                                                                                                \n

                                                                                                Use a description that helps you decide whether the KMS key is appropriate for a task. The\n default value is an empty string (no description).

                                                                                                \n

                                                                                                To set or change the description after the key is created, use UpdateKeyDescription.

                                                                                                " } }, "KeyUsage": { "target": "com.amazonaws.kms#KeyUsageType", "traits": { - "smithy.api#documentation": "

                                                                                                Determines the cryptographic operations for which you can use the KMS key. The default value is\n ENCRYPT_DECRYPT. This parameter is required only for asymmetric KMS keys. You can't\n change the KeyUsage value after the KMS key is created.

                                                                                                \n

                                                                                                Select only one valid value.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  For symmetric KMS keys, omit the parameter or specify ENCRYPT_DECRYPT.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  For asymmetric KMS keys with RSA key material, specify ENCRYPT_DECRYPT or\n SIGN_VERIFY.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  For asymmetric KMS keys with ECC key material, specify SIGN_VERIFY.

                                                                                                  \n
                                                                                                  • \n
                                                                                                " + "smithy.api#documentation": "

                                                                                                Determines the cryptographic operations for which you can use the KMS key. The default value is\n ENCRYPT_DECRYPT. This parameter is required only for asymmetric KMS keys. You\n can't change the KeyUsage value after the KMS key is created.

                                                                                                \n

                                                                                                Select only one valid value.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  For symmetric KMS keys, omit the parameter or specify\n ENCRYPT_DECRYPT.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  For asymmetric KMS keys with RSA key material, specify ENCRYPT_DECRYPT or\n SIGN_VERIFY.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  For asymmetric KMS keys with ECC key material, specify\n SIGN_VERIFY.

                                                                                                  \n
                                                                                                  • \n
                                                                                                " } }, "CustomerMasterKeySpec": { @@ -710,43 +710,43 @@ "smithy.api#deprecated": { "message": "This parameter has been deprecated. Instead, use the KeySpec parameter." }, - "smithy.api#documentation": "

                                                                                                Instead, use the KeySpec parameter.

                                                                                                \n

                                                                                                The KeySpec and CustomerMasterKeySpec parameters work the same way. Only the names differ. We recommend that you use KeySpec parameter in your code. However, to avoid breaking changes, KMS will support both parameters.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Instead, use the KeySpec parameter.

                                                                                                \n

                                                                                                The KeySpec and CustomerMasterKeySpec parameters work the same\n way. Only the names differ. We recommend that you use KeySpec parameter in your\n code. However, to avoid breaking changes, KMS will support both parameters.

                                                                                                " } }, "KeySpec": { "target": "com.amazonaws.kms#KeySpec", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies the type of KMS key to create. The default value, SYMMETRIC_DEFAULT,\n creates a KMS key with a 256-bit symmetric key for encryption and decryption. For help choosing a\n key spec for your KMS key, see How to Choose Your KMS key\n Configuration in the \n Key Management Service Developer Guide\n .

                                                                                                \n

                                                                                                The KeySpec determines whether the KMS key contains a symmetric key or an\n asymmetric key pair. It also determines the encryption algorithms or signing algorithms that\n the KMS key supports. You can't change the KeySpec after the KMS key is created.\n To further restrict the algorithms that can be used with the KMS key, use a condition key in\n its key policy or IAM policy. For more information, see kms:EncryptionAlgorithm or kms:Signing Algorithm in the \n Key Management Service Developer Guide\n .

                                                                                                \n \n

                                                                                                \n Amazon Web Services services that\n are integrated with KMS use symmetric KMS keys to protect your data. These\n services do not support asymmetric KMS keys. For help determining whether a KMS key is symmetric or\n asymmetric, see Identifying Symmetric and Asymmetric KMS keys in the Key Management Service Developer\n Guide.

                                                                                                \n                                                                                                 \n

                                                                                                KMS supports the following key specs for KMS keys:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Symmetric key (default)

                                                                                                  \n
                                                                                                    \n
                                                                                                  • \n

                                                                                                    \n SYMMETRIC_DEFAULT (AES-256-GCM)

                                                                                                    \n
                                                                                                    • \n
                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Asymmetric RSA key pairs

                                                                                                  \n
                                                                                                    \n
                                                                                                  • \n

                                                                                                    \n RSA_2048\n

                                                                                                    \n
                                                                                                    • \n
                                                                                                  • \n

                                                                                                    \n RSA_3072\n

                                                                                                    \n
                                                                                                    • \n
                                                                                                  • \n

                                                                                                    \n RSA_4096\n

                                                                                                    \n
                                                                                                    • \n
                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Asymmetric NIST-recommended elliptic curve key pairs

                                                                                                  \n
                                                                                                    \n
                                                                                                  • \n

                                                                                                    \n ECC_NIST_P256 (secp256r1)

                                                                                                    \n
                                                                                                    • \n
                                                                                                  • \n

                                                                                                    \n ECC_NIST_P384 (secp384r1)

                                                                                                    \n
                                                                                                    • \n
                                                                                                  • \n

                                                                                                    \n ECC_NIST_P521 (secp521r1)

                                                                                                    \n
                                                                                                    • \n
                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Other asymmetric elliptic curve key pairs

                                                                                                  \n
                                                                                                    \n
                                                                                                  • \n

                                                                                                    \n ECC_SECG_P256K1 (secp256k1), commonly used for\n cryptocurrencies.

                                                                                                    \n
                                                                                                    • \n
                                                                                                  \n
                                                                                                  • \n
                                                                                                " + "smithy.api#documentation": "

                                                                                                Specifies the type of KMS key to create. The default value,\n SYMMETRIC_DEFAULT, creates a KMS key with a 256-bit symmetric key for encryption\n and decryption. For help choosing a key spec for your KMS key, see How to Choose Your KMS key\n Configuration in the \n Key Management Service Developer Guide\n .

                                                                                                \n

                                                                                                The KeySpec determines whether the KMS key contains a symmetric key or an\n asymmetric key pair. It also determines the encryption algorithms or signing algorithms that\n the KMS key supports. You can't change the KeySpec after the KMS key is created.\n To further restrict the algorithms that can be used with the KMS key, use a condition key in\n its key policy or IAM policy. For more information, see kms:EncryptionAlgorithm or kms:Signing Algorithm in the \n Key Management Service Developer Guide\n .

                                                                                                \n \n

                                                                                                \n Amazon Web Services services that\n are integrated with KMS use symmetric KMS keys to protect your data. These\n services do not support asymmetric KMS keys. For help determining whether a KMS key is\n symmetric or asymmetric, see Identifying Symmetric and Asymmetric\n KMS keys in the Key Management Service Developer Guide.

                                                                                                \n                                                                                                 \n

                                                                                                KMS supports the following key specs for KMS keys:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Symmetric key (default)

                                                                                                  \n
                                                                                                    \n
                                                                                                  • \n

                                                                                                    \n SYMMETRIC_DEFAULT (AES-256-GCM)

                                                                                                    \n
                                                                                                    • \n
                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Asymmetric RSA key pairs

                                                                                                  \n
                                                                                                    \n
                                                                                                  • \n

                                                                                                    \n RSA_2048\n

                                                                                                    \n
                                                                                                    • \n
                                                                                                  • \n

                                                                                                    \n RSA_3072\n

                                                                                                    \n
                                                                                                    • \n
                                                                                                  • \n

                                                                                                    \n RSA_4096\n

                                                                                                    \n
                                                                                                    • \n
                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Asymmetric NIST-recommended elliptic curve key pairs

                                                                                                  \n
                                                                                                    \n
                                                                                                  • \n

                                                                                                    \n ECC_NIST_P256 (secp256r1)

                                                                                                    \n
                                                                                                    • \n
                                                                                                  • \n

                                                                                                    \n ECC_NIST_P384 (secp384r1)

                                                                                                    \n
                                                                                                    • \n
                                                                                                  • \n

                                                                                                    \n ECC_NIST_P521 (secp521r1)

                                                                                                    \n
                                                                                                    • \n
                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Other asymmetric elliptic curve key pairs

                                                                                                  \n
                                                                                                    \n
                                                                                                  • \n

                                                                                                    \n ECC_SECG_P256K1 (secp256k1), commonly used for\n cryptocurrencies.

                                                                                                    \n
                                                                                                    • \n
                                                                                                  \n
                                                                                                  • \n
                                                                                                " } }, "Origin": { "target": "com.amazonaws.kms#OriginType", "traits": { - "smithy.api#documentation": "

                                                                                                The source of the key material for the KMS key. You cannot change the origin after you create\n the KMS key. The default is AWS_KMS, which means that KMS creates the key\n material.

                                                                                                \n

                                                                                                To create a KMS key with no key material (for imported key material), set the value to\n EXTERNAL. For more information about importing key material into KMS, see\n Importing Key\n Material in the Key Management Service Developer Guide. This value is valid only for symmetric KMS keys.

                                                                                                \n

                                                                                                To create a KMS key in an KMS custom key store and create its key material in the associated\n CloudHSM cluster, set this value to AWS_CLOUDHSM. You must also use the\n CustomKeyStoreId parameter to identify the custom key store. This value is\n valid only for symmetric KMS keys.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The source of the key material for the KMS key. You cannot change the origin after you\n create the KMS key. The default is AWS_KMS, which means that KMS creates the\n key material.

                                                                                                \n

                                                                                                To create a KMS key with no key material (for imported key material), set the value to\n EXTERNAL. For more information about importing key material into KMS, see\n Importing Key\n Material in the Key Management Service Developer Guide. This value is valid only for symmetric KMS\n keys.

                                                                                                \n

                                                                                                To create a KMS key in an KMS custom key store and create its key material in the\n associated CloudHSM cluster, set this value to AWS_CLOUDHSM. You must also use the\n CustomKeyStoreId parameter to identify the custom key store. This value is\n valid only for symmetric KMS keys.

                                                                                                " } }, "CustomKeyStoreId": { "target": "com.amazonaws.kms#CustomKeyStoreIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Creates the KMS key in the specified custom key store and the key material in its associated\n CloudHSM cluster. To create a KMS key in a custom key store, you must also specify the\n Origin parameter with a value of AWS_CLOUDHSM. The CloudHSM cluster\n that is associated with the custom key store must have at least two active HSMs, each in a\n different Availability Zone in the Region.

                                                                                                \n

                                                                                                This parameter is valid only for symmetric KMS keys and regional KMS keys. You cannot create an\n asymmetric KMS key or a multi-Region key in a custom key store.

                                                                                                \n

                                                                                                To find the ID of a custom key store, use the DescribeCustomKeyStores operation.

                                                                                                \n

                                                                                                The response includes the custom key store ID and the ID of the CloudHSM cluster.

                                                                                                \n

                                                                                                This operation is part of the Custom Key Store feature feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nsingle-tenant key store.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Creates the KMS key in the specified custom key store and the key material in its\n associated CloudHSM cluster. To create a KMS key in a custom key store, you must also specify the\n Origin parameter with a value of AWS_CLOUDHSM. The CloudHSM cluster\n that is associated with the custom key store must have at least two active HSMs, each in a\n different Availability Zone in the Region.

                                                                                                \n

                                                                                                This parameter is valid only for symmetric KMS keys and regional KMS keys. You cannot\n create an asymmetric KMS key or a multi-Region key in a custom key store.

                                                                                                \n

                                                                                                To find the ID of a custom key store, use the DescribeCustomKeyStores operation.

                                                                                                \n

                                                                                                The response includes the custom key store ID and the ID of the CloudHSM cluster.

                                                                                                \n

                                                                                                This operation is part of the Custom Key Store feature feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nsingle-tenant key store.

                                                                                                " } }, "BypassPolicyLockoutSafetyCheck": { "target": "com.amazonaws.kms#BooleanType", "traits": { - "smithy.api#documentation": "

                                                                                                A flag to indicate whether to bypass the key policy lockout safety check.

                                                                                                \n \n

                                                                                                Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not\n set this value to true indiscriminately.

                                                                                                \n

                                                                                                For more information, refer to the scenario in the Default Key Policy section in the \n Key Management Service Developer Guide\n .

                                                                                                \n                                                                                                 \n

                                                                                                Use this parameter only when you include a policy in the request and you intend to prevent\n the principal that is making the request from making a subsequent PutKeyPolicy request on the KMS key.

                                                                                                \n

                                                                                                The default value is false.

                                                                                                " + "smithy.api#documentation": "

                                                                                                A flag to indicate whether to bypass the key policy lockout safety check.

                                                                                                \n \n

                                                                                                Setting this value to true increases the risk that the KMS key becomes unmanageable. Do\n not set this value to true indiscriminately.

                                                                                                \n

                                                                                                For more information, refer to the scenario in the Default Key Policy section in the \n Key Management Service Developer Guide\n .

                                                                                                \n                                                                                                 \n

                                                                                                Use this parameter only when you include a policy in the request and you intend to prevent\n the principal that is making the request from making a subsequent PutKeyPolicy request on the KMS key.

                                                                                                \n

                                                                                                The default value is false.

                                                                                                " } }, "Tags": { "target": "com.amazonaws.kms#TagList", "traits": { - "smithy.api#documentation": "

                                                                                                Assigns one or more tags to the KMS key. Use this parameter to tag the KMS key when it is created.\n To tag an existing KMS key, use the TagResource operation.

                                                                                                \n \n

                                                                                                Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                                                                \n                                                                                                 \n

                                                                                                To use this parameter, you must have kms:TagResource permission in an IAM policy.

                                                                                                \n

                                                                                                Each tag consists of a tag key and a tag value. Both the tag key and the tag value are\n required, but the tag value can be an empty (null) string. You cannot have more than one tag\n on a KMS key with the same tag key. If you specify an existing tag key with a different tag value,\n KMS replaces the current tag value with the specified one.

                                                                                                \n

                                                                                                When you add tags to an Amazon Web Services resource, Amazon Web Services generates a cost allocation\n report with usage and costs aggregated by tags. Tags can also be used to control access to a KMS key. For details,\n see Tagging Keys.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Assigns one or more tags to the KMS key. Use this parameter to tag the KMS key when it is\n created. To tag an existing KMS key, use the TagResource operation.

                                                                                                \n \n

                                                                                                Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                                                                \n                                                                                                 \n

                                                                                                To use this parameter, you must have kms:TagResource permission in an IAM policy.

                                                                                                \n

                                                                                                Each tag consists of a tag key and a tag value. Both the tag key and the tag value are\n required, but the tag value can be an empty (null) string. You cannot have more than one tag\n on a KMS key with the same tag key. If you specify an existing tag key with a different tag\n value, KMS replaces the current tag value with the specified one.

                                                                                                \n

                                                                                                When you add tags to an Amazon Web Services resource, Amazon Web Services generates a cost allocation\n report with usage and costs aggregated by tags. Tags can also be used to control access to a KMS key. For details,\n see Tagging Keys.

                                                                                                " } }, "MultiRegion": { "target": "com.amazonaws.kms#NullableBooleanType", "traits": { - "smithy.api#documentation": "

                                                                                                Creates a multi-Region primary key that you can replicate into other Amazon Web Services Regions. You\n cannot change this value after you create the KMS key.

                                                                                                \n

                                                                                                For a multi-Region key, set this parameter to True. For a single-Region KMS key,\n omit this parameter or set it to False. The default value is\n False.

                                                                                                \n

                                                                                                This operation supports multi-Region keys, an KMS feature that lets you create multiple\n interoperable KMS keys in different Amazon Web Services Regions. Because these KMS keys have the same key ID, key\n material, and other metadata, you can use them interchangeably to encrypt data in one Amazon Web Services Region and decrypt\n it in a different Amazon Web Services Region without re-encrypting the data or making a cross-Region call. For more information about multi-Region keys, see Using multi-Region keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                This value creates a primary key, not a replica. To create a\n replica key, use the ReplicateKey operation.

                                                                                                \n

                                                                                                You can create a symmetric or asymmetric multi-Region key, and you can create a\n multi-Region key with imported key material. However, you cannot create a multi-Region key in\n a custom key store.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Creates a multi-Region primary key that you can replicate into other Amazon Web Services Regions. You\n cannot change this value after you create the KMS key.

                                                                                                \n

                                                                                                For a multi-Region key, set this parameter to True. For a single-Region KMS\n key, omit this parameter or set it to False. The default value is\n False.

                                                                                                \n

                                                                                                This operation supports multi-Region keys, an KMS feature that lets you create multiple\n interoperable KMS keys in different Amazon Web Services Regions. Because these KMS keys have the same key ID, key\n material, and other metadata, you can use them interchangeably to encrypt data in one Amazon Web Services Region and decrypt\n it in a different Amazon Web Services Region without re-encrypting the data or making a cross-Region call. For more information about multi-Region keys, see Using multi-Region keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                This value creates a primary key, not a replica. To create a\n replica key, use the ReplicateKey operation.

                                                                                                \n

                                                                                                You can create a symmetric or asymmetric multi-Region key, and you can create a\n multi-Region key with imported key material. However, you cannot create a multi-Region key in\n a custom key store.

                                                                                                " } } } @@ -774,7 +774,7 @@ "code": "CustomKeyStoreHasCMKsException", "httpResponseCode": 400 }, - "smithy.api#documentation": "

                                                                                                The request was rejected because the custom key store contains KMS keys. After verifying that you do not need to use the KMS keys, use the ScheduleKeyDeletion operation to delete the KMS keys. After they are deleted, you\n can delete the custom key store.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The request was rejected because the custom key store contains KMS keys. After verifying\n that you do not need to use the KMS keys, use the ScheduleKeyDeletion\n operation to delete the KMS keys. After they are deleted, you can delete the custom key\n store.

                                                                                                ", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -884,7 +884,7 @@ "ConnectionState": { "target": "com.amazonaws.kms#ConnectionStateType", "traits": { - "smithy.api#documentation": "

                                                                                                Indicates whether the custom key store is connected to its CloudHSM cluster.

                                                                                                \n

                                                                                                You can create and use KMS keys in your custom key stores only when its connection state is\n CONNECTED.

                                                                                                \n

                                                                                                The value is DISCONNECTED if the key store has never been connected or you\n use the DisconnectCustomKeyStore operation to disconnect it. If the value is\n CONNECTED but you are having trouble using the custom key store, make sure that\n its associated CloudHSM cluster is active and contains at least one active HSM.

                                                                                                \n

                                                                                                A value of FAILED indicates that an attempt to connect was unsuccessful. The\n ConnectionErrorCode field in the response indicates the cause of the failure.\n For help resolving a connection failure, see Troubleshooting a Custom Key Store in the\n Key Management Service Developer Guide.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Indicates whether the custom key store is connected to its CloudHSM cluster.

                                                                                                \n

                                                                                                You can create and use KMS keys in your custom key stores only when its connection state\n is CONNECTED.

                                                                                                \n

                                                                                                The value is DISCONNECTED if the key store has never been connected or you\n use the DisconnectCustomKeyStore operation to disconnect it. If the value is\n CONNECTED but you are having trouble using the custom key store, make sure that\n its associated CloudHSM cluster is active and contains at least one active HSM.

                                                                                                \n

                                                                                                A value of FAILED indicates that an attempt to connect was unsuccessful. The\n ConnectionErrorCode field in the response indicates the cause of the failure.\n For help resolving a connection failure, see Troubleshooting a Custom Key Store in the\n Key Management Service Developer Guide.

                                                                                                " } }, "ConnectionErrorCode": { @@ -1040,7 +1040,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Decrypts ciphertext that was encrypted by a KMS key using any of\n the following operations:

                                                                                                \n \n

                                                                                                You can use this operation to decrypt ciphertext that was encrypted under a symmetric or\n asymmetric KMS key. When the KMS key is asymmetric, you must specify the KMS key and the encryption\n algorithm that was used to encrypt the ciphertext. For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The Decrypt operation also decrypts ciphertext that was encrypted outside of KMS by the\n public key in an KMS asymmetric KMS key. However, it cannot decrypt ciphertext produced by other\n libraries, such as the Amazon Web Services Encryption\n SDK or Amazon S3 client-side encryption. These libraries return a ciphertext format that\n is incompatible with KMS.

                                                                                                \n

                                                                                                If the ciphertext was encrypted under a symmetric KMS key, the KeyId parameter is\n optional. KMS can get this information from metadata that it adds to the symmetric\n ciphertext blob. This feature adds durability to your implementation by ensuring that\n authorized users can decrypt ciphertext decades after it was encrypted, even if they've lost\n track of the key ID. However, specifying the KMS key is always recommended as a best practice.\n When you use the KeyId parameter to specify a KMS key, KMS only uses the KMS key you\n specify. If the ciphertext was encrypted under a different KMS key, the Decrypt\n operation fails. This practice ensures that you use the KMS key that you intend.

                                                                                                \n

                                                                                                Whenever possible, use key policies to give users permission to call the\n Decrypt operation on a particular KMS key, instead of using IAM policies.\n Otherwise, you might create an IAM user policy that gives the user Decrypt\n permission on all KMS keys. This user could decrypt ciphertext that was encrypted by KMS keys in other\n accounts if the key policy for the cross-account KMS key permits it. If you must use an IAM policy\n for Decrypt permissions, limit the user to particular KMS keys or particular trusted\n accounts. For details, see Best practices for IAM policies in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                Applications in Amazon Web Services Nitro Enclaves can call this operation by using the Amazon Web Services Nitro Enclaves Development Kit. For information about the supporting parameters, see How Amazon Web Services Nitro Enclaves use KMS in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:Decrypt (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Decrypts ciphertext that was encrypted by a KMS key using any of the following\n operations:

                                                                                                \n \n

                                                                                                You can use this operation to decrypt ciphertext that was encrypted under a symmetric or\n asymmetric KMS key. When the KMS key is asymmetric, you must specify the KMS key and the\n encryption algorithm that was used to encrypt the ciphertext. For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The Decrypt operation also decrypts ciphertext that was encrypted outside of KMS by the\n public key in an KMS asymmetric KMS key. However, it cannot decrypt ciphertext produced by\n other libraries, such as the Amazon Web Services\n Encryption SDK or Amazon S3 client-side encryption.\n These libraries return a ciphertext format that is incompatible with KMS.

                                                                                                \n

                                                                                                If the ciphertext was encrypted under a symmetric KMS key, the KeyId\n parameter is optional. KMS can get this information from metadata that it adds to the\n symmetric ciphertext blob. This feature adds durability to your implementation by ensuring\n that authorized users can decrypt ciphertext decades after it was encrypted, even if they've\n lost track of the key ID. However, specifying the KMS key is always recommended as a best\n practice. When you use the KeyId parameter to specify a KMS key, KMS only uses\n the KMS key you specify. If the ciphertext was encrypted under a different KMS key, the\n Decrypt operation fails. This practice ensures that you use the KMS key that\n you intend.

                                                                                                \n

                                                                                                Whenever possible, use key policies to give users permission to call the\n Decrypt operation on a particular KMS key, instead of using IAM policies.\n Otherwise, you might create an IAM user policy that gives the user Decrypt\n permission on all KMS keys. This user could decrypt ciphertext that was encrypted by KMS keys\n in other accounts if the key policy for the cross-account KMS key permits it. If you must use\n an IAM policy for Decrypt permissions, limit the user to particular KMS keys or\n particular trusted accounts. For details, see Best practices for IAM\n policies in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                Applications in Amazon Web Services Nitro Enclaves can call this operation by using the Amazon Web Services Nitro Enclaves Development Kit. For information about the supporting parameters, see How Amazon Web Services Nitro Enclaves use KMS in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account\n use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:Decrypt (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#DecryptRequest": { @@ -1068,13 +1068,13 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies the KMS key that KMS uses to decrypt the ciphertext. Enter a\n key ID of the KMS key that was used to encrypt the ciphertext.

                                                                                                \n\n

                                                                                                This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key.\n If you used a symmetric KMS key, KMS can get the KMS key from metadata that it adds to the\n symmetric ciphertext blob. However, it is always recommended as a best practice. This practice\n ensures that you use the KMS key that you intend.

                                                                                                \n \n

                                                                                                To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias name: alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Specifies the KMS key that KMS uses to decrypt the ciphertext. Enter a key ID of the KMS\n key that was used to encrypt the ciphertext.

                                                                                                \n\n

                                                                                                This parameter is required only when the ciphertext was encrypted under an asymmetric KMS\n key. If you used a symmetric KMS key, KMS can get the KMS key from metadata that it adds to\n the symmetric ciphertext blob. However, it is always recommended as a best practice. This\n practice ensures that you use the KMS key that you intend.

                                                                                                \n \n

                                                                                                To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias name: alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

                                                                                                " } }, "EncryptionAlgorithm": { "target": "com.amazonaws.kms#EncryptionAlgorithmSpec", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies the encryption algorithm that will be used to decrypt the ciphertext. Specify\n the same algorithm that was used to encrypt the data. If you specify a different algorithm,\n the Decrypt operation fails.

                                                                                                \n

                                                                                                This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key.\n The default value, SYMMETRIC_DEFAULT, represents the only supported algorithm\n that is valid for symmetric KMS keys.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Specifies the encryption algorithm that will be used to decrypt the ciphertext. Specify\n the same algorithm that was used to encrypt the data. If you specify a different algorithm,\n the Decrypt operation fails.

                                                                                                \n

                                                                                                This parameter is required only when the ciphertext was encrypted under an asymmetric KMS\n key. The default value, SYMMETRIC_DEFAULT, represents the only supported\n algorithm that is valid for symmetric KMS keys.

                                                                                                " } } } @@ -1122,7 +1122,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Deletes the specified alias.

                                                                                                \n \n

                                                                                                Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                                                                \n                                                                                                 \n

                                                                                                Because an alias is not a property of a KMS key, you can delete and change the aliases of a KMS key without affecting the KMS key. Also, aliases do not appear in the response from the DescribeKey operation. To get the aliases of all KMS keys, use the ListAliases operation.

                                                                                                \n

                                                                                                Each KMS key can have multiple aliases. To change the alias of a KMS key, use DeleteAlias to delete the current alias and CreateAlias to\n create a new alias. To associate an existing alias with a different KMS key,\n call UpdateAlias.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on an alias in a different Amazon Web Services account.

                                                                                                \n

                                                                                                \n Required permissions\n

                                                                                                \n \n

                                                                                                For details, see Controlling access to aliases in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Deletes the specified alias.

                                                                                                \n \n

                                                                                                Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                                                                \n                                                                                                 \n

                                                                                                Because an alias is not a property of a KMS key, you can delete and change the aliases of\n a KMS key without affecting the KMS key. Also, aliases do not appear in the response from the\n DescribeKey operation. To get the aliases of all KMS keys, use the ListAliases operation.

                                                                                                \n

                                                                                                Each KMS key can have multiple aliases. To change the alias of a KMS key, use DeleteAlias to delete the current alias and CreateAlias to\n create a new alias. To associate an existing alias with a different KMS key, call UpdateAlias.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on an alias in a different Amazon Web Services account.

                                                                                                \n

                                                                                                \n Required permissions\n

                                                                                                \n \n

                                                                                                For details, see Controlling access to aliases in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#DeleteAliasRequest": { @@ -1160,7 +1160,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Deletes a custom key store. This operation does not delete the CloudHSM cluster that is\n associated with the custom key store, or affect any users or keys in the cluster.

                                                                                                \n

                                                                                                The custom key store that you delete cannot contain any KMS KMS keys. Before\n deleting the key store, verify that you will never need to use any of the KMS keys in the key\n store for any cryptographic operations. Then, use ScheduleKeyDeletion to delete the\n KMS keys from the key store. When the scheduled waiting period\n expires, the ScheduleKeyDeletion operation deletes the KMS keys. Then it makes a best\n effort to delete the key material from the associated cluster. However, you might need to\n manually delete the orphaned key\n material from the cluster and its backups.

                                                                                                \n

                                                                                                After all KMS keys are deleted from KMS, use DisconnectCustomKeyStore to\n disconnect the key store from KMS. Then, you can delete the custom key store.

                                                                                                \n

                                                                                                Instead of deleting the custom key store, consider using DisconnectCustomKeyStore to disconnect it from KMS. While the key store is\n disconnected, you cannot create or use the KMS keys in the key store. But, you do not need to\n delete KMS keys and you can reconnect a disconnected custom key store at any time.

                                                                                                \n

                                                                                                If the operation succeeds, it returns a JSON object with no\nproperties.

                                                                                                \n

                                                                                                This operation is part of the Custom Key Store feature feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nsingle-tenant key store.

                                                                                                \n\n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:DeleteCustomKeyStore (IAM policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Deletes a custom key store. This operation does not delete the CloudHSM cluster that is\n associated with the custom key store, or affect any users or keys in the cluster.

                                                                                                \n

                                                                                                The custom key store that you delete cannot contain any KMS KMS keys. Before deleting the key store,\n verify that you will never need to use any of the KMS keys in the key store for any\n cryptographic operations. Then, use ScheduleKeyDeletion to delete the KMS keys from the\n key store. When the scheduled waiting period expires, the ScheduleKeyDeletion\n operation deletes the KMS keys. Then it makes a best effort to delete the key material from\n the associated cluster. However, you might need to manually delete the orphaned key\n material from the cluster and its backups.

                                                                                                \n

                                                                                                After all KMS keys are deleted from KMS, use DisconnectCustomKeyStore\n to disconnect the key store from KMS. Then, you can delete the custom key store.

                                                                                                \n

                                                                                                Instead of deleting the custom key store, consider using DisconnectCustomKeyStore to disconnect it from KMS. While the key store is\n disconnected, you cannot create or use the KMS keys in the key store. But, you do not need to\n delete KMS keys and you can reconnect a disconnected custom key store at any time.

                                                                                                \n

                                                                                                If the operation succeeds, it returns a JSON object with no\nproperties.

                                                                                                \n

                                                                                                This operation is part of the Custom Key Store feature feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nsingle-tenant key store.

                                                                                                \n

                                                                                                \n Cross-account use: No.\n You cannot perform this operation on a custom key store in a different Amazon Web Services account.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:DeleteCustomKeyStore (IAM policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#DeleteCustomKeyStoreRequest": { @@ -1205,7 +1205,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Deletes key material that you previously imported. This operation makes the specified\n KMS key unusable. For more information about importing key material into\n KMS, see Importing Key\n Material in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                When the specified KMS key is in the PendingDeletion state, this operation does\n not change the KMS key's state. Otherwise, it changes the KMS key's state to\n PendingImport.

                                                                                                \n

                                                                                                After you delete key material, you can use ImportKeyMaterial to reimport\n the same key material into the KMS key.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:DeleteImportedKeyMaterial (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Deletes key material that you previously imported. This operation makes the specified KMS\n key unusable. For more information about importing key material into KMS, see Importing Key Material\n in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                When the specified KMS key is in the PendingDeletion state, this operation\n does not change the KMS key's state. Otherwise, it changes the KMS key's state to\n PendingImport.

                                                                                                \n

                                                                                                After you delete key material, you can use ImportKeyMaterial to reimport\n the same key material into the KMS key.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:DeleteImportedKeyMaterial (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#DeleteImportedKeyMaterialRequest": { @@ -1214,7 +1214,7 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Identifies the KMS key from which you are deleting imported key material. The\n Origin of the KMS key must be EXTERNAL.

                                                                                                \n

                                                                                                Specify the key ID or key ARN of the KMS key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Identifies the KMS key from which you are deleting imported key material. The\n Origin of the KMS key must be EXTERNAL.

                                                                                                \n \n

                                                                                                Specify the key ID or key ARN of the KMS key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", "smithy.api#required": {} } } @@ -1257,7 +1257,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Gets information about custom key stores in the account and Region.

                                                                                                \n

                                                                                                This operation is part of the Custom Key Store feature feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nsingle-tenant key store.

                                                                                                \n

                                                                                                By default, this operation returns information about all custom key stores in the account and\n Region. To get only information about a particular custom key store, use either the\n CustomKeyStoreName or CustomKeyStoreId parameter (but not\n both).

                                                                                                \n

                                                                                                To determine whether the custom key store is connected to its CloudHSM cluster, use the\n ConnectionState element in the response. If an attempt to connect the custom\n key store failed, the ConnectionState value is FAILED and the\n ConnectionErrorCode element in the response indicates the cause of the failure.\n For help interpreting the ConnectionErrorCode, see CustomKeyStoresListEntry.

                                                                                                \n

                                                                                                Custom key stores have a DISCONNECTED connection state if the key store has\n never been connected or you use the DisconnectCustomKeyStore operation to\n disconnect it. If your custom key store state is CONNECTED but you are having\n trouble using it, make sure that its associated CloudHSM cluster is active and contains the\n minimum number of HSMs required for the operation, if any.

                                                                                                \n

                                                                                                For help repairing your custom key store, see the Troubleshooting Custom Key Stores topic in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.

                                                                                                \n

                                                                                                \n Required permissions: kms:DescribeCustomKeyStores (IAM policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Gets information about custom key stores in the account and Region.

                                                                                                \n

                                                                                                This operation is part of the Custom Key Store feature feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nsingle-tenant key store.

                                                                                                \n

                                                                                                By default, this operation returns information about all custom key\n stores in the account and Region. To get only information about a particular custom key store,\n use either the CustomKeyStoreName or CustomKeyStoreId parameter (but\n not both).

                                                                                                \n

                                                                                                To determine whether the custom key store is connected to its CloudHSM cluster, use the\n ConnectionState element in the response. If an attempt to connect the custom\n key store failed, the ConnectionState value is FAILED and the\n ConnectionErrorCode element in the response indicates the cause of the failure.\n For help interpreting the ConnectionErrorCode, see CustomKeyStoresListEntry.

                                                                                                \n

                                                                                                Custom key stores have a DISCONNECTED connection state if the key store has\n never been connected or you use the DisconnectCustomKeyStore operation to\n disconnect it. If your custom key store state is CONNECTED but you are having\n trouble using it, make sure that its associated CloudHSM cluster is active and contains the\n minimum number of HSMs required for the operation, if any.

                                                                                                \n

                                                                                                For help repairing your custom key store, see the Troubleshooting Custom Key Stores topic in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.

                                                                                                \n

                                                                                                \n Required permissions: kms:DescribeCustomKeyStores (IAM policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#DescribeCustomKeyStoresRequest": { @@ -1335,7 +1335,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Provides detailed information about a KMS key. You can run\n DescribeKey on a customer managed key or an Amazon Web Services managed key.

                                                                                                \n

                                                                                                This detailed information includes the key ARN, creation date (and deletion date, if\n applicable), the key state, and the origin and expiration date (if any) of the key material.\n It includes fields, like KeySpec, that help you distinguish symmetric from\n asymmetric KMS keys. It also provides information that is particularly important to asymmetric\n keys, such as the key usage (encryption or signing) and the encryption algorithms or signing\n algorithms that the KMS key supports. For KMS keys in custom key stores, it includes information about\n the custom key store, such as the key store ID and the CloudHSM cluster ID. For multi-Region\n keys, it displays the primary key and all related replica keys.

                                                                                                \n

                                                                                                \n DescribeKey does not return the following information:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Aliases associated with the KMS key. To get this information, use ListAliases.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Whether automatic key rotation is enabled on the KMS key. To get this information, use\n GetKeyRotationStatus. Also, some key states prevent a KMS key from being\n automatically rotated. For details, see How Automatic Key Rotation\n Works in Key Management Service Developer Guide.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Tags on the KMS key. To get this information, use ListResourceTags.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key policies and grants on the KMS key. To get this information, use GetKeyPolicy and ListGrants.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                If you call the DescribeKey operation on a predefined Amazon Web Services alias, that is, an Amazon Web Services alias with no key ID, KMS creates an Amazon Web Services managed key.\n Then, it associates the alias with the new KMS key, and returns the KeyId and\n Arn of the new KMS key in the response.

                                                                                                \n

                                                                                                \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:DescribeKey (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Provides detailed information about a KMS key. You can run DescribeKey on a\n customer managed\n key or an Amazon Web Services managed key.

                                                                                                \n

                                                                                                This detailed information includes the key ARN, creation date (and deletion date, if\n applicable), the key state, and the origin and expiration date (if any) of the key material.\n It includes fields, like KeySpec, that help you distinguish symmetric from\n asymmetric KMS keys. It also provides information that is particularly important to asymmetric\n keys, such as the key usage (encryption or signing) and the encryption algorithms or signing\n algorithms that the KMS key supports. For KMS keys in custom key stores, it includes\n information about the custom key store, such as the key store ID and the CloudHSM cluster ID. For\n multi-Region keys, it displays the primary key and all related replica keys.

                                                                                                \n

                                                                                                \n DescribeKey does not return the following information:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Aliases associated with the KMS key. To get this information, use ListAliases.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Whether automatic key rotation is enabled on the KMS key. To get this information, use\n GetKeyRotationStatus. Also, some key states prevent a KMS key from\n being automatically rotated. For details, see How Automatic Key Rotation\n Works in Key Management Service Developer Guide.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Tags on the KMS key. To get this information, use ListResourceTags.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key policies and grants on the KMS key. To get this information, use GetKeyPolicy and ListGrants.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                If you call the DescribeKey operation on a predefined Amazon Web Services\n alias, that is, an Amazon Web Services alias with no key ID, KMS creates an Amazon Web Services managed\n key. Then, it associates the alias with the new KMS key, and returns the\n KeyId and Arn of the new KMS key in the response.

                                                                                                \n

                                                                                                \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:DescribeKey (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#DescribeKeyRequest": { @@ -1344,7 +1344,7 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Describes the specified KMS key.

                                                                                                \n

                                                                                                If you specify a predefined Amazon Web Services alias (an Amazon Web Services alias with no key ID), KMS associates the\n alias with an Amazon Web Services managed key and returns its KeyId and Arn in the\n response.

                                                                                                \n

                                                                                                To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias name: alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Describes the specified KMS key.

                                                                                                \n

                                                                                                If you specify a predefined Amazon Web Services alias (an Amazon Web Services alias with no key ID), KMS associates\n the alias with an Amazon Web Services managed key and returns its\n KeyId and Arn in the response.

                                                                                                \n \n

                                                                                                To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias name: alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

                                                                                                ", "smithy.api#required": {} } }, @@ -1399,7 +1399,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Sets the state of a KMS key to disabled. This change temporarily\n prevents use of the KMS key for cryptographic operations.

                                                                                                \n

                                                                                                For more information about how key state affects the use of a KMS key, see Key state: Effect on your KMS key in the \n Key Management Service Developer Guide\n .

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:DisableKey (key policy)

                                                                                                \n

                                                                                                \n Related operations: EnableKey\n

                                                                                                " + "smithy.api#documentation": "

                                                                                                Sets the state of a KMS key to disabled. This change temporarily prevents use of the KMS\n key for cryptographic operations.

                                                                                                \n

                                                                                                For more information about how key state affects the use of a KMS key, see Key state: Effect on your KMS\n key in the \n Key Management Service Developer Guide\n .

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:DisableKey (key policy)

                                                                                                \n

                                                                                                \n Related operations: EnableKey\n

                                                                                                " } }, "com.amazonaws.kms#DisableKeyRequest": { @@ -1443,7 +1443,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Disables automatic\n rotation of the key material for the specified symmetric KMS key.

                                                                                                \n

                                                                                                You cannot enable automatic rotation of asymmetric KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:DisableKeyRotation (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Disables automatic\n rotation of the key material for the specified symmetric KMS key.

                                                                                                \n

                                                                                                You cannot enable automatic rotation of asymmetric KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account\n use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:DisableKeyRotation (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#DisableKeyRotationRequest": { @@ -1452,7 +1452,7 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Identifies a symmetric KMS key. You cannot enable or disable automatic\n rotation of asymmetric KMS keys, KMS keys\n with imported key\n material, or KMS keys in a custom key store.

                                                                                                \n

                                                                                                Specify the key ID or key ARN of the KMS key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Identifies a symmetric KMS key. You cannot enable or disable automatic rotation of asymmetric\n KMS keys, KMS keys with imported key material, or KMS keys in a\n custom key store.

                                                                                                \n

                                                                                                Specify the key ID or key ARN of the KMS key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", "smithy.api#required": {} } } @@ -1495,7 +1495,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Disconnects the custom key store from its associated CloudHSM cluster. While a custom key\n store is disconnected, you can manage the custom key store and its KMS keys, but you cannot create or use KMS keys in the custom key store. You can reconnect the\n custom key store at any time.

                                                                                                \n \n

                                                                                                While a custom key store is disconnected, all attempts to create KMS keys in the custom key store or to use existing KMS keys in cryptographic operations will\n fail. This action can prevent users from storing and accessing sensitive data.

                                                                                                \n                                                                                                 \n

                                                                                                \n

                                                                                                To find the connection state of a custom key store, use the DescribeCustomKeyStores operation. To reconnect a custom key store, use the\n ConnectCustomKeyStore operation.

                                                                                                \n

                                                                                                If the operation succeeds, it returns a JSON object with no\nproperties.

                                                                                                \n

                                                                                                This operation is part of the Custom Key Store feature feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nsingle-tenant key store.

                                                                                                \n\n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:DisconnectCustomKeyStore (IAM policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Disconnects the custom key store from its associated CloudHSM cluster. While a custom key\n store is disconnected, you can manage the custom key store and its KMS keys, but you cannot\n create or use KMS keys in the custom key store. You can reconnect the custom key store at any\n time.

                                                                                                \n \n

                                                                                                While a custom key store is disconnected, all attempts to create KMS keys in the custom key store or to use existing KMS keys in cryptographic operations will\n fail. This action can prevent users from storing and accessing sensitive data.

                                                                                                \n                                                                                                 \n

                                                                                                \n

                                                                                                To find the connection state of a custom key store, use the DescribeCustomKeyStores operation. To reconnect a custom key store, use the\n ConnectCustomKeyStore operation.

                                                                                                \n

                                                                                                If the operation succeeds, it returns a JSON object with no\nproperties.

                                                                                                \n

                                                                                                This operation is part of the Custom Key Store feature feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nsingle-tenant key store.

                                                                                                \n\n

                                                                                                \n Cross-account use: No.\n You cannot perform this operation on a custom key store in a different Amazon Web Services account.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:DisconnectCustomKeyStore (IAM policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#DisconnectCustomKeyStoreRequest": { @@ -1540,7 +1540,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Sets the key state of a KMS key to enabled. This allows you to use the KMS key for cryptographic operations.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:EnableKey (key policy)

                                                                                                \n

                                                                                                \n Related operations: DisableKey\n

                                                                                                " + "smithy.api#documentation": "

                                                                                                Sets the key state of a KMS key to enabled. This allows you to use the KMS key for\n cryptographic operations.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account\n use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:EnableKey (key policy)

                                                                                                \n

                                                                                                \n Related operations: DisableKey\n

                                                                                                " } }, "com.amazonaws.kms#EnableKeyRequest": { @@ -1584,7 +1584,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Enables automatic rotation\n of the key material for the specified symmetric KMS key.

                                                                                                \n

                                                                                                You cannot enable automatic rotation of asymmetric KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:EnableKeyRotation (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Enables automatic rotation\n of the key material for the specified symmetric KMS key.

                                                                                                \n

                                                                                                You cannot enable automatic rotation of asymmetric KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account\n use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:EnableKeyRotation (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#EnableKeyRotationRequest": { @@ -1593,7 +1593,7 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Identifies a symmetric KMS key. You cannot enable automatic rotation of asymmetric KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key.

                                                                                                \n \n

                                                                                                Specify the key ID or key ARN of the KMS key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Identifies a symmetric KMS key. You cannot enable automatic rotation of asymmetric KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key.

                                                                                                \n

                                                                                                Specify the key ID or key ARN of the KMS key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", "smithy.api#required": {} } } @@ -1634,7 +1634,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Encrypts plaintext into ciphertext by using a KMS key. The\n Encrypt operation has two primary use cases:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  You can encrypt small amounts of arbitrary data, such as a personal identifier or\n database password, or other sensitive information.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  You can use the Encrypt operation to move encrypted data from one Amazon Web Services Region to another. For example, in Region A, generate a data key and use the plaintext key to encrypt\n your data. Then, in Region A, use the Encrypt operation to encrypt the\n plaintext data key under a KMS key in Region B. Now, you can move the encrypted data and the\n encrypted data key to Region B. When necessary, you can decrypt the encrypted data key and\n the encrypted data entirely within in Region B.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n\n

                                                                                                You don't need to use the Encrypt operation to encrypt a data key. The GenerateDataKey and GenerateDataKeyPair operations return a\n plaintext data key and an encrypted copy of that data key.

                                                                                                \n\n

                                                                                                When you encrypt data, you must specify a symmetric or asymmetric KMS key to use in the\n encryption operation. The KMS key must have a KeyUsage value of\n ENCRYPT_DECRYPT. To find the KeyUsage of a KMS key, use the DescribeKey operation.

                                                                                                \n\n

                                                                                                If you use a symmetric KMS key, you can use an encryption context to add additional security\n to your encryption operation. If you specify an EncryptionContext when encrypting\n data, you must specify the same encryption context (a case-sensitive exact match) when\n decrypting the data. Otherwise, the request to decrypt fails with an\n InvalidCiphertextException. For more information, see Encryption\n Context in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                If you specify an asymmetric KMS key, you must also specify the encryption algorithm. The\n algorithm must be compatible with the KMS key type.

                                                                                                \n \n

                                                                                                When you use an asymmetric KMS key to encrypt or reencrypt data, be sure to record the KMS key and encryption algorithm that you choose. You will be required to provide the same KMS key and encryption algorithm when you decrypt the data. If the KMS key and algorithm do not match the values used to encrypt the data, the decrypt operation fails.

                                                                                                \n

                                                                                                You are not required to supply the key ID and encryption algorithm when you decrypt with symmetric KMS keys because KMS stores this information in the ciphertext blob. KMS cannot store metadata in ciphertext generated with asymmetric keys. The standard format for asymmetric key ciphertext does not include configurable fields.

                                                                                                \n                                                                                                 \n\n\n

                                                                                                The maximum size of the data that you can encrypt varies with the type of KMS key and the\n encryption algorithm that you choose.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Symmetric KMS keys

                                                                                                  \n
                                                                                                    \n
                                                                                                  • \n

                                                                                                    \n SYMMETRIC_DEFAULT: 4096 bytes

                                                                                                    \n
                                                                                                    • \n
                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n RSA_2048\n

                                                                                                  \n
                                                                                                    \n
                                                                                                  • \n

                                                                                                    \n RSAES_OAEP_SHA_1: 214 bytes

                                                                                                    \n
                                                                                                    • \n
                                                                                                  • \n

                                                                                                    \n RSAES_OAEP_SHA_256: 190 bytes

                                                                                                    \n
                                                                                                    • \n
                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n RSA_3072\n

                                                                                                  \n
                                                                                                    \n
                                                                                                  • \n

                                                                                                    \n RSAES_OAEP_SHA_1: 342 bytes

                                                                                                    \n
                                                                                                    • \n
                                                                                                  • \n

                                                                                                    \n RSAES_OAEP_SHA_256: 318 bytes

                                                                                                    \n
                                                                                                    • \n
                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n RSA_4096\n

                                                                                                  \n
                                                                                                    \n
                                                                                                  • \n

                                                                                                    \n RSAES_OAEP_SHA_1: 470 bytes

                                                                                                    \n
                                                                                                    • \n
                                                                                                  • \n

                                                                                                    \n RSAES_OAEP_SHA_256: 446 bytes

                                                                                                    \n
                                                                                                    • \n
                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:Encrypt (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Encrypts plaintext into ciphertext by using a KMS key. The Encrypt operation\n has two primary use cases:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  You can encrypt small amounts of arbitrary data, such as a personal identifier or\n database password, or other sensitive information.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  You can use the Encrypt operation to move encrypted data from one Amazon Web Services\n Region to another. For example, in Region A, generate a data key and use the plaintext key\n to encrypt your data. Then, in Region A, use the Encrypt operation to encrypt\n the plaintext data key under a KMS key in Region B. Now, you can move the encrypted data\n and the encrypted data key to Region B. When necessary, you can decrypt the encrypted data\n key and the encrypted data entirely within in Region B.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n\n

                                                                                                You don't need to use the Encrypt operation to encrypt a data key. The GenerateDataKey and GenerateDataKeyPair operations return a\n plaintext data key and an encrypted copy of that data key.

                                                                                                \n\n

                                                                                                When you encrypt data, you must specify a symmetric or asymmetric KMS key to use in the\n encryption operation. The KMS key must have a KeyUsage value of\n ENCRYPT_DECRYPT. To find the KeyUsage of a KMS key, use the DescribeKey operation.

                                                                                                \n\n

                                                                                                If you use a symmetric KMS key, you can use an encryption context to add additional\n security to your encryption operation. If you specify an EncryptionContext when\n encrypting data, you must specify the same encryption context (a case-sensitive exact match)\n when decrypting the data. Otherwise, the request to decrypt fails with an\n InvalidCiphertextException. For more information, see Encryption\n Context in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                If you specify an asymmetric KMS key, you must also specify the encryption algorithm. The\n algorithm must be compatible with the KMS key type.

                                                                                                \n \n

                                                                                                When you use an asymmetric KMS key to encrypt or reencrypt data, be sure to record the KMS key and encryption algorithm that you choose. You will be required to provide the same KMS key and encryption algorithm when you decrypt the data. If the KMS key and algorithm do not match the values used to encrypt the data, the decrypt operation fails.

                                                                                                \n

                                                                                                You are not required to supply the key ID and encryption algorithm when you decrypt with symmetric KMS keys because KMS stores this information in the ciphertext blob. KMS cannot store metadata in ciphertext generated with asymmetric keys. The standard format for asymmetric key ciphertext does not include configurable fields.

                                                                                                \n                                                                                                 \n\n\n

                                                                                                The maximum size of the data that you can encrypt varies with the type of KMS key and the\n encryption algorithm that you choose.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Symmetric KMS keys

                                                                                                  \n
                                                                                                    \n
                                                                                                  • \n

                                                                                                    \n SYMMETRIC_DEFAULT: 4096 bytes

                                                                                                    \n
                                                                                                    • \n
                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n RSA_2048\n

                                                                                                  \n
                                                                                                    \n
                                                                                                  • \n

                                                                                                    \n RSAES_OAEP_SHA_1: 214 bytes

                                                                                                    \n
                                                                                                    • \n
                                                                                                  • \n

                                                                                                    \n RSAES_OAEP_SHA_256: 190 bytes

                                                                                                    \n
                                                                                                    • \n
                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n RSA_3072\n

                                                                                                  \n
                                                                                                    \n
                                                                                                  • \n

                                                                                                    \n RSAES_OAEP_SHA_1: 342 bytes

                                                                                                    \n
                                                                                                    • \n
                                                                                                  • \n

                                                                                                    \n RSAES_OAEP_SHA_256: 318 bytes

                                                                                                    \n
                                                                                                    • \n
                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n RSA_4096\n

                                                                                                  \n
                                                                                                    \n
                                                                                                  • \n

                                                                                                    \n RSAES_OAEP_SHA_1: 470 bytes

                                                                                                    \n
                                                                                                    • \n
                                                                                                  • \n

                                                                                                    \n RSAES_OAEP_SHA_256: 446 bytes

                                                                                                    \n
                                                                                                    • \n
                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: Yes.\n To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:Encrypt (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#EncryptRequest": { @@ -1643,7 +1643,7 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Identifies the KMS key to use in the encryption operation.

                                                                                                \n

                                                                                                To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias name: alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Identifies the KMS key to use in the encryption operation.

                                                                                                \n \n

                                                                                                To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias name: alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

                                                                                                ", "smithy.api#required": {} } }, @@ -1669,7 +1669,7 @@ "EncryptionAlgorithm": { "target": "com.amazonaws.kms#EncryptionAlgorithmSpec", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies the encryption algorithm that KMS will use to encrypt the plaintext message.\n The algorithm must be compatible with the KMS key that you specify.

                                                                                                \n

                                                                                                This parameter is required only for asymmetric KMS keys. The default value,\n SYMMETRIC_DEFAULT, is the algorithm used for symmetric KMS keys. If you are using\n an asymmetric KMS key, we recommend RSAES_OAEP_SHA_256.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Specifies the encryption algorithm that KMS will use to encrypt the plaintext message.\n The algorithm must be compatible with the KMS key that you specify.

                                                                                                \n

                                                                                                This parameter is required only for asymmetric KMS keys. The default value,\n SYMMETRIC_DEFAULT, is the algorithm used for symmetric KMS keys. If you are\n using an asymmetric KMS key, we recommend RSAES_OAEP_SHA_256.

                                                                                                " } } } @@ -1807,7 +1807,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Generates a unique symmetric data key for client-side encryption. This operation returns a\n plaintext copy of the data key and a copy that is encrypted under a KMS key\n that you specify. You can use the plaintext key to encrypt your data outside of KMS and\n store the encrypted data key with the encrypted data.

                                                                                                \n\n

                                                                                                \n GenerateDataKey returns a unique data key for each request. The bytes in the\n plaintext key are not related to the caller or the KMS key.

                                                                                                \n\n

                                                                                                To generate a data key, specify the symmetric KMS key that will be used to encrypt the data\n key. You cannot use an asymmetric KMS key to generate data keys. To get the type of your KMS key, use\n the DescribeKey operation. You must also specify the length of the data key.\n Use either the KeySpec or NumberOfBytes parameters (but not both).\n For 128-bit and 256-bit data keys, use the KeySpec parameter.

                                                                                                \n\n

                                                                                                To get only an encrypted copy of the data key, use GenerateDataKeyWithoutPlaintext. To generate an asymmetric data key pair, use\n the GenerateDataKeyPair or GenerateDataKeyPairWithoutPlaintext operation. To get a cryptographically secure\n random byte string, use GenerateRandom.

                                                                                                \n\n

                                                                                                You can use the optional encryption context to add additional security to the encryption\n operation. If you specify an EncryptionContext, you must specify the same\n encryption context (a case-sensitive exact match) when decrypting the encrypted data key.\n Otherwise, the request to decrypt fails with an InvalidCiphertextException. For more information, see Encryption Context in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                Applications in Amazon Web Services Nitro Enclaves can call this operation by using the Amazon Web Services Nitro Enclaves Development Kit. For information about the supporting parameters, see How Amazon Web Services Nitro Enclaves use KMS in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n How to use your data key\n

                                                                                                \n

                                                                                                We recommend that you use the following pattern to encrypt data locally in your application.\n You can write your own code or use a client-side encryption library, such as the Amazon Web Services Encryption SDK, the Amazon DynamoDB Encryption Client, or\n Amazon S3\n client-side encryption to do these tasks for you.

                                                                                                \n

                                                                                                To encrypt data outside of KMS:

                                                                                                \n
                                                                                                  \n
                                                                                                1. \n

                                                                                                  Use the GenerateDataKey operation to get a data key.

                                                                                                  \n
                                                                                                  2. \n
                                                                                                2. \n

                                                                                                  Use the plaintext data key (in the Plaintext field of the response) to\n encrypt your data outside of KMS. Then erase the plaintext data key from memory.

                                                                                                  \n
                                                                                                  3. \n
                                                                                                3. \n

                                                                                                  Store the encrypted data key (in the CiphertextBlob field of the\n response) with the encrypted data.

                                                                                                  \n
                                                                                                  4. \n
                                                                                                \n

                                                                                                To decrypt data outside of KMS:

                                                                                                \n
                                                                                                  \n
                                                                                                1. \n

                                                                                                  Use the Decrypt operation to decrypt the encrypted data key. The\n operation returns a plaintext copy of the data key.

                                                                                                  \n
                                                                                                  2. \n
                                                                                                2. \n

                                                                                                  Use the plaintext data key to decrypt data outside of KMS, then erase the plaintext\n data key from memory.

                                                                                                  \n
                                                                                                  3. \n
                                                                                                \n

                                                                                                \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:GenerateDataKey (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Generates a unique symmetric data key for client-side encryption. This operation returns a\n plaintext copy of the data key and a copy that is encrypted under a KMS key that you specify.\n You can use the plaintext key to encrypt your data outside of KMS and store the encrypted\n data key with the encrypted data.

                                                                                                \n\n

                                                                                                \n GenerateDataKey returns a unique data key for each request. The bytes in the\n plaintext key are not related to the caller or the KMS key.

                                                                                                \n\n

                                                                                                To generate a data key, specify the symmetric KMS key that will be used to encrypt the\n data key. You cannot use an asymmetric KMS key to generate data keys. To get the type of your\n KMS key, use the DescribeKey operation. You must also specify the length of\n the data key. Use either the KeySpec or NumberOfBytes parameters\n (but not both). For 128-bit and 256-bit data keys, use the KeySpec parameter.

                                                                                                \n\n

                                                                                                To get only an encrypted copy of the data key, use GenerateDataKeyWithoutPlaintext. To generate an asymmetric data key pair, use\n the GenerateDataKeyPair or GenerateDataKeyPairWithoutPlaintext operation. To get a cryptographically secure\n random byte string, use GenerateRandom.

                                                                                                \n\n

                                                                                                You can use the optional encryption context to add additional security to the encryption\n operation. If you specify an EncryptionContext, you must specify the same\n encryption context (a case-sensitive exact match) when decrypting the encrypted data key.\n Otherwise, the request to decrypt fails with an InvalidCiphertextException. For more information, see Encryption Context in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                Applications in Amazon Web Services Nitro Enclaves can call this operation by using the Amazon Web Services Nitro Enclaves Development Kit. For information about the supporting parameters, see How Amazon Web Services Nitro Enclaves use KMS in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n How to use your data\n key\n

                                                                                                \n

                                                                                                We recommend that you use the following pattern to encrypt data locally in your\n application. You can write your own code or use a client-side encryption library, such as the\n Amazon Web Services Encryption SDK, the\n Amazon DynamoDB Encryption Client,\n or Amazon S3\n client-side encryption to do these tasks for you.

                                                                                                \n

                                                                                                To encrypt data outside of KMS:

                                                                                                \n
                                                                                                  \n
                                                                                                1. \n

                                                                                                  Use the GenerateDataKey operation to get a data key.

                                                                                                  \n
                                                                                                  2. \n
                                                                                                2. \n

                                                                                                  Use the plaintext data key (in the Plaintext field of the response) to\n encrypt your data outside of KMS. Then erase the plaintext data key from memory.

                                                                                                  \n
                                                                                                  3. \n
                                                                                                3. \n

                                                                                                  Store the encrypted data key (in the CiphertextBlob field of the\n response) with the encrypted data.

                                                                                                  \n
                                                                                                  4. \n
                                                                                                \n

                                                                                                To decrypt data outside of KMS:

                                                                                                \n
                                                                                                  \n
                                                                                                1. \n

                                                                                                  Use the Decrypt operation to decrypt the encrypted data key. The\n operation returns a plaintext copy of the data key.

                                                                                                  \n
                                                                                                  2. \n
                                                                                                2. \n

                                                                                                  Use the plaintext data key to decrypt data outside of KMS, then erase the plaintext\n data key from memory.

                                                                                                  \n
                                                                                                  3. \n
                                                                                                \n

                                                                                                \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:GenerateDataKey (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#GenerateDataKeyPair": { @@ -1848,7 +1848,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Generates a unique asymmetric data key pair. The GenerateDataKeyPair\n operation returns a plaintext public key, a plaintext private key, and a copy of the private\n key that is encrypted under the symmetric KMS key you specify. You can use the data key pair to\n perform asymmetric cryptography and implement digital signatures outside of KMS.

                                                                                                \n\n

                                                                                                You can use the public key that GenerateDataKeyPair returns to encrypt data\n or verify a signature outside of KMS. Then, store the encrypted private key with the data.\n When you are ready to decrypt data or sign a message, you can use the Decrypt operation to decrypt the encrypted private key.

                                                                                                \n\n

                                                                                                To generate a data key pair, you must specify a symmetric KMS key to\n encrypt the private key in a data key pair. You cannot use an asymmetric KMS key or a KMS key in a\n custom key store. To get the type and origin of your KMS key, use the DescribeKey operation.

                                                                                                \n

                                                                                                Use the KeyPairSpec parameter to choose an RSA or Elliptic Curve (ECC) data\n key pair. KMS recommends that your use ECC key pairs for signing, and use RSA key pairs\n for either encryption or signing, but not both. However, KMS cannot enforce any restrictions\n on the use of data key pairs outside of KMS.

                                                                                                \n \n

                                                                                                If you are using the data key pair to encrypt data, or for any operation where you don't\n immediately need a private key, consider using the GenerateDataKeyPairWithoutPlaintext operation.\n GenerateDataKeyPairWithoutPlaintext returns a plaintext public key and an\n encrypted private key, but omits the plaintext private key that you need only to decrypt\n ciphertext or sign a message. Later, when you need to decrypt the data or sign a message, use\n the Decrypt operation to decrypt the encrypted private key in the data key\n pair.

                                                                                                \n\n

                                                                                                \n GenerateDataKeyPair returns a unique data key pair for each request. The\n bytes in the keys are not related to the caller or the KMS key that is used to encrypt the private\n key. The public key is a DER-encoded X.509 SubjectPublicKeyInfo, as specified in RFC 5280. The\n private key is a DER-encoded PKCS8 PrivateKeyInfo, as specified in RFC\n 5958.

                                                                                                \n \n

                                                                                                You can use the optional encryption context to add additional security to the encryption\n operation. If you specify an EncryptionContext, you must specify the same\n encryption context (a case-sensitive exact match) when decrypting the encrypted data key.\n Otherwise, the request to decrypt fails with an InvalidCiphertextException. For more information, see Encryption Context in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:GenerateDataKeyPair (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Generates a unique asymmetric data key pair. The GenerateDataKeyPair\n operation returns a plaintext public key, a plaintext private key, and a copy of the private\n key that is encrypted under the symmetric KMS key you specify. You can use the data key pair\n to perform asymmetric cryptography and implement digital signatures outside of KMS.

                                                                                                \n\n

                                                                                                You can use the public key that GenerateDataKeyPair returns to encrypt data\n or verify a signature outside of KMS. Then, store the encrypted private key with the data.\n When you are ready to decrypt data or sign a message, you can use the Decrypt operation to decrypt the encrypted private key.

                                                                                                \n\n

                                                                                                To generate a data key pair, you must specify a symmetric KMS key to encrypt the private\n key in a data key pair. You cannot use an asymmetric KMS key or a KMS key in a custom key\n store. To get the type and origin of your KMS key, use the DescribeKey\n operation.

                                                                                                \n

                                                                                                Use the KeyPairSpec parameter to choose an RSA or Elliptic Curve (ECC) data\n key pair. KMS recommends that your use ECC key pairs for signing, and use RSA key pairs for\n either encryption or signing, but not both. However, KMS cannot enforce any restrictions on\n the use of data key pairs outside of KMS.

                                                                                                \n\n

                                                                                                If you are using the data key pair to encrypt data, or for any operation where you don't\n immediately need a private key, consider using the GenerateDataKeyPairWithoutPlaintext operation.\n GenerateDataKeyPairWithoutPlaintext returns a plaintext public key and an\n encrypted private key, but omits the plaintext private key that you need only to decrypt\n ciphertext or sign a message. Later, when you need to decrypt the data or sign a message, use\n the Decrypt operation to decrypt the encrypted private key in the data key\n pair.

                                                                                                \n\n

                                                                                                \n GenerateDataKeyPair returns a unique data key pair for each request. The\n bytes in the keys are not related to the caller or the KMS key that is used to encrypt the\n private key. The public key is a DER-encoded X.509 SubjectPublicKeyInfo, as specified in\n RFC 5280. The private key is a\n DER-encoded PKCS8 PrivateKeyInfo, as specified in RFC 5958.

                                                                                                \n\n

                                                                                                You can use the optional encryption context to add additional security to the encryption\n operation. If you specify an EncryptionContext, you must specify the same\n encryption context (a case-sensitive exact match) when decrypting the encrypted data key.\n Otherwise, the request to decrypt fails with an InvalidCiphertextException. For more information, see Encryption Context in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account\n use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:GenerateDataKeyPair (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#GenerateDataKeyPairRequest": { @@ -1863,7 +1863,7 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies the symmetric KMS key that encrypts the private key in the data key pair. You cannot\n specify an asymmetric KMS key or a KMS key in a custom key store. To get the type and origin of your KMS key, use the DescribeKey operation.

                                                                                                \n \n

                                                                                                To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias name: alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Specifies the symmetric KMS key that encrypts the private key in the data key pair. You\n cannot specify an asymmetric KMS key or a KMS key in a custom key store. To get the type and\n origin of your KMS key, use the DescribeKey operation.

                                                                                                \n \n

                                                                                                To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias name: alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

                                                                                                ", "smithy.api#required": {} } }, @@ -1955,7 +1955,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Generates a unique asymmetric data key pair. The\n GenerateDataKeyPairWithoutPlaintext operation returns a plaintext public key\n and a copy of the private key that is encrypted under the symmetric KMS key you specify. Unlike\n GenerateDataKeyPair, this operation does not return a plaintext private\n key.

                                                                                                \n

                                                                                                You can use the public key that GenerateDataKeyPairWithoutPlaintext returns\n to encrypt data or verify a signature outside of KMS. Then, store the encrypted private key\n with the data. When you are ready to decrypt data or sign a message, you can use the Decrypt operation to decrypt the encrypted private key.

                                                                                                \n

                                                                                                To generate a data key pair, you must specify a symmetric KMS key to\n encrypt the private key in a data key pair. You cannot use an asymmetric KMS key or a KMS key in a\n custom key store. To get the type and origin of your KMS key, use the DescribeKey operation.

                                                                                                \n

                                                                                                Use the KeyPairSpec parameter to choose an RSA or Elliptic Curve (ECC) data\n key pair. KMS recommends that your use ECC key pairs for signing, and use RSA key pairs\n for either encryption or signing, but not both. However, KMS cannot enforce any restrictions\n on the use of data key pairs outside of KMS.

                                                                                                \n

                                                                                                \n GenerateDataKeyPairWithoutPlaintext returns a unique data key pair for each\n request. The bytes in the key are not related to the caller or KMS key that is used to encrypt the\n private key. The public key is a DER-encoded X.509 SubjectPublicKeyInfo, as specified in\n RFC 5280.

                                                                                                \n\n

                                                                                                You can use the optional encryption context to add additional security to the encryption\n operation. If you specify an EncryptionContext, you must specify the same\n encryption context (a case-sensitive exact match) when decrypting the encrypted data key.\n Otherwise, the request to decrypt fails with an InvalidCiphertextException. For more information, see Encryption Context in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:GenerateDataKeyPairWithoutPlaintext (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Generates a unique asymmetric data key pair. The\n GenerateDataKeyPairWithoutPlaintext operation returns a plaintext public key\n and a copy of the private key that is encrypted under the symmetric KMS key you specify.\n Unlike GenerateDataKeyPair, this operation does not return a plaintext\n private key.

                                                                                                \n

                                                                                                You can use the public key that GenerateDataKeyPairWithoutPlaintext returns\n to encrypt data or verify a signature outside of KMS. Then, store the encrypted private key\n with the data. When you are ready to decrypt data or sign a message, you can use the Decrypt operation to decrypt the encrypted private key.

                                                                                                \n

                                                                                                To generate a data key pair, you must specify a symmetric KMS key to encrypt the private\n key in a data key pair. You cannot use an asymmetric KMS key or a KMS key in a custom key\n store. To get the type and origin of your KMS key, use the DescribeKey\n operation.

                                                                                                \n

                                                                                                Use the KeyPairSpec parameter to choose an RSA or Elliptic Curve (ECC) data\n key pair. KMS recommends that your use ECC key pairs for signing, and use RSA key pairs for\n either encryption or signing, but not both. However, KMS cannot enforce any restrictions on\n the use of data key pairs outside of KMS.

                                                                                                \n

                                                                                                \n GenerateDataKeyPairWithoutPlaintext returns a unique data key pair for each\n request. The bytes in the key are not related to the caller or KMS key that is used to encrypt\n the private key. The public key is a DER-encoded X.509 SubjectPublicKeyInfo, as specified in\n RFC 5280.

                                                                                                \n\n

                                                                                                You can use the optional encryption context to add additional security to the encryption\n operation. If you specify an EncryptionContext, you must specify the same\n encryption context (a case-sensitive exact match) when decrypting the encrypted data key.\n Otherwise, the request to decrypt fails with an InvalidCiphertextException. For more information, see Encryption Context in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account\n use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:GenerateDataKeyPairWithoutPlaintext (key\n policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#GenerateDataKeyPairWithoutPlaintextRequest": { @@ -1970,7 +1970,7 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies the KMS key that encrypts the private key in the data key pair. You must specify a\n symmetric KMS key. You cannot use an asymmetric KMS key or a KMS key in a custom key store. To get the\n type and origin of your KMS key, use the DescribeKey operation.

                                                                                                \n

                                                                                                To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias name: alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Specifies the KMS key that encrypts the private key in the data key pair. You must specify\n a symmetric KMS key. You cannot use an asymmetric KMS key or a KMS key in a custom key store.\n To get the type and origin of your KMS key, use the DescribeKey operation.\n

                                                                                                \n

                                                                                                To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias name: alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

                                                                                                ", "smithy.api#required": {} } }, @@ -2112,7 +2112,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Generates a unique symmetric data key. This operation returns a data key that is encrypted\n under a KMS key that you specify. To request an asymmetric data key pair,\n use the GenerateDataKeyPair or GenerateDataKeyPairWithoutPlaintext operations.

                                                                                                \n

                                                                                                \n GenerateDataKeyWithoutPlaintext is identical to the GenerateDataKey operation except that returns only the encrypted copy of the\n data key. This operation is useful for systems that need to encrypt data at some point, but\n not immediately. When you need to encrypt the data, you call the Decrypt\n operation on the encrypted copy of the key.

                                                                                                \n

                                                                                                It's also useful in distributed systems with different levels of trust. For example, you\n might store encrypted data in containers. One component of your system creates new containers\n and stores an encrypted data key with each container. Then, a different component puts the\n data into the containers. That component first decrypts the data key, uses the plaintext data\n key to encrypt data, puts the encrypted data into the container, and then destroys the\n plaintext data key. In this system, the component that creates the containers never sees the\n plaintext data key.

                                                                                                \n

                                                                                                \n GenerateDataKeyWithoutPlaintext returns a unique data key for each request.\n The bytes in the keys are not related to the caller or KMS key that is used to encrypt the private\n key.

                                                                                                \n\n

                                                                                                To generate a data key, you must specify the symmetric KMS key that is\n used to encrypt the data key. You cannot use an asymmetric KMS key to generate a data key. To get\n the type of your KMS key, use the DescribeKey operation.

                                                                                                \n\n

                                                                                                If the operation succeeds, you will find the encrypted copy of the data key in the\n CiphertextBlob field.

                                                                                                \n\n

                                                                                                You can use the optional encryption context to add additional security to the encryption\n operation. If you specify an EncryptionContext, you must specify the same\n encryption context (a case-sensitive exact match) when decrypting the encrypted data key.\n Otherwise, the request to decrypt fails with an InvalidCiphertextException. For more information, see Encryption Context in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:GenerateDataKeyWithoutPlaintext (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Generates a unique symmetric data key. This operation returns a data key that is encrypted\n under a KMS key that you specify. To request an asymmetric data key pair, use the GenerateDataKeyPair or GenerateDataKeyPairWithoutPlaintext\n operations.

                                                                                                \n

                                                                                                \n GenerateDataKeyWithoutPlaintext is identical to the GenerateDataKey operation except that returns only the encrypted copy of the\n data key. This operation is useful for systems that need to encrypt data at some point, but\n not immediately. When you need to encrypt the data, you call the Decrypt\n operation on the encrypted copy of the key.

                                                                                                \n

                                                                                                It's also useful in distributed systems with different levels of trust. For example, you\n might store encrypted data in containers. One component of your system creates new containers\n and stores an encrypted data key with each container. Then, a different component puts the\n data into the containers. That component first decrypts the data key, uses the plaintext data\n key to encrypt data, puts the encrypted data into the container, and then destroys the\n plaintext data key. In this system, the component that creates the containers never sees the\n plaintext data key.

                                                                                                \n

                                                                                                \n GenerateDataKeyWithoutPlaintext returns a unique data key for each request.\n The bytes in the keys are not related to the caller or KMS key that is used to encrypt the\n private key.

                                                                                                \n\n

                                                                                                To generate a data key, you must specify the symmetric KMS key that is used to encrypt the\n data key. You cannot use an asymmetric KMS key to generate a data key. To get the type of your\n KMS key, use the DescribeKey operation.

                                                                                                \n\n

                                                                                                If the operation succeeds, you will find the encrypted copy of the data key in the\n CiphertextBlob field.

                                                                                                \n\n

                                                                                                You can use the optional encryption context to add additional security to the encryption\n operation. If you specify an EncryptionContext, you must specify the same\n encryption context (a case-sensitive exact match) when decrypting the encrypted data key.\n Otherwise, the request to decrypt fails with an InvalidCiphertextException. For more information, see Encryption Context in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account\n use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:GenerateDataKeyWithoutPlaintext (key\n policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#GenerateDataKeyWithoutPlaintextRequest": { @@ -2121,7 +2121,7 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                The identifier of the symmetric KMS key that encrypts the data\n key.

                                                                                                \n

                                                                                                To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias name: alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The identifier of the symmetric KMS key that encrypts the data key.

                                                                                                \n \n

                                                                                                To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias name: alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

                                                                                                ", "smithy.api#required": {} } }, @@ -2191,7 +2191,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Returns a random byte string that is cryptographically secure.

                                                                                                \n

                                                                                                By default, the random byte string is generated in KMS. To generate the byte string in\n the CloudHSM cluster that is associated with a custom key store, specify the custom key store\n ID.

                                                                                                \n

                                                                                                Applications in Amazon Web Services Nitro Enclaves can call this operation by using the Amazon Web Services Nitro Enclaves Development Kit. For information about the supporting parameters, see How Amazon Web Services Nitro Enclaves use KMS in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                For more information about entropy and random number generation, see Key Management Service Cryptographic Details.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:GenerateRandom (IAM policy)

                                                                                                " + "smithy.api#documentation": "

                                                                                                Returns a random byte string that is cryptographically secure.

                                                                                                \n

                                                                                                By default, the random byte string is generated in KMS. To generate the byte string in\n the CloudHSM cluster that is associated with a custom key store, specify the custom key store\n ID.

                                                                                                \n

                                                                                                Applications in Amazon Web Services Nitro Enclaves can call this operation by using the Amazon Web Services Nitro Enclaves Development Kit. For information about the supporting parameters, see How Amazon Web Services Nitro Enclaves use KMS in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                For more information about entropy and random number generation, see\n Key Management Service Cryptographic Details.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:GenerateRandom (IAM policy)

                                                                                                " } }, "com.amazonaws.kms#GenerateRandomRequest": { @@ -2248,7 +2248,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Gets a key policy attached to the specified KMS key.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:GetKeyPolicy (key policy)

                                                                                                \n

                                                                                                \n Related operations: PutKeyPolicy\n

                                                                                                " + "smithy.api#documentation": "

                                                                                                Gets a key policy attached to the specified KMS key.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:GetKeyPolicy (key policy)

                                                                                                \n

                                                                                                \n Related operations: PutKeyPolicy\n

                                                                                                " } }, "com.amazonaws.kms#GetKeyPolicyRequest": { @@ -2310,7 +2310,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Gets a Boolean value that indicates whether automatic rotation of the key material is\n enabled for the specified KMS key.

                                                                                                \n

                                                                                                You cannot enable automatic rotation of asymmetric KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key. The key rotation status for these KMS keys is always false.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Disabled: The key rotation status does not change when you disable a KMS key. However,\n while the KMS key is disabled, KMS does not rotate the key material.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Pending deletion: While a KMS key is pending deletion, its key rotation status is\n false and KMS does not rotate the key material. If you cancel the\n deletion, the original key rotation status is restored.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                \n Cross-account use: Yes. To perform this operation on a KMS key in a different Amazon Web Services account, specify the key\n ARN in the value of the KeyId parameter.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:GetKeyRotationStatus (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Gets a Boolean value that indicates whether automatic rotation of the key material is\n enabled for the specified KMS key.

                                                                                                \n

                                                                                                You cannot enable automatic rotation of asymmetric KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key. The key rotation status for these KMS keys is always\n false.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Disabled: The key rotation status does not change when you disable a KMS key. However,\n while the KMS key is disabled, KMS does not rotate the key material.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Pending deletion: While a KMS key is pending deletion, its key rotation status is\n false and KMS does not rotate the key material. If you cancel the\n deletion, the original key rotation status is restored.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                \n Cross-account use: Yes. To perform this operation on a KMS key in a different Amazon Web Services account, specify the key\n ARN in the value of the KeyId parameter.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:GetKeyRotationStatus (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#GetKeyRotationStatusRequest": { @@ -2319,7 +2319,7 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Gets the rotation status for the specified KMS key.

                                                                                                \n

                                                                                                Specify the key ID or key ARN of the KMS key. To specify a KMS key in a\ndifferent Amazon Web Services account, you must use the key ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Gets the rotation status for the specified KMS key.

                                                                                                \n \n

                                                                                                Specify the key ID or key ARN of the KMS key. To specify a KMS key in a\ndifferent Amazon Web Services account, you must use the key ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", "smithy.api#required": {} } } @@ -2365,7 +2365,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Returns the items you need to import key material into a symmetric, customer managed\n KMS key. For more information about importing key material into KMS, see\n Importing Key\n Material in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                This operation returns a public key and an import token. Use the public key to encrypt the\n symmetric key material. Store the import token to send with a subsequent ImportKeyMaterial request.

                                                                                                \n

                                                                                                You must specify the key ID of the symmetric KMS key into which you will import key material.\n This KMS key's Origin must be EXTERNAL. You must also specify the\n wrapping algorithm and type of wrapping key (public key) that you will use to encrypt the key\n material. You cannot perform this operation on an asymmetric KMS key or on any KMS key in a different Amazon Web Services account.

                                                                                                \n

                                                                                                To import key material, you must use the public key and import token from the same\n response. These items are valid for 24 hours. The expiration date and time appear in the\n GetParametersForImport response. You cannot use an expired token in an ImportKeyMaterial request. If your key and token expire, send another\n GetParametersForImport request.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:GetParametersForImport (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Returns the items you need to import key material into a symmetric, customer managed KMS\n key. For more information about importing key material into KMS, see Importing Key Material\n in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                This operation returns a public key and an import token. Use the public key to encrypt the\n symmetric key material. Store the import token to send with a subsequent ImportKeyMaterial request.

                                                                                                \n

                                                                                                You must specify the key ID of the symmetric KMS key into which you will import key\n material. This KMS key's Origin must be EXTERNAL. You must also\n specify the wrapping algorithm and type of wrapping key (public key) that you will use to\n encrypt the key material. You cannot perform this operation on an asymmetric KMS key or on any KMS key in a different Amazon Web Services account.

                                                                                                \n

                                                                                                To import key material, you must use the public key and import token from the same\n response. These items are valid for 24 hours. The expiration date and time appear in the\n GetParametersForImport response. You cannot use an expired token in an ImportKeyMaterial request. If your key and token expire, send another\n GetParametersForImport request.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:GetParametersForImport (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#GetParametersForImportRequest": { @@ -2374,7 +2374,7 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                The identifier of the symmetric KMS key into which you will import key material. The\n Origin of the KMS key must be EXTERNAL.

                                                                                                \n

                                                                                                Specify the key ID or key ARN of the KMS key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The identifier of the symmetric KMS key into which you will import key material. The\n Origin of the KMS key must be EXTERNAL.

                                                                                                \n \n

                                                                                                Specify the key ID or key ARN of the KMS key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", "smithy.api#required": {} } }, @@ -2400,7 +2400,7 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                The Amazon Resource Name (key ARN) of the KMS key to use in a subsequent ImportKeyMaterial\n request. This is the same KMS key specified in the GetParametersForImport\n request.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The Amazon Resource Name (key ARN) of the KMS key to use in a subsequent ImportKeyMaterial request. This is the same KMS key specified in the GetParametersForImport\n request.

                                                                                                " } }, "ImportToken": { @@ -2464,7 +2464,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Returns the public key of an asymmetric KMS key. Unlike the private key of a asymmetric KMS key,\n which never leaves KMS unencrypted, callers with kms:GetPublicKey permission\n can download the public key of an asymmetric KMS key. You can share the public key to allow others\n to encrypt messages and verify signatures outside of KMS. For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                You do not need to download the public key. Instead, you can use the public key within\n KMS by calling the Encrypt, ReEncrypt, or Verify operations with the identifier of an asymmetric KMS key. When you use the\n public key within KMS, you benefit from the authentication, authorization, and logging that\n are part of every KMS operation. You also reduce of risk of encrypting data that cannot be\n decrypted. These features are not effective outside of KMS. For details, see Special\n Considerations for Downloading Public Keys.

                                                                                                \n

                                                                                                To help you use the public key safely outside of KMS, GetPublicKey returns\n important information about the public key in the response, including:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n KeySpec: The type of key material in the public key, such as\n RSA_4096 or ECC_NIST_P521.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n KeyUsage: Whether the key is used for encryption or signing.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n EncryptionAlgorithms or SigningAlgorithms: A list of the encryption algorithms or the signing\n algorithms for the key.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                Although KMS cannot enforce these restrictions on external operations, it is crucial\n that you use this information to prevent the public key from being used improperly. For\n example, you can prevent a public signing key from being used encrypt data, or prevent a\n public key from being used with an encryption algorithm that is not supported by KMS. You\n can also avoid errors, such as using the wrong signing algorithm in a verification\n operation.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:GetPublicKey (key policy)

                                                                                                \n

                                                                                                \n Related operations: CreateKey\n

                                                                                                " + "smithy.api#documentation": "

                                                                                                Returns the public key of an asymmetric KMS key. Unlike the private key of a asymmetric\n KMS key, which never leaves KMS unencrypted, callers with kms:GetPublicKey\n permission can download the public key of an asymmetric KMS key. You can share the public key\n to allow others to encrypt messages and verify signatures outside of KMS.\n For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                You do not need to download the public key. Instead, you can use the public key within\n KMS by calling the Encrypt, ReEncrypt, or Verify operations with the identifier of an asymmetric KMS key. When you use the\n public key within KMS, you benefit from the authentication, authorization, and logging that\n are part of every KMS operation. You also reduce of risk of encrypting data that cannot be\n decrypted. These features are not effective outside of KMS. For details, see Special\n Considerations for Downloading Public Keys.

                                                                                                \n

                                                                                                To help you use the public key safely outside of KMS, GetPublicKey returns\n important information about the public key in the response, including:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n KeySpec: The type of key material in the public key, such as\n RSA_4096 or ECC_NIST_P521.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n KeyUsage: Whether the key is used for encryption or signing.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n EncryptionAlgorithms or SigningAlgorithms: A list of the encryption algorithms or the signing\n algorithms for the key.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                Although KMS cannot enforce these restrictions on external operations, it is crucial\n that you use this information to prevent the public key from being used improperly. For\n example, you can prevent a public signing key from being used encrypt data, or prevent a\n public key from being used with an encryption algorithm that is not supported by KMS. You\n can also avoid errors, such as using the wrong signing algorithm in a verification\n operation.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use:\n Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:GetPublicKey (key policy)

                                                                                                \n

                                                                                                \n Related operations: CreateKey\n

                                                                                                " } }, "com.amazonaws.kms#GetPublicKeyRequest": { @@ -2491,7 +2491,7 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                The Amazon Resource Name (key ARN) of the asymmetric KMS key from which the public key was downloaded.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The Amazon Resource Name (key ARN) of the asymmetric KMS key from which the public key was\n downloaded.

                                                                                                " } }, "PublicKey": { @@ -2506,7 +2506,7 @@ "smithy.api#deprecated": { "message": "This field has been deprecated. Instead, use the KeySpec field." }, - "smithy.api#documentation": "

                                                                                                Instead, use the KeySpec field in the GetPublicKey response.

                                                                                                \n

                                                                                                The KeySpec and CustomerMasterKeySpec fields have the same value. We recommend that you use the KeySpec field in your code. However, to avoid breaking changes, KMS will support both fields.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Instead, use the KeySpec field in the GetPublicKey\n response.

                                                                                                \n

                                                                                                The KeySpec and CustomerMasterKeySpec fields have the same\n value. We recommend that you use the KeySpec field in your code. However, to\n avoid breaking changes, KMS will support both fields.

                                                                                                " } }, "KeySpec": { @@ -2773,7 +2773,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Imports key material into an existing symmetric KMS KMS key that was\n created without key material. After you successfully import key material into a KMS key, you can\n reimport the same key material into that KMS key, but you cannot import different key\n material.

                                                                                                \n

                                                                                                You cannot perform this operation on an asymmetric KMS key or on any KMS key in a different Amazon Web Services account. For more information about creating KMS keys with no key material and\n then importing key material, see Importing Key Material in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                Before using this operation, call GetParametersForImport. Its response\n includes a public key and an import token. Use the public key to encrypt the key material.\n Then, submit the import token from the same GetParametersForImport\n response.

                                                                                                \n

                                                                                                When calling this operation, you must specify the following values:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  The key ID or key ARN of a KMS key with no key material. Its Origin must be\n EXTERNAL.

                                                                                                  \n

                                                                                                  To create a KMS key with no key material, call CreateKey and set the\n value of its Origin parameter to EXTERNAL. To get the\n Origin of a KMS key, call DescribeKey.)

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  The encrypted key material. To get the public key to encrypt the key material, call\n GetParametersForImport.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  The import token that GetParametersForImport returned. You must use\n a public key and token from the same GetParametersForImport response.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Whether the key material expires and if so, when. If you set an expiration date, KMS\n deletes the key material from the KMS key on the specified date, and the KMS key becomes unusable.\n To use the KMS key again, you must reimport the same key material. The only way to change an\n expiration date is by reimporting the same key material and specifying a new expiration\n date.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                When this operation is successful, the key state of the KMS key changes from\n PendingImport to Enabled, and you can use the KMS key.

                                                                                                \n

                                                                                                If this operation fails, use the exception to help determine the problem. If the error is\n related to the key material, the import token, or wrapping key, use GetParametersForImport to get a new public key and import token for the KMS key and\n repeat the import procedure. For help, see How To Import Key\n Material in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:ImportKeyMaterial (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Imports key material into an existing symmetric KMS KMS key that was created without key\n material. After you successfully import key material into a KMS key, you can reimport\n the same key material into that KMS key, but you cannot import different key\n material.

                                                                                                \n

                                                                                                You cannot perform this operation on an asymmetric KMS key or on any KMS key in a different Amazon Web Services account. For more information about creating KMS keys with no key material\n and then importing key material, see Importing Key Material in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                Before using this operation, call GetParametersForImport. Its response\n includes a public key and an import token. Use the public key to encrypt the key material.\n Then, submit the import token from the same GetParametersForImport\n response.

                                                                                                \n

                                                                                                When calling this operation, you must specify the following values:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  The key ID or key ARN of a KMS key with no key material. Its Origin must\n be EXTERNAL.

                                                                                                  \n

                                                                                                  To create a KMS key with no key material, call CreateKey and set the\n value of its Origin parameter to EXTERNAL. To get the\n Origin of a KMS key, call DescribeKey.)

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  The encrypted key material. To get the public key to encrypt the key material, call\n GetParametersForImport.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  The import token that GetParametersForImport returned. You must use\n a public key and token from the same GetParametersForImport response.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Whether the key material expires and if so, when. If you set an expiration date, KMS\n deletes the key material from the KMS key on the specified date, and the KMS key becomes\n unusable. To use the KMS key again, you must reimport the same key material. The only way\n to change an expiration date is by reimporting the same key material and specifying a new\n expiration date.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                When this operation is successful, the key state of the KMS key changes from\n PendingImport to Enabled, and you can use the KMS key.

                                                                                                \n

                                                                                                If this operation fails, use the exception to help determine the problem. If the error is\n related to the key material, the import token, or wrapping key, use GetParametersForImport to get a new public key and import token for the KMS key\n and repeat the import procedure. For help, see How To Import Key\n Material in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:ImportKeyMaterial (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#ImportKeyMaterialRequest": { @@ -2782,7 +2782,7 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                The identifier of the symmetric KMS key that receives the imported key material. The KMS key's\n Origin must be EXTERNAL. This must be the same KMS key specified in\n the KeyID parameter of the corresponding GetParametersForImport\n request.

                                                                                                \n

                                                                                                Specify the key ID or key ARN of the KMS key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The identifier of the symmetric KMS key that receives the imported key material. The KMS\n key's Origin must be EXTERNAL. This must be the same KMS key\n specified in the KeyID parameter of the corresponding GetParametersForImport request.

                                                                                                \n

                                                                                                Specify the key ID or key ARN of the KMS key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", "smithy.api#required": {} } }, @@ -2803,7 +2803,7 @@ "ValidTo": { "target": "com.amazonaws.kms#DateType", "traits": { - "smithy.api#documentation": "

                                                                                                The time at which the imported key material expires. When the key material expires, KMS\n deletes the key material and the KMS key becomes unusable. You must omit this parameter when the\n ExpirationModel parameter is set to KEY_MATERIAL_DOES_NOT_EXPIRE.\n Otherwise it is required.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The time at which the imported key material expires. When the key material expires, KMS\n deletes the key material and the KMS key becomes unusable. You must omit this parameter when\n the ExpirationModel parameter is set to\n KEY_MATERIAL_DOES_NOT_EXPIRE. Otherwise it is required.

                                                                                                " } }, "ExpirationModel": { @@ -2830,7 +2830,7 @@ "code": "IncorrectKeyException", "httpResponseCode": 400 }, - "smithy.api#documentation": "

                                                                                                The request was rejected because the specified KMS key cannot decrypt the data. The\n KeyId in a Decrypt request and the SourceKeyId\n in a ReEncrypt request must identify the same KMS key that was used to encrypt\n the ciphertext.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The request was rejected because the specified KMS key cannot decrypt the data. The\n KeyId in a Decrypt request and the SourceKeyId\n in a ReEncrypt request must identify the same KMS key that was used to\n encrypt the ciphertext.

                                                                                                ", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -2983,7 +2983,7 @@ "code": "InvalidKeyUsage", "httpResponseCode": 400 }, - "smithy.api#documentation": "

                                                                                                The request was rejected for one of the following reasons:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  The KeyUsage value of the KMS key is incompatible with the API\n operation.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  The encryption algorithm or signing algorithm specified for the operation is\n incompatible with the type of key material in the KMS key\n (KeySpec).

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                For encrypting, decrypting, re-encrypting, and generating data keys, the\n KeyUsage must be ENCRYPT_DECRYPT. For signing and verifying, the\n KeyUsage must be SIGN_VERIFY. To find the KeyUsage of\n a KMS key, use the DescribeKey operation.

                                                                                                \n

                                                                                                To find the encryption or signing algorithms supported for a particular KMS key, use the DescribeKey operation.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The request was rejected for one of the following reasons:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  The KeyUsage value of the KMS key is incompatible with the API\n operation.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  The encryption algorithm or signing algorithm specified for the operation is\n incompatible with the type of key material in the KMS key (KeySpec).

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                For encrypting, decrypting, re-encrypting, and generating data keys, the\n KeyUsage must be ENCRYPT_DECRYPT. For signing and verifying, the\n KeyUsage must be SIGN_VERIFY. To find the KeyUsage of\n a KMS key, use the DescribeKey operation.

                                                                                                \n

                                                                                                To find the encryption or signing algorithms supported for a particular KMS key, use the\n DescribeKey operation.

                                                                                                ", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -3051,7 +3051,7 @@ "code": "KMSInvalidStateException", "httpResponseCode": 409 }, - "smithy.api#documentation": "

                                                                                                The request was rejected because the state of the specified resource is not valid for this\n request.

                                                                                                \n

                                                                                                For more information about how key state affects the use of a KMS key, see Key state: Effect on your KMS key in the \n Key Management Service Developer Guide\n .

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The request was rejected because the state of the specified resource is not valid for this\n request.

                                                                                                \n

                                                                                                For more information about how key state affects the use of a KMS key, see Key state: Effect on your KMS\n key in the \n Key Management Service Developer Guide\n .

                                                                                                ", "smithy.api#error": "client", "smithy.api#httpError": 409 } @@ -3125,7 +3125,7 @@ "Arn": { "target": "com.amazonaws.kms#ArnType", "traits": { - "smithy.api#documentation": "

                                                                                                The Amazon Resource Name (ARN) of the KMS key. For examples, see Key Management Service\n (KMS) in the Example ARNs section of the Amazon Web Services General\n Reference.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The Amazon Resource Name (ARN) of the KMS key. For examples, see Key Management Service (KMS) in the Example ARNs section of the Amazon Web Services General\n Reference.

                                                                                                " } }, "CreationDate": { @@ -3137,7 +3137,7 @@ "Enabled": { "target": "com.amazonaws.kms#BooleanType", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies whether the KMS key is enabled. When KeyState is Enabled\n this value is true, otherwise it is false.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Specifies whether the KMS key is enabled. When KeyState is\n Enabled this value is true, otherwise it is false.

                                                                                                " } }, "Description": { @@ -3155,37 +3155,37 @@ "KeyState": { "target": "com.amazonaws.kms#KeyState", "traits": { - "smithy.api#documentation": "

                                                                                                The current status of the KMS key.

                                                                                                \n

                                                                                                For more information about how key state affects the use of a KMS key, see Key state: Effect on your KMS key\n in the Key Management Service Developer Guide.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The current status of the KMS key.

                                                                                                \n

                                                                                                For more information about how key state affects the use of a KMS key, see Key state: Effect on your KMS\n key in the Key Management Service Developer Guide.

                                                                                                " } }, "DeletionDate": { "target": "com.amazonaws.kms#DateType", "traits": { - "smithy.api#documentation": "

                                                                                                The date and time after which KMS deletes this KMS key. This value is present only when the KMS key is scheduled for deletion, that is, when its KeyState is\n PendingDeletion.

                                                                                                \n

                                                                                                When the primary key in a multi-Region key is scheduled for deletion but still has replica\n keys, its key state is PendingReplicaDeletion and the length of its waiting\n period is displayed in the PendingDeletionWindowInDays field.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The date and time after which KMS deletes this KMS key. This value is present only when\n the KMS key is scheduled for deletion, that is, when its KeyState is\n PendingDeletion.

                                                                                                \n

                                                                                                When the primary key in a multi-Region key is scheduled for deletion but still has replica\n keys, its key state is PendingReplicaDeletion and the length of its waiting\n period is displayed in the PendingDeletionWindowInDays field.

                                                                                                " } }, "ValidTo": { "target": "com.amazonaws.kms#DateType", "traits": { - "smithy.api#documentation": "

                                                                                                The time at which the imported key material expires. When the key material expires, KMS\n deletes the key material and the KMS key becomes unusable. This value is present only for KMS keys\n whose Origin is EXTERNAL and whose ExpirationModel is\n KEY_MATERIAL_EXPIRES, otherwise this value is omitted.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The time at which the imported key material expires. When the key material expires, KMS\n deletes the key material and the KMS key becomes unusable. This value is present only for KMS\n keys whose Origin is EXTERNAL and whose ExpirationModel\n is KEY_MATERIAL_EXPIRES, otherwise this value is omitted.

                                                                                                " } }, "Origin": { "target": "com.amazonaws.kms#OriginType", "traits": { - "smithy.api#documentation": "

                                                                                                The source of the key material for the KMS key. When this value is AWS_KMS, KMS\n created the key material. When this value is EXTERNAL, the key material was\n imported or the KMS key doesn't have any key material. When\n this value is AWS_CLOUDHSM, the key material was created in the CloudHSM cluster\n associated with a custom key store.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The source of the key material for the KMS key. When this value is AWS_KMS,\n KMS created the key material. When this value is EXTERNAL, the key material was\n imported or the KMS key doesn't have any key material. When this value is\n AWS_CLOUDHSM, the key material was created in the CloudHSM cluster associated with\n a custom key store.

                                                                                                " } }, "CustomKeyStoreId": { "target": "com.amazonaws.kms#CustomKeyStoreIdType", "traits": { - "smithy.api#documentation": "

                                                                                                A unique identifier for the custom key store that contains the KMS key. This value is present\n only when the KMS key is created in a custom key store.

                                                                                                " + "smithy.api#documentation": "

                                                                                                A unique identifier for the custom key store that contains the KMS key. This value is\n present only when the KMS key is created in a custom key store.

                                                                                                " } }, "CloudHsmClusterId": { "target": "com.amazonaws.kms#CloudHsmClusterIdType", "traits": { - "smithy.api#documentation": "

                                                                                                The cluster ID of the CloudHSM cluster that contains the key material for the KMS key. When you\n create a KMS key in a custom key store, KMS creates the key material for the KMS key in the\n associated CloudHSM cluster. This value is present only when the KMS key is created in a custom key\n store.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The cluster ID of the CloudHSM cluster that contains the key material for the KMS key. When\n you create a KMS key in a custom key store, KMS creates the key material for the KMS key in\n the associated CloudHSM cluster. This value is present only when the KMS key is created in a\n custom key store.

                                                                                                " } }, "ExpirationModel": { @@ -3197,7 +3197,7 @@ "KeyManager": { "target": "com.amazonaws.kms#KeyManagerType", "traits": { - "smithy.api#documentation": "

                                                                                                The manager of the KMS key. KMS keys in your Amazon Web Services account are either customer managed or Amazon Web Services managed. For more information about the difference, see KMS keys in the\n Key Management Service Developer Guide.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The manager of the KMS key. KMS keys in your Amazon Web Services account are either customer managed or\n Amazon Web Services managed. For more information about the difference, see KMS keys in the Key Management Service Developer Guide.

                                                                                                " } }, "CustomerMasterKeySpec": { @@ -3206,7 +3206,7 @@ "smithy.api#deprecated": { "message": "This field has been deprecated. Instead, use the KeySpec field." }, - "smithy.api#documentation": "

                                                                                                Instead, use the KeySpec field.

                                                                                                \n

                                                                                                The KeySpec and CustomerMasterKeySpec fields have the same value. We recommend that you use the KeySpec field in your code. However, to avoid breaking changes, KMS will support both fields.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Instead, use the KeySpec field.

                                                                                                \n

                                                                                                The KeySpec and CustomerMasterKeySpec fields have the same\n value. We recommend that you use the KeySpec field in your code. However, to\n avoid breaking changes, KMS will support both fields.

                                                                                                " } }, "KeySpec": { @@ -3224,7 +3224,7 @@ "SigningAlgorithms": { "target": "com.amazonaws.kms#SigningAlgorithmSpecList", "traits": { - "smithy.api#documentation": "

                                                                                                The signing algorithms that the KMS key supports. You cannot use the KMS key with other signing\n algorithms within KMS.

                                                                                                \n

                                                                                                This field appears only when the KeyUsage of the KMS key is\n SIGN_VERIFY.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The signing algorithms that the KMS key supports. You cannot use the KMS key with other\n signing algorithms within KMS.

                                                                                                \n

                                                                                                This field appears only when the KeyUsage of the KMS key is\n SIGN_VERIFY.

                                                                                                " } }, "MultiRegion": { @@ -3236,13 +3236,13 @@ "MultiRegionConfiguration": { "target": "com.amazonaws.kms#MultiRegionConfiguration", "traits": { - "smithy.api#documentation": "

                                                                                                Lists the primary and replica keys in same multi-Region key. This field is present only\n when the value of the MultiRegion field is True.

                                                                                                \n

                                                                                                For more information about any listed KMS key, use the DescribeKey\n operation.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n MultiRegionKeyType indicates whether the KMS key is a PRIMARY or\n REPLICA key.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n PrimaryKey displays the key ARN and Region of the primary key. This field\n displays the current KMS key if it is the primary key.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ReplicaKeys displays the key ARNs and Regions of all replica keys. This\n field includes the current KMS key if it is a replica key.

                                                                                                  \n
                                                                                                  • \n
                                                                                                " + "smithy.api#documentation": "

                                                                                                Lists the primary and replica keys in same multi-Region key. This field is present only\n when the value of the MultiRegion field is True.

                                                                                                \n

                                                                                                For more information about any listed KMS key, use the DescribeKey\n operation.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n MultiRegionKeyType indicates whether the KMS key is a\n PRIMARY or REPLICA key.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n PrimaryKey displays the key ARN and Region of the primary key. This field\n displays the current KMS key if it is the primary key.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n ReplicaKeys displays the key ARNs and Regions of all replica keys. This\n field includes the current KMS key if it is a replica key.

                                                                                                  \n
                                                                                                  • \n
                                                                                                " } }, "PendingDeletionWindowInDays": { "target": "com.amazonaws.kms#PendingWindowInDaysType", "traits": { - "smithy.api#documentation": "

                                                                                                The waiting period before the primary key in a multi-Region key is deleted. This waiting\n period begins when the last of its replica keys is deleted. This value is present only when\n the KeyState of the KMS key is PendingReplicaDeletion. That indicates\n that the KMS key is the primary key in a multi-Region key, it is scheduled for deletion, and it\n still has existing replica keys.

                                                                                                \n

                                                                                                When a single-Region KMS key or a multi-Region replica key is scheduled for deletion, its\n deletion date is displayed in the DeletionDate field. However, when the primary\n key in a multi-Region key is scheduled for deletion, its waiting period doesn't begin until\n all of its replica keys are deleted. This value displays that waiting period. When the last\n replica key in the multi-Region key is deleted, the KeyState of the scheduled\n primary key changes from PendingReplicaDeletion to PendingDeletion\n and the deletion date appears in the DeletionDate field.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The waiting period before the primary key in a multi-Region key is deleted. This waiting\n period begins when the last of its replica keys is deleted. This value is present only when\n the KeyState of the KMS key is PendingReplicaDeletion. That\n indicates that the KMS key is the primary key in a multi-Region key, it is scheduled for\n deletion, and it still has existing replica keys.

                                                                                                \n

                                                                                                When a single-Region KMS key or a multi-Region replica key is scheduled for deletion, its\n deletion date is displayed in the DeletionDate field. However, when the primary\n key in a multi-Region key is scheduled for deletion, its waiting period doesn't begin until\n all of its replica keys are deleted. This value displays that waiting period. When the last\n replica key in the multi-Region key is deleted, the KeyState of the scheduled\n primary key changes from PendingReplicaDeletion to PendingDeletion\n and the deletion date appears in the DeletionDate field.

                                                                                                " } } }, @@ -3350,7 +3350,7 @@ "code": "KeyUnavailable", "httpResponseCode": 500 }, - "smithy.api#documentation": "

                                                                                                The request was rejected because the specified KMS key was not available. You can retry the\n request.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The request was rejected because the specified KMS key was not available. You can retry\n the request.

                                                                                                ", "smithy.api#error": "server", "smithy.api#httpError": 500 } @@ -3423,7 +3423,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Gets a list of aliases in the caller's Amazon Web Services account and region. For more information about\n aliases, see CreateAlias.

                                                                                                \n

                                                                                                By default, the ListAliases operation returns all aliases in the account and\n region. To get only the aliases associated with a particular KMS key, use\n the KeyId parameter.

                                                                                                \n

                                                                                                The ListAliases response can include aliases that you created and associated\n with your customer managed keys, and aliases that Amazon Web Services created and associated with Amazon Web Services managed keys in your account. You can recognize Amazon Web Services aliases because their names have the format\n aws/, such as aws/dynamodb.

                                                                                                \n

                                                                                                The response might also include aliases that have no TargetKeyId field. These\n are predefined aliases that Amazon Web Services has created but has not yet associated with a KMS key. Aliases\n that Amazon Web Services creates in your account, including predefined aliases, do not count against your\n KMS aliases\n quota.

                                                                                                \n

                                                                                                \n Cross-account use: No. ListAliases does not\n return aliases in other Amazon Web Services accounts.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:ListAliases (IAM policy)

                                                                                                \n

                                                                                                For details, see Controlling access to aliases in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n ", + "smithy.api#documentation": "

                                                                                                Gets a list of aliases in the caller's Amazon Web Services account and region. For more information\n about aliases, see CreateAlias.

                                                                                                \n

                                                                                                By default, the ListAliases operation returns all aliases in the account and\n region. To get only the aliases associated with a particular KMS key, use the\n KeyId parameter.

                                                                                                \n

                                                                                                The ListAliases response can include aliases that you created and associated\n with your customer managed keys, and aliases that Amazon Web Services created and associated with Amazon Web Services\n managed keys in your account. You can recognize Amazon Web Services aliases because their names have the\n format aws/, such as aws/dynamodb.

                                                                                                \n

                                                                                                The response might also include aliases that have no TargetKeyId field. These\n are predefined aliases that Amazon Web Services has created but has not yet associated with a KMS key.\n Aliases that Amazon Web Services creates in your account, including predefined aliases, do not count against\n your KMS aliases\n quota.

                                                                                                \n

                                                                                                \n Cross-account use: No. ListAliases does not\n return aliases in other Amazon Web Services accounts.

                                                                                                \n \n\n

                                                                                                \n Required permissions: kms:ListAliases (IAM policy)

                                                                                                \n

                                                                                                For details, see Controlling access to aliases in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n ", "smithy.api#paginated": { "inputToken": "Marker", "outputToken": "NextMarker", @@ -3438,7 +3438,7 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Lists only aliases that are associated with the specified KMS key. Enter a KMS key in your Amazon Web Services account.

                                                                                                \n

                                                                                                This parameter is optional. If you omit it, ListAliases returns all aliases\n in the account and Region.

                                                                                                \n \n

                                                                                                Specify the key ID or key ARN of the KMS key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Lists only aliases that are associated with the specified KMS key. Enter a KMS key in your\n Amazon Web Services account.

                                                                                                \n

                                                                                                This parameter is optional. If you omit it, ListAliases returns all aliases\n in the account and Region.

                                                                                                \n

                                                                                                Specify the key ID or key ARN of the KMS key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                " } }, "Limit": { @@ -3510,7 +3510,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Gets a list of all grants for the specified KMS key.

                                                                                                \n

                                                                                                You must specify the KMS key in all requests. You can filter the grant list by grant ID\n or grantee principal.

                                                                                                \n

                                                                                                For detailed information about grants, including grant terminology, see Using grants in the\n \n Key Management Service Developer Guide\n . For examples of working with grants in several\n programming languages, see Programming grants.

                                                                                                \n \n

                                                                                                The GranteePrincipal field in the ListGrants response usually contains the\n user or role designated as the grantee principal in the grant. However, when the grantee\n principal in the grant is an Amazon Web Services service, the GranteePrincipal field contains\n the service\n principal, which might represent several different grantee principals.

                                                                                                \n                                                                                                 \n

                                                                                                \n Cross-account use: Yes. To perform this operation on a KMS key in a different Amazon Web Services account, specify the key\n ARN in the value of the KeyId parameter.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:ListGrants (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n ", + "smithy.api#documentation": "

                                                                                                Gets a list of all grants for the specified KMS key.

                                                                                                \n

                                                                                                You must specify the KMS key in all requests. You can filter the grant list by grant ID or\n grantee principal.

                                                                                                \n

                                                                                                For detailed information about grants, including grant terminology, see Using grants in the\n \n Key Management Service Developer Guide\n . For examples of working with grants in several\n programming languages, see Programming grants.

                                                                                                \n \n

                                                                                                The GranteePrincipal field in the ListGrants response usually contains the\n user or role designated as the grantee principal in the grant. However, when the grantee\n principal in the grant is an Amazon Web Services service, the GranteePrincipal field contains\n the service\n principal, which might represent several different grantee principals.

                                                                                                \n                                                                                                 \n

                                                                                                \n Cross-account use: Yes. To perform this operation on a KMS key in a different Amazon Web Services account, specify the key\n ARN in the value of the KeyId parameter.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:ListGrants (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n ", "smithy.api#paginated": { "inputToken": "Marker", "outputToken": "NextMarker", @@ -3537,7 +3537,7 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Returns only grants for the specified KMS key. This parameter is\n required.

                                                                                                \n

                                                                                                Specify the key ID or key ARN of the KMS key. To specify a KMS key in a\ndifferent Amazon Web Services account, you must use the key ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Returns only grants for the specified KMS key. This parameter is required.

                                                                                                \n \n

                                                                                                Specify the key ID or key ARN of the KMS key. To specify a KMS key in a\ndifferent Amazon Web Services account, you must use the key ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", "smithy.api#required": {} } }, @@ -3604,7 +3604,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Gets the names of the key policies that are attached to a KMS key. This\n operation is designed to get policy names that you can use in a GetKeyPolicy\n operation. However, the only valid policy name is default.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:ListKeyPolicies (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n ", + "smithy.api#documentation": "

                                                                                                Gets the names of the key policies that are attached to a KMS key. This operation is\n designed to get policy names that you can use in a GetKeyPolicy operation.\n However, the only valid policy name is default.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:ListKeyPolicies (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n ", "smithy.api#paginated": { "inputToken": "Marker", "outputToken": "NextMarker", @@ -3680,7 +3680,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Gets a list of all KMS keys in the caller's Amazon Web Services account and\n Region.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:ListKeys (IAM policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n ", + "smithy.api#documentation": "

                                                                                                Gets a list of all KMS keys in the caller's Amazon Web Services account and Region.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:ListKeys (IAM policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n ", "smithy.api#paginated": { "inputToken": "Marker", "outputToken": "NextMarker", @@ -3752,7 +3752,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Returns all tags on the specified KMS key.

                                                                                                \n

                                                                                                For general information about tags, including the format and syntax, see Tagging Amazon Web Services resources in\n the Amazon Web Services General Reference. For information about using\n tags in KMS, see Tagging\n keys.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:ListResourceTags (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Returns all tags on the specified KMS key.

                                                                                                \n

                                                                                                For general information about tags, including the format and syntax, see Tagging Amazon Web Services resources in\n the Amazon Web Services General Reference. For information about using\n tags in KMS, see Tagging\n keys.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:ListResourceTags (key policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#ListResourceTagsRequest": { @@ -3828,7 +3828,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Returns information about all grants in the Amazon Web Services account and Region that have the specified\n retiring principal.

                                                                                                \n

                                                                                                You can specify any principal in your Amazon Web Services account. The grants that are returned include\n grants for KMS keys in your Amazon Web Services account and other Amazon Web Services accounts. You might use this operation to\n determine which grants you may retire. To retire a grant, use the RetireGrant operation.

                                                                                                \n

                                                                                                For detailed information about grants, including grant terminology, see Using grants in the\n \n Key Management Service Developer Guide\n . For examples of working with grants in several\n programming languages, see Programming grants.

                                                                                                \n

                                                                                                \n Cross-account use: You must specify a principal in your\n Amazon Web Services account. However, this operation can return grants in any Amazon Web Services account. You do not need\n kms:ListRetirableGrants permission (or any other additional permission) in any\n Amazon Web Services account other than your own.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:ListRetirableGrants (IAM policy) in your Amazon Web Services account.

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Returns information about all grants in the Amazon Web Services account and Region that have the\n specified retiring principal.

                                                                                                \n

                                                                                                You can specify any principal in your Amazon Web Services account. The grants that are returned include\n grants for KMS keys in your Amazon Web Services account and other Amazon Web Services accounts. You might use this\n operation to determine which grants you may retire. To retire a grant, use the RetireGrant operation.

                                                                                                \n

                                                                                                For detailed information about grants, including grant terminology, see Using grants in the\n \n Key Management Service Developer Guide\n . For examples of working with grants in several\n programming languages, see Programming grants.

                                                                                                \n

                                                                                                \n Cross-account use: You must specify a principal in your\n Amazon Web Services account. However, this operation can return grants in any Amazon Web Services account. You do not need\n kms:ListRetirableGrants permission (or any other additional permission) in any\n Amazon Web Services account other than your own.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:ListRetirableGrants (IAM policy) in your\n Amazon Web Services account.

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#ListRetirableGrantsRequest": { @@ -3849,7 +3849,7 @@ "RetiringPrincipal": { "target": "com.amazonaws.kms#PrincipalIdType", "traits": { - "smithy.api#documentation": "

                                                                                                The retiring principal for which to list grants. Enter a principal in your Amazon Web Services account.

                                                                                                \n

                                                                                                To specify the retiring principal, use the Amazon Resource Name (ARN) of an Amazon Web Services principal. Valid Amazon Web Services principals include Amazon Web Services accounts (root), IAM users, federated users, and\n assumed role users. For examples of the ARN syntax for specifying a principal, see Amazon Web Services Identity and Access Management (IAM) in the Example ARNs section of the\n Amazon Web Services General Reference.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The retiring principal for which to list grants. Enter a principal in your\n Amazon Web Services account.

                                                                                                \n

                                                                                                To specify the retiring principal, use the Amazon Resource Name (ARN) of an\n Amazon Web Services principal. Valid Amazon Web Services principals include Amazon Web Services accounts (root), IAM users, federated\n users, and assumed role users. For examples of the ARN syntax for specifying a principal, see\n Amazon Web Services Identity and Access Management (IAM) in the Example ARNs section of the\n Amazon Web Services General Reference.

                                                                                                ", "smithy.api#required": {} } } @@ -3903,24 +3903,24 @@ "MultiRegionKeyType": { "target": "com.amazonaws.kms#MultiRegionKeyType", "traits": { - "smithy.api#documentation": "

                                                                                                Indicates whether the KMS key is a PRIMARY or REPLICA key.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Indicates whether the KMS key is a PRIMARY or REPLICA\n key.

                                                                                                " } }, "PrimaryKey": { "target": "com.amazonaws.kms#MultiRegionKey", "traits": { - "smithy.api#documentation": "

                                                                                                Displays the key ARN and Region of the primary key. This field includes the current KMS key if\n it is the primary key.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Displays the key ARN and Region of the primary key. This field includes the current KMS\n key if it is the primary key.

                                                                                                " } }, "ReplicaKeys": { "target": "com.amazonaws.kms#MultiRegionKeyList", "traits": { - "smithy.api#documentation": "

                                                                                                displays the key ARNs and Regions of all replica keys. This field includes the current KMS key\n if it is a replica key.

                                                                                                " + "smithy.api#documentation": "

                                                                                                displays the key ARNs and Regions of all replica keys. This field includes the current KMS\n key if it is a replica key.

                                                                                                " } } }, "traits": { - "smithy.api#documentation": "

                                                                                                Describes the configuration of this multi-Region key. This field appears only when the KMS key\n is a primary or replica of a multi-Region key.

                                                                                                \n

                                                                                                For more information about any listed KMS key, use the DescribeKey\n operation.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Describes the configuration of this multi-Region key. This field appears only when the KMS\n key is a primary or replica of a multi-Region key.

                                                                                                \n

                                                                                                For more information about any listed KMS key, use the DescribeKey\n operation.

                                                                                                " } }, "com.amazonaws.kms#MultiRegionKey": { @@ -4113,7 +4113,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Attaches a key policy to the specified KMS key.

                                                                                                \n

                                                                                                For more information about key policies, see Key Policies in the Key Management Service Developer Guide.\n For help writing and formatting a JSON policy document, see the IAM JSON Policy Reference in the \n Identity and Access Management User Guide\n . For examples of adding a key policy in multiple programming languages,\n see Setting a key policy in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:PutKeyPolicy (key policy)

                                                                                                \n

                                                                                                \n Related operations: GetKeyPolicy\n

                                                                                                " + "smithy.api#documentation": "

                                                                                                Attaches a key policy to the specified KMS key.

                                                                                                \n

                                                                                                For more information about key policies, see Key Policies in the Key Management Service Developer Guide.\n For help writing and formatting a JSON policy document, see the IAM JSON Policy Reference in the \n Identity and Access Management User Guide\n . For examples of adding a key policy in multiple programming languages,\n see Setting a key policy in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:PutKeyPolicy (key policy)

                                                                                                \n

                                                                                                \n Related operations: GetKeyPolicy\n

                                                                                                " } }, "com.amazonaws.kms#PutKeyPolicyRequest": { @@ -4136,14 +4136,14 @@ "Policy": { "target": "com.amazonaws.kms#PolicyType", "traits": { - "smithy.api#documentation": "

                                                                                                The key policy to attach to the KMS key.

                                                                                                \n

                                                                                                The key policy must meet the following criteria:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy\n must allow the principal that is making the PutKeyPolicy request to make a\n subsequent PutKeyPolicy request on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, refer to the scenario in the Default Key Policy section of the Key Management Service Developer Guide.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Each statement in the key policy must contain one or more principals. The principals\n in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services principal\n (for example, an IAM user or role), you might need to enforce a delay before including the\n new principal in a key policy because the new principal might not be immediately visible\n to KMS. For more information, see Changes that I make are not always immediately visible in the Amazon Web Services Identity and Access Management User Guide.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                The key policy cannot exceed 32 kilobytes (32768 bytes). For more information, see Resource Quotas in the\n Key Management Service Developer Guide.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The key policy to attach to the KMS key.

                                                                                                \n

                                                                                                The key policy must meet the following criteria:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy\n must allow the principal that is making the PutKeyPolicy request to make a\n subsequent PutKeyPolicy request on the KMS key. This reduces the risk that\n the KMS key becomes unmanageable. For more information, refer to the scenario in the\n Default Key Policy section of the Key Management Service Developer Guide.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Each statement in the key policy must contain one or more principals. The principals\n in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services\n principal (for example, an IAM user or role), you might need to enforce a delay before\n including the new principal in a key policy because the new principal might not be\n immediately visible to KMS. For more information, see Changes that I make are not always immediately visible in the Amazon Web Services\n Identity and Access Management User Guide.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                The key policy cannot exceed 32 kilobytes (32768 bytes). For more information, see Resource Quotas in the\n Key Management Service Developer Guide.

                                                                                                ", "smithy.api#required": {} } }, "BypassPolicyLockoutSafetyCheck": { "target": "com.amazonaws.kms#BooleanType", "traits": { - "smithy.api#documentation": "

                                                                                                A flag to indicate whether to bypass the key policy lockout safety check.

                                                                                                \n \n

                                                                                                Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not\n set this value to true indiscriminately.

                                                                                                \n

                                                                                                For more information, refer to the scenario in the Default Key Policy section in the Key Management Service Developer Guide.

                                                                                                \n                                                                                                 \n

                                                                                                Use this parameter only when you intend to prevent the principal that is making the\n request from making a subsequent PutKeyPolicy request on the KMS key.

                                                                                                \n

                                                                                                The default value is false.

                                                                                                " + "smithy.api#documentation": "

                                                                                                A flag to indicate whether to bypass the key policy lockout safety check.

                                                                                                \n \n

                                                                                                Setting this value to true increases the risk that the KMS key becomes unmanageable. Do\n not set this value to true indiscriminately.

                                                                                                \n

                                                                                                For more information, refer to the scenario in the Default Key Policy section in the Key Management Service Developer Guide.

                                                                                                \n                                                                                                 \n

                                                                                                Use this parameter only when you intend to prevent the principal that is making the\n request from making a subsequent PutKeyPolicy request on the KMS key.

                                                                                                \n

                                                                                                The default value is false.

                                                                                                " } } } @@ -4189,7 +4189,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Decrypts ciphertext and then reencrypts it entirely within KMS. You can use this\n operation to change the KMS key under which data is encrypted, such as when\n you manually rotate a KMS key or change the KMS key that protects a ciphertext. You can also\n use it to reencrypt ciphertext under the same KMS key, such as to change the encryption\n context of a ciphertext.

                                                                                                \n

                                                                                                The ReEncrypt operation can decrypt ciphertext that was encrypted by using an\n KMS KMS key in an KMS operation, such as Encrypt or GenerateDataKey. It can also decrypt ciphertext that was encrypted by using the\n public key of an asymmetric KMS key outside of KMS. However, it cannot decrypt ciphertext\n produced by other libraries, such as the Amazon Web Services Encryption SDK or Amazon S3 client-side encryption.\n These libraries return a ciphertext format that is incompatible with KMS.

                                                                                                \n

                                                                                                When you use the ReEncrypt operation, you need to provide information for the\n decrypt operation and the subsequent encrypt operation.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  If your ciphertext was encrypted under an asymmetric KMS key, you must use the\n SourceKeyId parameter to identify the KMS key that encrypted the ciphertext.\n You must also supply the encryption algorithm that was used. This information is required\n to decrypt the data.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  If your ciphertext was encrypted under a symmetric KMS key, the SourceKeyId\n parameter is optional. KMS can get this information from metadata that it adds to the\n symmetric ciphertext blob. This feature adds durability to your implementation by ensuring\n that authorized users can decrypt ciphertext decades after it was encrypted, even if\n they've lost track of the key ID. However, specifying the source KMS key is always recommended\n as a best practice. When you use the SourceKeyId parameter to specify a KMS key,\n KMS uses only the KMS key you specify. If the ciphertext was encrypted under a different KMS key, the ReEncrypt operation fails. This practice ensures that you use the KMS key that you intend.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  To reencrypt the data, you must use the DestinationKeyId parameter\n specify the KMS key that re-encrypts the data after it is decrypted. You can select a\n symmetric or asymmetric KMS key. If the destination KMS key is an asymmetric KMS key, you must also\n provide the encryption algorithm. The algorithm that you choose must be compatible with\n the KMS key.

                                                                                                  \n\n \n

                                                                                                  When you use an asymmetric KMS key to encrypt or reencrypt data, be sure to record the KMS key and encryption algorithm that you choose. You will be required to provide the same KMS key and encryption algorithm when you decrypt the data. If the KMS key and algorithm do not match the values used to encrypt the data, the decrypt operation fails.

                                                                                                  \n

                                                                                                  You are not required to supply the key ID and encryption algorithm when you decrypt with symmetric KMS keys because KMS stores this information in the ciphertext blob. KMS cannot store metadata in ciphertext generated with asymmetric keys. The standard format for asymmetric key ciphertext does not include configurable fields.

                                                                                                  \n                                                                                                   \n
                                                                                                  • \n
                                                                                                \n \n \n \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: Yes. The source KMS key and destination KMS key can be in different Amazon Web Services accounts. Either or both KMS keys can be in a different account than\n the caller. To specify a KMS key in a different account, you must use its key ARN or alias\n ARN.

                                                                                                \n\n

                                                                                                \n Required permissions:

                                                                                                \n \n

                                                                                                To permit reencryption from or to a KMS key, include the \"kms:ReEncrypt*\"\n permission in your key policy. This permission is\n automatically included in the key policy when you use the console to create a KMS key. But you\n must include it manually when you create a KMS key programmatically or when you use the PutKeyPolicy operation to set a key policy.

                                                                                                \n \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Decrypts ciphertext and then reencrypts it entirely within KMS. You can use this\n operation to change the KMS key under which data is encrypted, such as when you manually\n rotate a KMS key or change the KMS key that protects a ciphertext. You can also use\n it to reencrypt ciphertext under the same KMS key, such as to change the encryption\n context of a ciphertext.

                                                                                                \n

                                                                                                The ReEncrypt operation can decrypt ciphertext that was encrypted by using an\n KMS KMS key in an KMS operation, such as Encrypt or GenerateDataKey. It can also decrypt ciphertext that was encrypted by using the\n public key of an asymmetric KMS key\n outside of KMS. However, it cannot decrypt ciphertext produced by other libraries, such as\n the Amazon Web Services Encryption SDK or\n Amazon S3\n client-side encryption. These libraries return a ciphertext format that is\n incompatible with KMS.

                                                                                                \n

                                                                                                When you use the ReEncrypt operation, you need to provide information for the\n decrypt operation and the subsequent encrypt operation.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  If your ciphertext was encrypted under an asymmetric KMS key, you must use the\n SourceKeyId parameter to identify the KMS key that encrypted the\n ciphertext. You must also supply the encryption algorithm that was used. This information\n is required to decrypt the data.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  If your ciphertext was encrypted under a symmetric KMS key, the\n SourceKeyId parameter is optional. KMS can get this information from\n metadata that it adds to the symmetric ciphertext blob. This feature adds durability to\n your implementation by ensuring that authorized users can decrypt ciphertext decades after\n it was encrypted, even if they've lost track of the key ID. However, specifying the source\n KMS key is always recommended as a best practice. When you use the\n SourceKeyId parameter to specify a KMS key, KMS uses only the KMS key you\n specify. If the ciphertext was encrypted under a different KMS key, the\n ReEncrypt operation fails. This practice ensures that you use the KMS key\n that you intend.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  To reencrypt the data, you must use the DestinationKeyId parameter\n specify the KMS key that re-encrypts the data after it is decrypted. You can select a\n symmetric or asymmetric KMS key. If the destination KMS key is an asymmetric KMS key, you\n must also provide the encryption algorithm. The algorithm that you choose must be\n compatible with the KMS key.

                                                                                                  \n\n \n

                                                                                                  When you use an asymmetric KMS key to encrypt or reencrypt data, be sure to record the KMS key and encryption algorithm that you choose. You will be required to provide the same KMS key and encryption algorithm when you decrypt the data. If the KMS key and algorithm do not match the values used to encrypt the data, the decrypt operation fails.

                                                                                                  \n

                                                                                                  You are not required to supply the key ID and encryption algorithm when you decrypt with symmetric KMS keys because KMS stores this information in the ciphertext blob. KMS cannot store metadata in ciphertext generated with asymmetric keys. The standard format for asymmetric key ciphertext does not include configurable fields.

                                                                                                  \n                                                                                                   \n
                                                                                                  • \n
                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: Yes.\n The source KMS key and destination KMS key can be in different Amazon Web Services accounts. Either or both\n KMS keys can be in a different account than the caller. To specify a KMS key in a different\n account, you must use its key ARN or alias ARN.

                                                                                                \n\n

                                                                                                \n Required permissions:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n kms:ReEncryptFrom\n permission on the source KMS key (key policy)

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kms:ReEncryptTo\n permission on the destination KMS key (key policy)

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To permit reencryption from or to a KMS key, include the \"kms:ReEncrypt*\"\n permission in your key policy. This permission is\n automatically included in the key policy when you use the console to create a KMS key. But you\n must include it manually when you create a KMS key programmatically or when you use the PutKeyPolicy operation to set a key policy.

                                                                                                \n\n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#ReEncryptRequest": { @@ -4211,32 +4211,32 @@ "SourceKeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies the KMS key that\n KMS will use to decrypt the ciphertext before it is re-encrypted. Enter a key ID of the KMS key\n that was used to encrypt the ciphertext.

                                                                                                \n

                                                                                                This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key.\n If you used a symmetric KMS key, KMS can get the KMS key from metadata that it adds to the\n symmetric ciphertext blob. However, it is always recommended as a best practice. This practice\n ensures that you use the KMS key that you intend.

                                                                                                \n \n

                                                                                                To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias name: alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Specifies the KMS key that KMS will use to decrypt the ciphertext before it is\n re-encrypted. Enter a key ID of the KMS key that was used to encrypt the ciphertext.

                                                                                                \n

                                                                                                This parameter is required only when the ciphertext was encrypted under an asymmetric KMS\n key. If you used a symmetric KMS key, KMS can get the KMS key from metadata that it adds to\n the symmetric ciphertext blob. However, it is always recommended as a best practice. This\n practice ensures that you use the KMS key that you intend.

                                                                                                \n \n

                                                                                                To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias name: alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

                                                                                                " } }, "DestinationKeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                A unique identifier for the KMS key that is used to reencrypt the data. Specify a symmetric or\n asymmetric KMS key with a KeyUsage value of ENCRYPT_DECRYPT. To find the\n KeyUsage value of a KMS key, use the DescribeKey\n operation.

                                                                                                \n

                                                                                                To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias name: alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                A unique identifier for the KMS key that is used to reencrypt the data. Specify a\n symmetric or asymmetric KMS key with a KeyUsage value of\n ENCRYPT_DECRYPT. To find the KeyUsage value of a KMS key, use the\n DescribeKey operation.

                                                                                                \n

                                                                                                To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias name: alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

                                                                                                ", "smithy.api#required": {} } }, "DestinationEncryptionContext": { "target": "com.amazonaws.kms#EncryptionContextType", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies that encryption context to use when the reencrypting the data.

                                                                                                \n

                                                                                                A destination encryption context is valid only when the destination KMS key is a symmetric KMS key. The standard ciphertext format for asymmetric KMS keys does not include fields for\n metadata.

                                                                                                \n

                                                                                                An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric KMS key, but it is highly recommended.

                                                                                                \n

                                                                                                For more information, see\n Encryption\n Context in the Key Management Service Developer Guide.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Specifies that encryption context to use when the reencrypting the data.

                                                                                                \n

                                                                                                A destination encryption context is valid only when the destination KMS key is a symmetric\n KMS key. The standard ciphertext format for asymmetric KMS keys does not include fields for\n metadata.

                                                                                                \n

                                                                                                An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric KMS key, but it is highly recommended.

                                                                                                \n

                                                                                                For more information, see\n Encryption\n Context in the Key Management Service Developer Guide.

                                                                                                " } }, "SourceEncryptionAlgorithm": { "target": "com.amazonaws.kms#EncryptionAlgorithmSpec", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies the encryption algorithm that KMS will use to decrypt the ciphertext before it\n is reencrypted. The default value, SYMMETRIC_DEFAULT, represents the algorithm\n used for symmetric KMS keys.

                                                                                                \n

                                                                                                Specify the same algorithm that was used to encrypt the ciphertext. If you specify a\n different algorithm, the decrypt attempt fails.

                                                                                                \n

                                                                                                This parameter is required only when the ciphertext was encrypted under an asymmetric KMS key.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Specifies the encryption algorithm that KMS will use to decrypt the ciphertext before it\n is reencrypted. The default value, SYMMETRIC_DEFAULT, represents the algorithm\n used for symmetric KMS keys.

                                                                                                \n

                                                                                                Specify the same algorithm that was used to encrypt the ciphertext. If you specify a\n different algorithm, the decrypt attempt fails.

                                                                                                \n

                                                                                                This parameter is required only when the ciphertext was encrypted under an asymmetric KMS\n key.

                                                                                                " } }, "DestinationEncryptionAlgorithm": { "target": "com.amazonaws.kms#EncryptionAlgorithmSpec", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies the encryption algorithm that KMS will use to reecrypt the data after it has\n decrypted it. The default value, SYMMETRIC_DEFAULT, represents the encryption\n algorithm used for symmetric KMS keys.

                                                                                                \n

                                                                                                This parameter is required only when the destination KMS key is an asymmetric KMS key.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Specifies the encryption algorithm that KMS will use to reecrypt the data after it has\n decrypted it. The default value, SYMMETRIC_DEFAULT, represents the encryption\n algorithm used for symmetric KMS keys.

                                                                                                \n

                                                                                                This parameter is required only when the destination KMS key is an asymmetric KMS\n key.

                                                                                                " } }, "GrantTokens": { @@ -4333,7 +4333,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Replicates a multi-Region key into the specified Region. This operation creates a\n multi-Region replica key based on a multi-Region primary key in a different Region of the same\n Amazon Web Services partition. You can create multiple replicas of a primary key, but each must be in a\n different Region. To create a multi-Region primary key, use the CreateKey\n operation.

                                                                                                \n

                                                                                                This operation supports multi-Region keys, an KMS feature that lets you create multiple\n interoperable KMS keys in different Amazon Web Services Regions. Because these KMS keys have the same key ID, key\n material, and other metadata, you can use them interchangeably to encrypt data in one Amazon Web Services Region and decrypt\n it in a different Amazon Web Services Region without re-encrypting the data or making a cross-Region call. For more information about multi-Region keys, see Using multi-Region keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                A replica key is a fully-functional KMS key that can be used\n independently of its primary and peer replica keys. A primary key and its replica keys share\n properties that make them interoperable. They have the same key ID and key material. They also\n have the same key\n spec, key\n usage, key\n material origin, and automatic key rotation status. KMS automatically synchronizes these shared\n properties among related multi-Region keys. All other properties of a replica key can differ,\n including its key\n policy, tags, aliases, and key\n state. KMS pricing and quotas for KMS keys apply to each primary key and replica\n key.

                                                                                                \n

                                                                                                When this operation completes, the new replica key has a transient key state of\n Creating. This key state changes to Enabled (or\n PendingImport) after a few seconds when the process of creating the new replica\n key is complete. While the key state is Creating, you can manage key, but you\n cannot yet use it in cryptographic operations. If you are creating and using the replica key\n programmatically, retry on KMSInvalidStateException or call\n DescribeKey to check its KeyState value before using it. For\n details about the Creating key state, see Key state: Effect on your KMS key in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The CloudTrail log of a ReplicateKey operation records a\n ReplicateKey operation in the primary key's Region and a CreateKey operation in the replica key's Region.

                                                                                                \n

                                                                                                If you replicate a multi-Region primary key with imported key material, the replica key is\n created with no key material. You must import the same key material that you imported into the\n primary key. For details, see Importing key material into multi-Region keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                To convert a replica key to a primary key, use the UpdatePrimaryRegion\n operation.

                                                                                                \n \n

                                                                                                \n ReplicateKey uses different default values for the KeyPolicy and\n Tags parameters than those used in the KMS console. For details, see the\n parameter descriptions.

                                                                                                \n                                                                                                 \n

                                                                                                \n Cross-account use: No. You cannot use this operation to\n create a replica key in a different Amazon Web Services account.

                                                                                                \n

                                                                                                \n Required permissions:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n kms:ReplicateKey on the primary key (in the primary key's Region). Include this\n permission in the primary key's key policy.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kms:CreateKey in an IAM policy in the replica Region.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  To use the Tags parameter, kms:TagResource in an IAM policy\n in the replica Region.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                \n Related operations\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Replicates a multi-Region key into the specified Region. This operation creates a\n multi-Region replica key based on a multi-Region primary key in a different Region of the same\n Amazon Web Services partition. You can create multiple replicas of a primary key, but each must be in a\n different Region. To create a multi-Region primary key, use the CreateKey\n operation.

                                                                                                \n

                                                                                                This operation supports multi-Region keys, an KMS feature that lets you create multiple\n interoperable KMS keys in different Amazon Web Services Regions. Because these KMS keys have the same key ID, key\n material, and other metadata, you can use them interchangeably to encrypt data in one Amazon Web Services Region and decrypt\n it in a different Amazon Web Services Region without re-encrypting the data or making a cross-Region call. For more information about multi-Region keys, see Using multi-Region keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                A replica key is a fully-functional KMS key that can be used\n independently of its primary and peer replica keys. A primary key and its replica keys share\n properties that make them interoperable. They have the same key ID and key material. They also\n have the same key\n spec, key\n usage, key\n material origin, and automatic key rotation status. KMS automatically synchronizes these shared\n properties among related multi-Region keys. All other properties of a replica key can differ,\n including its key\n policy, tags, aliases, and key\n state. KMS pricing and quotas for KMS keys apply to each primary key and replica\n key.

                                                                                                \n

                                                                                                When this operation completes, the new replica key has a transient key state of\n Creating. This key state changes to Enabled (or\n PendingImport) after a few seconds when the process of creating the new replica\n key is complete. While the key state is Creating, you can manage key, but you\n cannot yet use it in cryptographic operations. If you are creating and using the replica key\n programmatically, retry on KMSInvalidStateException or call\n DescribeKey to check its KeyState value before using it. For\n details about the Creating key state, see Key state: Effect on your KMS key in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The CloudTrail log of a ReplicateKey operation records a\n ReplicateKey operation in the primary key's Region and a CreateKey operation in the replica key's Region.

                                                                                                \n

                                                                                                If you replicate a multi-Region primary key with imported key material, the replica key is\n created with no key material. You must import the same key material that you imported into the\n primary key. For details, see Importing key material into multi-Region keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                To convert a replica key to a primary key, use the UpdatePrimaryRegion\n operation.

                                                                                                \n \n

                                                                                                \n ReplicateKey uses different default values for the KeyPolicy\n and Tags parameters than those used in the KMS console. For details, see the\n parameter descriptions.

                                                                                                \n                                                                                                 \n

                                                                                                \n Cross-account use: No. You cannot use this operation to\n create a replica key in a different Amazon Web Services account.

                                                                                                \n

                                                                                                \n Required permissions:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n kms:ReplicateKey on the primary key (in the primary key's Region).\n Include this permission in the primary key's key policy.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kms:CreateKey in an IAM policy in the replica Region.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  To use the Tags parameter, kms:TagResource in an IAM policy\n in the replica Region.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                \n Related operations\n

                                                                                                \n " } }, "com.amazonaws.kms#ReplicateKeyRequest": { @@ -4342,7 +4342,7 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Identifies the multi-Region primary key that is being replicated. To determine whether a KMS key is a multi-Region primary key, use the DescribeKey operation to check\n the value of the MultiRegionKeyType property.

                                                                                                \n \n

                                                                                                Specify the key ID or key ARN of a multi-Region primary key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: mrk-1234abcd12ab34cd56ef1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Identifies the multi-Region primary key that is being replicated. To determine whether a\n KMS key is a multi-Region primary key, use the DescribeKey operation to\n check the value of the MultiRegionKeyType property.

                                                                                                \n \n

                                                                                                Specify the key ID or key ARN of a multi-Region primary key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: mrk-1234abcd12ab34cd56ef1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", "smithy.api#required": {} } }, @@ -4356,25 +4356,25 @@ "Policy": { "target": "com.amazonaws.kms#PolicyType", "traits": { - "smithy.api#documentation": "

                                                                                                The key policy to attach to the KMS key. This parameter is optional. If you do not provide a key policy, KMS attaches the default key policy to the KMS key.

                                                                                                \n

                                                                                                The key policy is not a shared property of multi-Region keys. You can specify the same key\n policy or a different key policy for each key in a set of related multi-Region keys. KMS\n does not synchronize this property.

                                                                                                \n

                                                                                                If you provide a key policy, it must meet the following criteria:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy\n must give the caller kms:PutKeyPolicy permission on the replica key. This reduces the\n risk that the KMS key becomes unmanageable. For more information, refer to the scenario in the\n Default Key Policy section of the \n Key Management Service Developer Guide\n .

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Each statement in the key policy must contain one or more principals. The principals\n in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services principal\n (for example, an IAM user or role), you might need to enforce a delay before including the\n new principal in a key policy because the new principal might not be immediately visible\n to KMS. For more information, see Changes that I make are not always immediately visible in the \n Identity and Access Management User Guide\n .

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  The key policy size quota is 32 kilobytes (32768 bytes).

                                                                                                  \n
                                                                                                  • \n
                                                                                                " + "smithy.api#documentation": "

                                                                                                The key policy to attach to the KMS key. This parameter is optional. If you do not provide\n a key policy, KMS attaches the default key policy to the\n KMS key.

                                                                                                \n

                                                                                                The key policy is not a shared property of multi-Region keys. You can specify the same key\n policy or a different key policy for each key in a set of related multi-Region keys. KMS\n does not synchronize this property.

                                                                                                \n

                                                                                                If you provide a key policy, it must meet the following criteria:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy\n must give the caller kms:PutKeyPolicy permission on the replica key. This\n reduces the risk that the KMS key becomes unmanageable. For more information, refer to the\n scenario in the Default Key Policy section of the \n Key Management Service Developer Guide\n .

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Each statement in the key policy must contain one or more principals. The principals\n in the key policy must exist and be visible to KMS. When you create a new Amazon Web Services\n principal (for example, an IAM user or role), you might need to enforce a delay before\n including the new principal in a key policy because the new principal might not be\n immediately visible to KMS. For more information, see Changes that I make are not always immediately visible in the\n \n Identity and Access Management User Guide\n .

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  The key policy size quota is 32 kilobytes (32768 bytes).

                                                                                                  \n
                                                                                                  • \n
                                                                                                " } }, "BypassPolicyLockoutSafetyCheck": { "target": "com.amazonaws.kms#BooleanType", "traits": { - "smithy.api#documentation": "

                                                                                                A flag to indicate whether to bypass the key policy lockout safety check.

                                                                                                \n \n

                                                                                                Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not\n set this value to true indiscriminately.

                                                                                                \n

                                                                                                For more information, refer to the scenario in the Default Key Policy section in the Key Management Service Developer Guide.

                                                                                                \n                                                                                                 \n

                                                                                                Use this parameter only when you intend to prevent the principal that is making the\n request from making a subsequent PutKeyPolicy request on the KMS key.

                                                                                                \n

                                                                                                The default value is false.

                                                                                                " + "smithy.api#documentation": "

                                                                                                A flag to indicate whether to bypass the key policy lockout safety check.

                                                                                                \n \n

                                                                                                Setting this value to true increases the risk that the KMS key becomes unmanageable. Do\n not set this value to true indiscriminately.

                                                                                                \n

                                                                                                For more information, refer to the scenario in the Default Key Policy section in the Key Management Service Developer Guide.

                                                                                                \n                                                                                                 \n

                                                                                                Use this parameter only when you intend to prevent the principal that is making the\n request from making a subsequent PutKeyPolicy request on the KMS key.

                                                                                                \n

                                                                                                The default value is false.

                                                                                                " } }, "Description": { "target": "com.amazonaws.kms#DescriptionType", "traits": { - "smithy.api#documentation": "

                                                                                                A description of the KMS key. The default value is an empty string (no description).

                                                                                                \n

                                                                                                The description is not a shared property of multi-Region keys. You can specify the same\n description or a different description for each key in a set of related multi-Region keys. KMS does not synchronize this property.

                                                                                                " + "smithy.api#documentation": "

                                                                                                A description of the KMS key. The default value is an empty string (no\n description).

                                                                                                \n

                                                                                                The description is not a shared property of multi-Region keys. You can specify the same\n description or a different description for each key in a set of related multi-Region keys.\n KMS does not synchronize this property.

                                                                                                " } }, "Tags": { "target": "com.amazonaws.kms#TagList", "traits": { - "smithy.api#documentation": "

                                                                                                Assigns one or more tags to the replica key. Use this parameter to tag the KMS key when it is created.\n To tag an existing KMS key, use the TagResource operation.

                                                                                                \n \n

                                                                                                Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                                                                \n                                                                                                 \n

                                                                                                To use this parameter, you must have kms:TagResource permission in an IAM policy.

                                                                                                \n

                                                                                                Tags are not a shared property of multi-Region keys. You can specify the same tags or\n different tags for each key in a set of related multi-Region keys. KMS does not\n synchronize this property.

                                                                                                \n

                                                                                                Each tag consists of a tag key and a tag value. Both the tag key and the tag value are\n required, but the tag value can be an empty (null) string. You cannot have more than one tag\n on a KMS key with the same tag key. If you specify an existing tag key with a different tag value,\n KMS replaces the current tag value with the specified one.

                                                                                                \n

                                                                                                When you add tags to an Amazon Web Services resource, Amazon Web Services generates a cost allocation\n report with usage and costs aggregated by tags. Tags can also be used to control access to a KMS key. For details,\n see Tagging Keys.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Assigns one or more tags to the replica key. Use this parameter to tag the KMS key when it\n is created. To tag an existing KMS key, use the TagResource\n operation.

                                                                                                \n \n

                                                                                                Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                                                                \n                                                                                                 \n

                                                                                                To use this parameter, you must have kms:TagResource permission in an IAM policy.

                                                                                                \n

                                                                                                Tags are not a shared property of multi-Region keys. You can specify the same tags or\n different tags for each key in a set of related multi-Region keys. KMS does not synchronize\n this property.

                                                                                                \n

                                                                                                Each tag consists of a tag key and a tag value. Both the tag key and the tag value are\n required, but the tag value can be an empty (null) string. You cannot have more than one tag\n on a KMS key with the same tag key. If you specify an existing tag key with a different tag\n value, KMS replaces the current tag value with the specified one.

                                                                                                \n

                                                                                                When you add tags to an Amazon Web Services resource, Amazon Web Services generates a cost allocation\n report with usage and costs aggregated by tags. Tags can also be used to control access to a KMS key. For details,\n see Tagging Keys.

                                                                                                " } } } @@ -4385,7 +4385,7 @@ "ReplicaKeyMetadata": { "target": "com.amazonaws.kms#KeyMetadata", "traits": { - "smithy.api#documentation": "

                                                                                                Displays details about the new replica key, including its Amazon Resource Name (key\n ARN) and key state. It also includes the ARN and Amazon Web Services Region of its primary key and other\n replica keys.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Displays details about the new replica key, including its Amazon Resource Name (key ARN) and\n key state. It also\n includes the ARN and Amazon Web Services Region of its primary key and other replica keys.

                                                                                                " } }, "ReplicaPolicy": { @@ -4431,7 +4431,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Deletes a grant. Typically, you retire a grant when you no longer need its permissions. To\n identify the grant to retire, use a grant token, or both the grant ID and a\n key identifier (key ID or key ARN) of the KMS key. The CreateGrant operation returns both values.

                                                                                                \n

                                                                                                This operation can be called by the retiring principal for a grant,\n by the grantee principal if the grant allows the RetireGrant\n operation, and by the Amazon Web Services account (root user) in which the grant is created. It can also be\n called by principals to whom permission for retiring a grant is delegated. For details, see\n Retiring and\n revoking grants in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                For detailed information about grants, including grant terminology, see Using grants in the\n \n Key Management Service Developer Guide\n . For examples of working with grants in several\n programming languages, see Programming grants.

                                                                                                \n

                                                                                                \n Cross-account use: Yes. You can retire a grant on a KMS key\n in a different Amazon Web Services account.

                                                                                                \n

                                                                                                \n Required permissions::Permission to retire a grant is\n determined primarily by the grant. For details, see Retiring and revoking grants in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Deletes a grant. Typically, you retire a grant when you no longer need its permissions. To\n identify the grant to retire, use a grant token, or both the grant ID and a\n key identifier (key ID or key ARN) of the KMS key. The CreateGrant operation\n returns both values.

                                                                                                \n

                                                                                                This operation can be called by the retiring principal for a grant,\n by the grantee principal if the grant allows the RetireGrant\n operation, and by the Amazon Web Services account (root user) in which the grant is created. It can also be\n called by principals to whom permission for retiring a grant is delegated. For details, see\n Retiring and\n revoking grants in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                For detailed information about grants, including grant terminology, see Using grants in the\n \n Key Management Service Developer Guide\n . For examples of working with grants in several\n programming languages, see Programming grants.

                                                                                                \n

                                                                                                \n Cross-account use: Yes. You can retire a grant on a KMS\n key in a different Amazon Web Services account.

                                                                                                \n

                                                                                                \n Required permissions::Permission to retire a grant is\n determined primarily by the grant. For details, see Retiring and revoking grants in\n the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#RetireGrantRequest": { @@ -4440,7 +4440,7 @@ "GrantToken": { "target": "com.amazonaws.kms#GrantTokenType", "traits": { - "smithy.api#documentation": "

                                                                                                Identifies the grant to be retired. You can use a grant token to identify a new grant even\n before it has achieved eventual consistency.

                                                                                                \n

                                                                                                Only the CreateGrant operation returns a grant token. For details, see\n Grant token\n and Eventual consistency in the Key Management Service Developer Guide.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Identifies the grant to be retired. You can use a grant token to identify a new grant even\n before it has achieved eventual consistency.

                                                                                                \n

                                                                                                Only the CreateGrant operation returns a grant token. For details, see\n Grant token\n and Eventual consistency in the Key Management Service Developer Guide.

                                                                                                " } }, "KeyId": { @@ -4452,7 +4452,7 @@ "GrantId": { "target": "com.amazonaws.kms#GrantIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Identifies the grant to retire. To get the grant ID, use CreateGrant,\n ListGrants, or ListRetirableGrants.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Grant ID Example -\n 0123456789012345678901234567890123456789012345678901234567890123

                                                                                                  \n
                                                                                                  • \n
                                                                                                " + "smithy.api#documentation": "

                                                                                                Identifies the grant to retire. To get the grant ID, use CreateGrant,\n ListGrants, or ListRetirableGrants.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Grant ID Example -\n 0123456789012345678901234567890123456789012345678901234567890123

                                                                                                  \n
                                                                                                  • \n
                                                                                                " } } } @@ -4483,7 +4483,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Deletes the specified grant. You revoke a grant to terminate the permissions that the\n grant allows. For more\n information, see Retiring and revoking grants in\n the \n Key Management Service Developer Guide\n .

                                                                                                \n

                                                                                                When you create, retire, or revoke a grant, there might be a brief delay, usually less than five minutes, until the grant is available throughout KMS. This state is known as eventual consistency. For details, see Eventual consistency in\n the \n Key Management Service Developer Guide\n .

                                                                                                \n

                                                                                                For detailed information about grants, including grant terminology, see Using grants in the\n \n Key Management Service Developer Guide\n . For examples of working with grants in several\n programming languages, see Programming grants.

                                                                                                \n

                                                                                                \n Cross-account use: Yes. To perform this operation on a KMS key in a different Amazon Web Services account, specify the key\n ARN in the value of the KeyId parameter.

                                                                                                \n

                                                                                                \n Required permissions: kms:RevokeGrant (key policy).

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Deletes the specified grant. You revoke a grant to terminate the permissions that the\n grant allows. For more information, see Retiring and revoking grants in\n the \n Key Management Service Developer Guide\n .

                                                                                                \n

                                                                                                When you create, retire, or revoke a grant, there might be a brief delay, usually less than five minutes, until the grant is available throughout KMS. This state is known as eventual consistency. For details, see Eventual consistency in\n the \n Key Management Service Developer Guide\n .

                                                                                                \n

                                                                                                For detailed information about grants, including grant terminology, see Using grants in the\n \n Key Management Service Developer Guide\n . For examples of working with grants in several\n programming languages, see Programming grants.

                                                                                                \n

                                                                                                \n Cross-account use: Yes. To perform this operation on a KMS key in a different Amazon Web Services account, specify the key\n ARN in the value of the KeyId parameter.

                                                                                                \n

                                                                                                \n Required permissions: kms:RevokeGrant (key policy).

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#RevokeGrantRequest": { @@ -4492,14 +4492,14 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                A unique identifier for the KMS key associated with the grant. To get\n the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                \n \n

                                                                                                Specify the key ID or key ARN of the KMS key. To specify a KMS key in a\ndifferent Amazon Web Services account, you must use the key ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                A unique identifier for the KMS key associated with the grant. To get the key ID and key\n ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                \n \n

                                                                                                Specify the key ID or key ARN of the KMS key. To specify a KMS key in a\ndifferent Amazon Web Services account, you must use the key ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", "smithy.api#required": {} } }, "GrantId": { "target": "com.amazonaws.kms#GrantIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Identifies the grant to revoke. To get the grant ID, use CreateGrant,\n ListGrants, or ListRetirableGrants.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Identifies the grant to revoke. To get the grant ID, use CreateGrant,\n ListGrants, or ListRetirableGrants.

                                                                                                ", "smithy.api#required": {} } } @@ -4531,7 +4531,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Schedules the deletion of a KMS key. By default, KMS applies a waiting\n period of 30 days, but you can specify a waiting period of 7-30 days. When this operation is\n successful, the key state of the KMS key changes to PendingDeletion and the key can't\n be used in any cryptographic operations. It remains in this state for the duration of the\n waiting period. Before the waiting period ends, you can use CancelKeyDeletion to cancel the deletion of the KMS key. After the waiting period ends, KMS deletes the KMS key,\n its key material, and all KMS data associated with it, including all aliases that refer to\n it.

                                                                                                \n \n

                                                                                                Deleting a KMS key is a destructive and potentially dangerous operation. When a KMS key is\n deleted, all data that was encrypted under the KMS key is unrecoverable. (The only exception is\n a multi-Region replica key.) To prevent the use of a KMS key without deleting it, use DisableKey.

                                                                                                \n                                                                                                 \n

                                                                                                If you schedule deletion of a KMS key from a custom key store, when the waiting period\n expires, ScheduleKeyDeletion deletes the KMS key from KMS. Then KMS makes a best\n effort to delete the key material from the associated CloudHSM cluster. However, you might need\n to manually delete the orphaned key\n material from the cluster and its backups.

                                                                                                \n

                                                                                                You can schedule the deletion of a multi-Region primary key and its replica keys at any\n time. However, KMS will not delete a multi-Region primary key with existing replica keys. If\n you schedule the deletion of a primary key with replicas, its key state changes to\n PendingReplicaDeletion and it cannot be replicated or used in cryptographic\n operations. This status can continue indefinitely. When the last of its replicas keys is\n deleted (not just scheduled), the key state of the primary key changes to\n PendingDeletion and its waiting period (PendingWindowInDays)\n begins. For details, see Deleting multi-Region keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                For more information about scheduling a KMS key for deletion, see Deleting KMS keys in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n \n \n

                                                                                                \n Required permissions: kms:ScheduleKeyDeletion (key policy)

                                                                                                \n

                                                                                                \n Related operations\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Schedules the deletion of a KMS key. By default, KMS applies a waiting period of 30\n days, but you can specify a waiting period of 7-30 days. When this operation is successful,\n the key state of the KMS key changes to PendingDeletion and the key can't be used\n in any cryptographic operations. It remains in this state for the duration of the waiting\n period. Before the waiting period ends, you can use CancelKeyDeletion to\n cancel the deletion of the KMS key. After the waiting period ends, KMS deletes the KMS key,\n its key material, and all KMS data associated with it, including all aliases that refer to\n it.

                                                                                                \n \n

                                                                                                Deleting a KMS key is a destructive and potentially dangerous operation. When a KMS key\n is deleted, all data that was encrypted under the KMS key is unrecoverable. (The only\n exception is a multi-Region replica key.) To prevent the use of a KMS key without deleting\n it, use DisableKey.

                                                                                                \n                                                                                                 \n

                                                                                                If you schedule deletion of a KMS key from a custom key store, when the waiting period\n expires, ScheduleKeyDeletion deletes the KMS key from KMS. Then KMS makes a\n best effort to delete the key material from the associated CloudHSM cluster. However, you might\n need to manually delete the orphaned key\n material from the cluster and its backups.

                                                                                                \n

                                                                                                You can schedule the deletion of a multi-Region primary key and its replica keys at any\n time. However, KMS will not delete a multi-Region primary key with existing replica keys. If\n you schedule the deletion of a primary key with replicas, its key state changes to\n PendingReplicaDeletion and it cannot be replicated or used in cryptographic\n operations. This status can continue indefinitely. When the last of its replicas keys is\n deleted (not just scheduled), the key state of the primary key changes to\n PendingDeletion and its waiting period (PendingWindowInDays)\n begins. For details, see Deleting multi-Region keys in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                For more information about scheduling a KMS key for deletion, see Deleting KMS keys in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account\n use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n\n\n

                                                                                                \n Required permissions: kms:ScheduleKeyDeletion (key\n policy)

                                                                                                \n

                                                                                                \n Related operations\n

                                                                                                \n " } }, "com.amazonaws.kms#ScheduleKeyDeletionRequest": { @@ -4540,14 +4540,14 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                The unique identifier of the KMS key to delete.

                                                                                                \n \n

                                                                                                Specify the key ID or key ARN of the KMS key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The unique identifier of the KMS key to delete.

                                                                                                \n

                                                                                                Specify the key ID or key ARN of the KMS key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", "smithy.api#required": {} } }, "PendingWindowInDays": { "target": "com.amazonaws.kms#PendingWindowInDaysType", "traits": { - "smithy.api#documentation": "

                                                                                                The waiting period, specified in number of days. After the waiting period ends, KMS\n deletes the KMS key.

                                                                                                \n

                                                                                                If the KMS key is a multi-Region primary key with replicas, the waiting period begins when the\n last of its replica keys is deleted. Otherwise, the waiting period begins immediately.

                                                                                                \n

                                                                                                This value is optional. If you include a value, it must be between 7 and 30, inclusive. If\n you do not include a value, it defaults to 30.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The waiting period, specified in number of days. After the waiting period ends, KMS\n deletes the KMS key.

                                                                                                \n

                                                                                                If the KMS key is a multi-Region primary key with replicas, the waiting period begins when\n the last of its replica keys is deleted. Otherwise, the waiting period begins\n immediately.

                                                                                                \n

                                                                                                This value is optional. If you include a value, it must be between 7 and 30, inclusive. If\n you do not include a value, it defaults to 30.

                                                                                                " } } } @@ -4564,19 +4564,19 @@ "DeletionDate": { "target": "com.amazonaws.kms#DateType", "traits": { - "smithy.api#documentation": "

                                                                                                The date and time after which KMS deletes the KMS key.

                                                                                                \n

                                                                                                If the KMS key is a multi-Region primary key with replica keys, this field does not appear.\n The deletion date for the primary key isn't known until its last replica key is\n deleted.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The date and time after which KMS deletes the KMS key.

                                                                                                \n

                                                                                                If the KMS key is a multi-Region primary key with replica keys, this field does not\n appear. The deletion date for the primary key isn't known until its last replica key is\n deleted.

                                                                                                " } }, "KeyState": { "target": "com.amazonaws.kms#KeyState", "traits": { - "smithy.api#documentation": "

                                                                                                The current status of the KMS key.

                                                                                                \n

                                                                                                For more information about how key state affects the use of a KMS key, see Key state: Effect on your KMS key\n in the Key Management Service Developer Guide.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The current status of the KMS key.

                                                                                                \n

                                                                                                For more information about how key state affects the use of a KMS key, see Key state: Effect on your KMS\n key in the Key Management Service Developer Guide.

                                                                                                " } }, "PendingWindowInDays": { "target": "com.amazonaws.kms#PendingWindowInDaysType", "traits": { - "smithy.api#documentation": "

                                                                                                The waiting period before the KMS key is deleted.

                                                                                                \n

                                                                                                If the KMS key is a multi-Region primary key with replicas, the waiting period begins when the\n last of its replica keys is deleted. Otherwise, the waiting period begins immediately.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The waiting period before the KMS key is deleted.

                                                                                                \n

                                                                                                If the KMS key is a multi-Region primary key with replicas, the waiting period begins when\n the last of its replica keys is deleted. Otherwise, the waiting period begins\n immediately.

                                                                                                " } } } @@ -4616,7 +4616,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Creates a digital\n signature for a message or message digest by using the private key in an asymmetric KMS key. To verify the signature, use the Verify operation, or use the public\n key in the same asymmetric KMS key outside of KMS. For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                Digital signatures are generated and verified by using asymmetric key pair, such as an RSA\n or ECC pair that is represented by an asymmetric KMS key. The key owner (or\n an authorized user) uses their private key to sign a message. Anyone with the public key can\n verify that the message was signed with that particular private key and that the message\n hasn't changed since it was signed.

                                                                                                \n

                                                                                                To use the Sign operation, provide the following information:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Use the KeyId parameter to identify an asymmetric KMS key with a\n KeyUsage value of SIGN_VERIFY. To get the\n KeyUsage value of a KMS key, use the DescribeKey operation.\n The caller must have kms:Sign permission on the KMS key.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Use the Message parameter to specify the message or message digest to\n sign. You can submit messages of up to 4096 bytes. To sign a larger message, generate a\n hash digest of the message, and then provide the hash digest in the Message\n parameter. To indicate whether the message is a full message or a digest, use the\n MessageType parameter.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Choose a signing algorithm that is compatible with the KMS key.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n \n

                                                                                                When signing a message, be sure to record the KMS key and the signing algorithm. This\n information is required to verify the signature.

                                                                                                \n                                                                                                 \n

                                                                                                To verify the signature that this operation generates, use the Verify\n operation. Or use the GetPublicKey operation to download the public key and\n then use the public key to verify the signature outside of KMS.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:Sign (key policy)

                                                                                                \n

                                                                                                \n Related operations: Verify\n

                                                                                                " + "smithy.api#documentation": "

                                                                                                Creates a digital\n signature for a message or message digest by using the private key in an asymmetric\n KMS key. To verify the signature, use the Verify operation, or use the\n public key in the same asymmetric KMS key outside of KMS. For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                Digital signatures are generated and verified by using asymmetric key pair, such as an RSA\n or ECC pair that is represented by an asymmetric KMS key. The key owner (or an authorized\n user) uses their private key to sign a message. Anyone with the public key can verify that the\n message was signed with that particular private key and that the message hasn't changed since\n it was signed.

                                                                                                \n

                                                                                                To use the Sign operation, provide the following information:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Use the KeyId parameter to identify an asymmetric KMS key with a\n KeyUsage value of SIGN_VERIFY. To get the\n KeyUsage value of a KMS key, use the DescribeKey\n operation. The caller must have kms:Sign permission on the KMS key.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Use the Message parameter to specify the message or message digest to\n sign. You can submit messages of up to 4096 bytes. To sign a larger message, generate a\n hash digest of the message, and then provide the hash digest in the Message\n parameter. To indicate whether the message is a full message or a digest, use the\n MessageType parameter.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Choose a signing algorithm that is compatible with the KMS key.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n \n

                                                                                                When signing a message, be sure to record the KMS key and the signing algorithm. This\n information is required to verify the signature.

                                                                                                \n                                                                                                 \n

                                                                                                To verify the signature that this operation generates, use the Verify\n operation. Or use the GetPublicKey operation to download the public key and\n then use the public key to verify the signature outside of KMS.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:Sign (key policy)

                                                                                                \n

                                                                                                \n Related operations: Verify\n

                                                                                                " } }, "com.amazonaws.kms#SignRequest": { @@ -4625,7 +4625,7 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Identifies an asymmetric KMS key. KMS uses the private key in the asymmetric KMS key to sign the\n message. The KeyUsage type of the KMS key must be SIGN_VERIFY. To find\n the KeyUsage of a KMS key, use the DescribeKey operation.

                                                                                                \n \n

                                                                                                To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias name: alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Identifies an asymmetric KMS key. KMS uses the private key in the asymmetric KMS key to\n sign the message. The KeyUsage type of the KMS key must be\n SIGN_VERIFY. To find the KeyUsage of a KMS key, use the DescribeKey operation.

                                                                                                \n

                                                                                                To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias name: alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

                                                                                                ", "smithy.api#required": {} } }, @@ -4651,7 +4651,7 @@ "SigningAlgorithm": { "target": "com.amazonaws.kms#SigningAlgorithmSpec", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies the signing algorithm to use when signing the message.

                                                                                                \n

                                                                                                Choose an algorithm that is compatible with the type and size of the specified asymmetric KMS key.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Specifies the signing algorithm to use when signing the message.

                                                                                                \n

                                                                                                Choose an algorithm that is compatible with the type and size of the specified asymmetric\n KMS key.

                                                                                                ", "smithy.api#required": {} } } @@ -4748,7 +4748,7 @@ } }, "traits": { - "smithy.api#documentation": "

                                                                                                A key-value pair. A tag consists of a tag key and a tag value. Tag keys and tag values are\n both required, but tag values can be empty (null) strings.

                                                                                                \n

                                                                                                For information about the rules that apply to tag keys and tag values, see User-Defined Tag Restrictions in the Amazon Web Services Billing and Cost Management User\n Guide.

                                                                                                " + "smithy.api#documentation": "

                                                                                                A key-value pair. A tag consists of a tag key and a tag value. Tag keys and tag values are\n both required, but tag values can be empty (null) strings.

                                                                                                \n

                                                                                                For information about the rules that apply to tag keys and tag values, see User-Defined Tag Restrictions in the Amazon Web Services Billing and Cost Management\n User Guide.

                                                                                                " } }, "com.amazonaws.kms#TagException": { @@ -4815,7 +4815,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Adds or edits tags on a customer managed key.

                                                                                                \n \n

                                                                                                Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                                                                \n                                                                                                 \n

                                                                                                Each tag consists of a tag key and a tag value, both of which are case-sensitive strings.\n The tag value can be an empty (null) string. To add a tag, specify a new tag key and a tag\n value. To edit a tag, specify an existing tag key and a new tag value.

                                                                                                \n

                                                                                                You can use this operation to tag a customer managed key, but you cannot\n tag an Amazon Web Services managed key, an Amazon Web Services owned key, a custom key store, or\n an alias.

                                                                                                \n

                                                                                                You can also add tags to a KMS key while creating it (CreateKey) or replicating it (ReplicateKey).

                                                                                                \n

                                                                                                For information about using tags in KMS, see Tagging keys. For general information about\n tags, including the format and syntax, see Tagging Amazon Web Services resources in the Amazon\n Web Services General Reference.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:TagResource (key policy)

                                                                                                \n

                                                                                                \n Related operations\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Adds or edits tags on a customer managed key.

                                                                                                \n \n

                                                                                                Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                                                                \n                                                                                                 \n

                                                                                                Each tag consists of a tag key and a tag value, both of which are case-sensitive strings.\n The tag value can be an empty (null) string. To add a tag, specify a new tag key and a tag\n value. To edit a tag, specify an existing tag key and a new tag value.

                                                                                                \n

                                                                                                You can use this operation to tag a customer managed key, but you cannot\n tag an Amazon Web Services\n managed key, an Amazon Web Services owned key, a custom key\n store, or an alias.

                                                                                                \n

                                                                                                You can also add tags to a KMS key while creating it (CreateKey) or\n replicating it (ReplicateKey).

                                                                                                \n

                                                                                                For information about using tags in KMS, see Tagging keys. For general information about\n tags, including the format and syntax, see Tagging Amazon Web Services resources in the Amazon\n Web Services General Reference.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:TagResource (key policy)

                                                                                                \n

                                                                                                \n Related operations\n

                                                                                                \n " } }, "com.amazonaws.kms#TagResourceRequest": { @@ -5007,7 +5007,7 @@ "name": "kms" }, "aws.protocols#awsJson1_1": {}, - "smithy.api#documentation": "Key Management Service\n

                                                                                                Key Management Service (KMS) is an encryption and key management web service. This guide describes\n the KMS operations that you can call programmatically. For general information about KMS,\n see the \n Key Management Service Developer Guide\n .

                                                                                                \n \n

                                                                                                KMS is replacing the term customer master key (CMK) with KMS key and KMS key. The concept has not changed. To prevent breaking changes, KMS is keeping some variations of this term.

                                                                                                \n

                                                                                                Amazon Web Services provides SDKs that consist of libraries and sample code for various programming\n languages and platforms (Java, Ruby, .Net, macOS, Android, etc.). The SDKs provide a\n convenient way to create programmatic access to KMS and other Amazon Web Services services. For example,\n the SDKs take care of tasks such as signing requests (see below), managing errors, and\n retrying requests automatically. For more information about the Amazon Web Services SDKs, including how to\n download and install them, see Tools for Amazon Web\n Services.

                                                                                                \n                                                                                                 \n

                                                                                                We recommend that you use the Amazon Web Services SDKs to make programmatic API calls to KMS.

                                                                                                \n

                                                                                                Clients must support TLS (Transport Layer Security) 1.0. We recommend TLS 1.2. Clients\n must also support cipher suites with Perfect Forward Secrecy (PFS) such as Ephemeral\n Diffie-Hellman (DHE) or Elliptic Curve Ephemeral Diffie-Hellman (ECDHE). Most modern systems\n such as Java 7 and later support these modes.

                                                                                                \n

                                                                                                \n Signing Requests\n

                                                                                                \n

                                                                                                Requests must be signed by using an access key ID and a secret access key. We strongly\n recommend that you do not use your Amazon Web Services account (root) access key ID and\n secret key for everyday work with KMS. Instead, use the access key ID and secret access key\n for an IAM user. You can also use the Amazon Web Services Security Token Service to generate temporary\n security credentials that you can use to sign requests.

                                                                                                \n

                                                                                                All KMS operations require Signature Version 4.

                                                                                                \n

                                                                                                \n Logging API Requests\n

                                                                                                \n

                                                                                                KMS supports CloudTrail, a service that logs Amazon Web Services API calls and related events for your Amazon Web Services account and delivers them to an Amazon S3 bucket that you specify. By using the information\n collected by CloudTrail, you can determine what requests were made to KMS, who made the request,\n when it was made, and so on. To learn more about CloudTrail, including how to turn it on and find\n your log files, see the CloudTrail User Guide.

                                                                                                \n

                                                                                                \n Additional Resources\n

                                                                                                \n

                                                                                                For more information about credentials and request signing, see the following:

                                                                                                \n \n

                                                                                                \n Commonly Used API Operations\n

                                                                                                \n

                                                                                                Of the API operations discussed in this guide, the following will prove the most useful\n for most applications. You will likely perform operations other than these, such as creating\n keys and assigning policies, by using the console.

                                                                                                \n ", + "smithy.api#documentation": "Key Management Service\n

                                                                                                Key Management Service (KMS) is an encryption and key management web service. This guide describes\n the KMS operations that you can call programmatically. For general information about KMS,\n see the \n Key Management Service Developer Guide\n .

                                                                                                \n \n

                                                                                                KMS is replacing the term customer master key (CMK) with KMS key and KMS key. The concept has not changed. To prevent breaking changes, KMS is keeping some variations of this term.

                                                                                                \n

                                                                                                Amazon Web Services provides SDKs that consist of libraries and sample code for various programming\n languages and platforms (Java, Ruby, .Net, macOS, Android, etc.). The SDKs provide a\n convenient way to create programmatic access to KMS and other Amazon Web Services services. For example,\n the SDKs take care of tasks such as signing requests (see below), managing errors, and\n retrying requests automatically. For more information about the Amazon Web Services SDKs, including how to\n download and install them, see Tools for Amazon Web\n Services.

                                                                                                \n                                                                                                 \n

                                                                                                We recommend that you use the Amazon Web Services SDKs to make programmatic API calls to KMS.

                                                                                                \n

                                                                                                Clients must support TLS (Transport Layer Security) 1.0. We recommend TLS 1.2. Clients\n must also support cipher suites with Perfect Forward Secrecy (PFS) such as Ephemeral\n Diffie-Hellman (DHE) or Elliptic Curve Ephemeral Diffie-Hellman (ECDHE). Most modern systems\n such as Java 7 and later support these modes.

                                                                                                \n

                                                                                                \n Signing Requests\n

                                                                                                \n

                                                                                                Requests must be signed by using an access key ID and a secret access key. We strongly\n recommend that you do not use your Amazon Web Services account (root) access key ID and\n secret key for everyday work with KMS. Instead, use the access key ID and secret access key\n for an IAM user. You can also use the Amazon Web Services Security Token Service to generate temporary\n security credentials that you can use to sign requests.

                                                                                                \n

                                                                                                All KMS operations require Signature Version 4.

                                                                                                \n

                                                                                                \n Logging API Requests\n

                                                                                                \n

                                                                                                KMS supports CloudTrail, a service that logs Amazon Web Services API calls and related events for your\n Amazon Web Services account and delivers them to an Amazon S3 bucket that you specify. By using the\n information collected by CloudTrail, you can determine what requests were made to KMS, who made\n the request, when it was made, and so on. To learn more about CloudTrail, including how to turn it\n on and find your log files, see the CloudTrail User Guide.

                                                                                                \n

                                                                                                \n Additional Resources\n

                                                                                                \n

                                                                                                For more information about credentials and request signing, see the following:

                                                                                                \n \n

                                                                                                \n Commonly Used API Operations\n

                                                                                                \n

                                                                                                Of the API operations discussed in this guide, the following will prove the most useful\n for most applications. You will likely perform operations other than these, such as creating\n keys and assigning policies, by using the console.

                                                                                                \n ", "smithy.api#title": "AWS Key Management Service", "smithy.api#xmlNamespace": { "uri": "https://trent.amazonaws.com/doc/2014-11-01/" @@ -5063,7 +5063,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Deletes tags from a customer managed key. To delete a tag,\n specify the tag key and the KMS key.

                                                                                                \n \n

                                                                                                Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                                                                \n                                                                                                 \n

                                                                                                When it succeeds, the UntagResource operation doesn't return any output.\n Also, if the specified tag key isn't found on the KMS key, it doesn't throw an exception or return\n a response. To confirm that the operation worked, use the ListResourceTags operation.

                                                                                                \n \n

                                                                                                For information about using tags in KMS, see Tagging keys. For general information about\n tags, including the format and syntax, see Tagging Amazon Web Services resources in the Amazon\n Web Services General Reference.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:UntagResource (key policy)

                                                                                                \n

                                                                                                \n Related operations\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Deletes tags from a customer managed key. To delete a tag,\n specify the tag key and the KMS key.

                                                                                                \n \n

                                                                                                Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                                                                \n                                                                                                 \n

                                                                                                When it succeeds, the UntagResource operation doesn't return any output.\n Also, if the specified tag key isn't found on the KMS key, it doesn't throw an exception or\n return a response. To confirm that the operation worked, use the ListResourceTags operation.

                                                                                                \n\n

                                                                                                For information about using tags in KMS, see Tagging keys. For general information about\n tags, including the format and syntax, see Tagging Amazon Web Services resources in the Amazon\n Web Services General Reference.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:UntagResource (key policy)

                                                                                                \n

                                                                                                \n Related operations\n

                                                                                                \n " } }, "com.amazonaws.kms#UntagResourceRequest": { @@ -5108,7 +5108,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Associates an existing KMS alias with a different KMS key. Each alias\n is associated with only one KMS key at a time, although a KMS key can have multiple aliases. The alias\n and the KMS key must be in the same Amazon Web Services account and Region.

                                                                                                \n \n

                                                                                                Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                                                                \n                                                                                                 \n

                                                                                                The current and new KMS key must be the same type (both symmetric or both asymmetric), and\n they must have the same key usage (ENCRYPT_DECRYPT or SIGN_VERIFY).\n This restriction prevents errors in code that uses aliases. If you must assign an alias to a\n different type of KMS key, use DeleteAlias to delete the old alias and CreateAlias to create a new alias.

                                                                                                \n

                                                                                                You cannot use UpdateAlias to change an alias name. To change an alias name,\n use DeleteAlias to delete the old alias and CreateAlias to\n create a new alias.

                                                                                                \n

                                                                                                Because an alias is not a property of a KMS key, you can create, update, and delete the\n aliases of a KMS key without affecting the KMS key. Also, aliases do not appear in the response from\n the DescribeKey operation. To get the aliases of all KMS keys in the account,\n use the ListAliases operation.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n

                                                                                                \n Required permissions\n

                                                                                                \n \n

                                                                                                For details, see Controlling access to aliases in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Associates an existing KMS alias with a different KMS key. Each alias is associated with\n only one KMS key at a time, although a KMS key can have multiple aliases. The alias and the\n KMS key must be in the same Amazon Web Services account and Region.

                                                                                                \n \n

                                                                                                Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see Using ABAC in KMS in the Key Management Service Developer Guide.

                                                                                                \n                                                                                                 \n

                                                                                                The current and new KMS key must be the same type (both symmetric or both asymmetric), and\n they must have the same key usage (ENCRYPT_DECRYPT or SIGN_VERIFY).\n This restriction prevents errors in code that uses aliases. If you must assign an alias to a\n different type of KMS key, use DeleteAlias to delete the old alias and CreateAlias to create a new alias.

                                                                                                \n

                                                                                                You cannot use UpdateAlias to change an alias name. To change an alias name,\n use DeleteAlias to delete the old alias and CreateAlias to\n create a new alias.

                                                                                                \n

                                                                                                Because an alias is not a property of a KMS key, you can create, update, and delete the\n aliases of a KMS key without affecting the KMS key. Also, aliases do not appear in the\n response from the DescribeKey operation. To get the aliases of all KMS keys\n in the account, use the ListAliases operation.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n

                                                                                                \n Required permissions\n

                                                                                                \n \n

                                                                                                For details, see Controlling access to aliases in the\n Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#UpdateAliasRequest": { @@ -5124,7 +5124,7 @@ "TargetKeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Identifies the customer managed key to associate with the alias. You don't have permission\n to associate an alias with an Amazon Web Services managed key.

                                                                                                \n

                                                                                                The KMS key must be in the same Amazon Web Services account and Region as the alias. Also, the new target KMS key\n must be the same type as the current target KMS key (both symmetric or both asymmetric) and they\n must have the same key usage.

                                                                                                \n

                                                                                                Specify the key ID or key ARN of the KMS key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                \n

                                                                                                To verify that the alias\n is mapped to the correct KMS key, use ListAliases.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Identifies the customer managed key to associate with the alias. You don't have permission to\n associate an alias with an Amazon Web Services managed key.

                                                                                                \n

                                                                                                The KMS key must be in the same Amazon Web Services account and Region as the alias. Also, the new\n target KMS key must be the same type as the current target KMS key (both symmetric or both\n asymmetric) and they must have the same key usage.

                                                                                                \n

                                                                                                Specify the key ID or key ARN of the KMS key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                \n

                                                                                                To\n verify that the alias is mapped to the correct KMS key, use ListAliases.

                                                                                                ", "smithy.api#required": {} } } @@ -5165,7 +5165,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Changes the properties of a custom key store. Use the CustomKeyStoreId\n parameter to identify the custom key store you want to edit. Use the remaining parameters to\n change the properties of the custom key store.

                                                                                                \n

                                                                                                You can only update a custom key store that is disconnected. To disconnect the custom key\n store, use DisconnectCustomKeyStore. To reconnect the custom key store after\n the update completes, use ConnectCustomKeyStore. To find the connection\n state of a custom key store, use the DescribeCustomKeyStores\n operation.

                                                                                                \n

                                                                                                Use the parameters of UpdateCustomKeyStore to edit your keystore\n settings.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Use the NewCustomKeyStoreName parameter to change the\n friendly name of the custom key store to the value that you specify.

                                                                                                  \n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Use the KeyStorePassword parameter tell KMS the\n current password of the \n kmsuser crypto\n user (CU) in the associated CloudHSM cluster. You can use this parameter to fix\n connection failures that occur when KMS cannot log into the associated cluster\n because the kmsuser password has changed. This value does not change the\n password in the CloudHSM cluster.

                                                                                                  \n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Use the CloudHsmClusterId parameter to associate the\n custom key store with a different, but related, CloudHSM cluster. You can use this parameter\n to repair a custom key store if its CloudHSM cluster becomes corrupted or is deleted, or when\n you need to create or restore a cluster from a backup.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                If the operation succeeds, it returns a JSON object with no\nproperties.

                                                                                                \n

                                                                                                This operation is part of the Custom Key Store feature feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nsingle-tenant key store.

                                                                                                \n\n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.

                                                                                                \n

                                                                                                \n Required permissions: kms:UpdateCustomKeyStore (IAM policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Changes the properties of a custom key store. Use the CustomKeyStoreId\n parameter to identify the custom key store you want to edit. Use the remaining parameters to\n change the properties of the custom key store.

                                                                                                \n

                                                                                                You can only update a custom key store that is disconnected. To disconnect the custom key\n store, use DisconnectCustomKeyStore. To reconnect the custom key store after\n the update completes, use ConnectCustomKeyStore. To find the connection\n state of a custom key store, use the DescribeCustomKeyStores\n operation.

                                                                                                \n

                                                                                                The CustomKeyStoreId parameter is required in all commands. Use the other\n parameters of UpdateCustomKeyStore to edit your key store settings.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Use the NewCustomKeyStoreName parameter to change the friendly name of\n the custom key store to the value that you specify.

                                                                                                  \n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Use the KeyStorePassword parameter tell KMS the current password of the\n \n kmsuser crypto user (CU) in the associated CloudHSM cluster. You\n can use this parameter to fix connection\n failures that occur when KMS cannot log into the associated cluster because\n the kmsuser password has changed. This value does not change the password in\n the CloudHSM cluster.

                                                                                                  \n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Use the CloudHsmClusterId parameter to associate the custom key store\n with a different, but related, CloudHSM cluster. You can use this parameter to repair a\n custom key store if its CloudHSM cluster becomes corrupted or is deleted, or when you need to\n create or restore a cluster from a backup.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                If the operation succeeds, it returns a JSON object with no\nproperties.

                                                                                                \n

                                                                                                This operation is part of the Custom Key Store feature feature in KMS, which\ncombines the convenience and extensive integration of KMS with the isolation and control of a\nsingle-tenant key store.

                                                                                                \n

                                                                                                \n Cross-account\n use: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.

                                                                                                \n

                                                                                                \n Required permissions: kms:UpdateCustomKeyStore (IAM policy)

                                                                                                \n

                                                                                                \n Related operations:\n

                                                                                                \n " } }, "com.amazonaws.kms#UpdateCustomKeyStoreRequest": { @@ -5225,7 +5225,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Updates the description of a KMS key. To see the description of a KMS key,\n use DescribeKey.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:UpdateKeyDescription (key policy)

                                                                                                \n

                                                                                                \n Related operations\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Updates the description of a KMS key. To see the description of a KMS key, use DescribeKey.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account\n use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:UpdateKeyDescription (key policy)

                                                                                                \n

                                                                                                \n Related operations\n

                                                                                                \n " } }, "com.amazonaws.kms#UpdateKeyDescriptionRequest": { @@ -5234,7 +5234,7 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Updates the description of the specified KMS key.

                                                                                                \n

                                                                                                Specify the key ID or key ARN of the KMS key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Updates the description of the specified KMS key.

                                                                                                \n \n

                                                                                                Specify the key ID or key ARN of the KMS key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", "smithy.api#required": {} } }, @@ -5273,7 +5273,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Changes the primary key of a multi-Region key.

                                                                                                \n

                                                                                                This operation changes the replica key in the specified Region to a primary key and\n changes the former primary key to a replica key. For example, suppose you have a primary key\n in us-east-1 and a replica key in eu-west-2. If you run\n UpdatePrimaryRegion with a PrimaryRegion value of\n eu-west-2, the primary key is now the key in eu-west-2, and the\n key in us-east-1 becomes a replica key. For details, see Updating the primary Region in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                This operation supports multi-Region keys, an KMS feature that lets you create multiple\n interoperable KMS keys in different Amazon Web Services Regions. Because these KMS keys have the same key ID, key\n material, and other metadata, you can use them interchangeably to encrypt data in one Amazon Web Services Region and decrypt\n it in a different Amazon Web Services Region without re-encrypting the data or making a cross-Region call. For more information about multi-Region keys, see Using multi-Region keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The primary key of a multi-Region key is the source for properties\n that are always shared by primary and replica keys, including the key material, key ID, key spec, key usage, key material\n origin, and automatic\n key rotation. It's the only key that can be replicated. You cannot delete the primary\n key until all replica keys are deleted.

                                                                                                \n

                                                                                                The key ID and primary Region that you specify uniquely identify the replica key that will\n become the primary key. The primary Region must already have a replica key. This operation\n does not create a KMS key in the specified Region. To find the replica keys, use the DescribeKey operation on the primary key or any replica key. To create a replica\n key, use the ReplicateKey operation.

                                                                                                \n

                                                                                                You can run this operation while using the affected multi-Region keys in cryptographic\n operations. This operation should not delay, interrupt, or cause failures in cryptographic\n operations.

                                                                                                \n

                                                                                                Even after this operation completes, the process of updating the primary Region might\n still be in progress for a few more seconds. Operations such as DescribeKey might\n display both the old and new primary keys as replicas. The old and new primary keys have a\n transient key state of Updating. The original key state is restored when the\n update is complete. While the key state is Updating, you can use the keys in\n cryptographic operations, but you cannot replicate the new primary key or perform certain\n management operations, such as enabling or disabling these keys. For details about the\n Updating key state, see Key state:\n Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                This operation does not return any output. To verify that primary key is changed, use the\n DescribeKey operation.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot use this operation in a\n different Amazon Web Services account.

                                                                                                \n

                                                                                                \n Required permissions:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n kms:UpdatePrimaryRegion on the current primary key (in the primary key's\n Region). Include this permission primary key's key policy.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kms:UpdatePrimaryRegion on the current replica key (in the replica key's\n Region). Include this permission in the replica key's key policy.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                \n Related operations\n

                                                                                                \n " + "smithy.api#documentation": "

                                                                                                Changes the primary key of a multi-Region key.

                                                                                                \n

                                                                                                This operation changes the replica key in the specified Region to a primary key and\n changes the former primary key to a replica key. For example, suppose you have a primary key\n in us-east-1 and a replica key in eu-west-2. If you run\n UpdatePrimaryRegion with a PrimaryRegion value of\n eu-west-2, the primary key is now the key in eu-west-2, and the\n key in us-east-1 becomes a replica key. For details, see Updating the primary Region in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                This operation supports multi-Region keys, an KMS feature that lets you create multiple\n interoperable KMS keys in different Amazon Web Services Regions. Because these KMS keys have the same key ID, key\n material, and other metadata, you can use them interchangeably to encrypt data in one Amazon Web Services Region and decrypt\n it in a different Amazon Web Services Region without re-encrypting the data or making a cross-Region call. For more information about multi-Region keys, see Using multi-Region keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                The primary key of a multi-Region key is the source for properties\n that are always shared by primary and replica keys, including the key material, key ID, key spec, key usage, key material\n origin, and automatic\n key rotation. It's the only key that can be replicated. You cannot delete the primary\n key until all replica keys are deleted.

                                                                                                \n

                                                                                                The key ID and primary Region that you specify uniquely identify the replica key that will\n become the primary key. The primary Region must already have a replica key. This operation\n does not create a KMS key in the specified Region. To find the replica keys, use the DescribeKey operation on the primary key or any replica key. To create a replica\n key, use the ReplicateKey operation.

                                                                                                \n

                                                                                                You can run this operation while using the affected multi-Region keys in cryptographic\n operations. This operation should not delay, interrupt, or cause failures in cryptographic\n operations.

                                                                                                \n

                                                                                                Even after this operation completes, the process of updating the primary Region might\n still be in progress for a few more seconds. Operations such as DescribeKey might\n display both the old and new primary keys as replicas. The old and new primary keys have a\n transient key state of Updating. The original key state is restored when the\n update is complete. While the key state is Updating, you can use the keys in\n cryptographic operations, but you cannot replicate the new primary key or perform certain\n management operations, such as enabling or disabling these keys. For details about the\n Updating key state, see Key state:\n Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                This operation does not return any output. To verify that primary key is changed, use the\n DescribeKey operation.

                                                                                                \n

                                                                                                \n Cross-account use: No. You cannot use this operation in a\n different Amazon Web Services account.

                                                                                                \n

                                                                                                \n Required permissions:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n kms:UpdatePrimaryRegion on the current primary key (in the primary key's\n Region). Include this permission primary key's key policy.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n kms:UpdatePrimaryRegion on the current replica key (in the replica key's\n Region). Include this permission in the replica key's key policy.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                \n Related operations\n

                                                                                                \n " } }, "com.amazonaws.kms#UpdatePrimaryRegionRequest": { @@ -5282,14 +5282,14 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Identifies the current primary key. When the operation completes, this KMS key will be a\n replica key.

                                                                                                \n \n

                                                                                                Specify the key ID or key ARN of a multi-Region primary key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: mrk-1234abcd12ab34cd56ef1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Identifies the current primary key. When the operation completes, this KMS key will be a\n replica key.

                                                                                                \n

                                                                                                Specify the key ID or key ARN of a multi-Region primary key.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: mrk-1234abcd12ab34cd56ef1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

                                                                                                ", "smithy.api#required": {} } }, "PrimaryRegion": { "target": "com.amazonaws.kms#RegionType", "traits": { - "smithy.api#documentation": "

                                                                                                The Amazon Web Services Region of the new primary key. Enter the Region ID, such as us-east-1\n or ap-southeast-2. There must be an existing replica key in this Region.

                                                                                                \n

                                                                                                When the operation completes, the multi-Region key in this Region will be the primary\n key.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The Amazon Web Services Region of the new primary key. Enter the Region ID, such as\n us-east-1 or ap-southeast-2. There must be an existing replica key\n in this Region.

                                                                                                \n

                                                                                                When the operation completes, the multi-Region key in this Region will be the primary\n key.

                                                                                                ", "smithy.api#required": {} } } @@ -5333,7 +5333,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Verifies a digital signature that was generated by the Sign operation.

                                                                                                \n

                                                                                                \n

                                                                                                Verification confirms that an authorized user signed the message with the specified KMS key\n and signing algorithm, and the message hasn't changed since it was signed. If the signature is\n verified, the value of the SignatureValid field in the response is\n True. If the signature verification fails, the Verify operation\n fails with an KMSInvalidSignatureException exception.

                                                                                                \n

                                                                                                A digital signature is generated by using the private key in an asymmetric KMS key. The\n signature is verified by using the public key in the same asymmetric KMS key.\n For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                To verify a digital signature, you can use the Verify operation. Specify the\n same asymmetric KMS key, message, and signing algorithm that were used to produce the\n signature.

                                                                                                \n

                                                                                                You can also verify the digital signature by using the public key of the KMS key outside of\n KMS. Use the GetPublicKey operation to download the public key in the\n asymmetric KMS key and then use the public key to verify the signature outside of KMS. The\n advantage of using the Verify operation is that it is performed within KMS. As\n a result, it's easy to call, the operation is performed within the FIPS boundary, it is logged\n in CloudTrail, and you can use key policy and IAM policy to determine who is authorized to use\n the KMS key to verify signatures.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.

                                                                                                \n \n

                                                                                                \n Required permissions: kms:Verify (key policy)

                                                                                                \n

                                                                                                \n Related operations: Sign\n

                                                                                                " + "smithy.api#documentation": "

                                                                                                Verifies a digital signature that was generated by the Sign operation.

                                                                                                \n

                                                                                                \n

                                                                                                Verification confirms that an authorized user signed the message with the specified KMS\n key and signing algorithm, and the message hasn't changed since it was signed. If the\n signature is verified, the value of the SignatureValid field in the response is\n True. If the signature verification fails, the Verify operation\n fails with an KMSInvalidSignatureException exception.

                                                                                                \n

                                                                                                A digital signature is generated by using the private key in an asymmetric KMS key. The\n signature is verified by using the public key in the same asymmetric KMS key.\n For information about symmetric and asymmetric KMS keys, see Using Symmetric and Asymmetric KMS keys in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                To verify a digital signature, you can use the Verify operation. Specify the\n same asymmetric KMS key, message, and signing algorithm that were used to produce the\n signature.

                                                                                                \n

                                                                                                You can also verify the digital signature by using the public key of the KMS key outside\n of KMS. Use the GetPublicKey operation to download the public key in the\n asymmetric KMS key and then use the public key to verify the signature outside of KMS. The\n advantage of using the Verify operation is that it is performed within KMS. As\n a result, it's easy to call, the operation is performed within the FIPS boundary, it is logged\n in CloudTrail, and you can use key policy and IAM policy to determine who is authorized to use\n the KMS key to verify signatures.

                                                                                                \n

                                                                                                The KMS key that you use for this operation must be in a compatible key state. For\ndetails, see Key state: Effect on your KMS key in the Key Management Service Developer Guide.

                                                                                                \n

                                                                                                \n Cross-account use: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify\n the key ARN or alias ARN in the value of the KeyId parameter.

                                                                                                \n\n

                                                                                                \n Required permissions: kms:Verify (key policy)

                                                                                                \n

                                                                                                \n Related operations: Sign\n

                                                                                                " } }, "com.amazonaws.kms#VerifyRequest": { @@ -5342,7 +5342,7 @@ "KeyId": { "target": "com.amazonaws.kms#KeyIdType", "traits": { - "smithy.api#documentation": "

                                                                                                Identifies the asymmetric KMS key that will be used to verify the signature. This must be the\n same KMS key that was used to generate the signature. If you specify a different KMS key, the\n signature verification fails.

                                                                                                \n

                                                                                                To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias name: alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Identifies the asymmetric KMS key that will be used to verify the signature. This must be\n the same KMS key that was used to generate the signature. If you specify a different KMS key,\n the signature verification fails.

                                                                                                \n

                                                                                                To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

                                                                                                \n

                                                                                                For example:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias name: alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

                                                                                                ", "smithy.api#required": {} } }, diff --git a/codegen/sdk-codegen/aws-models/location.2020-11-19.json b/codegen/sdk-codegen/aws-models/location.2020-11-19.json index 2a145c37ba1a..4add6455bc2e 100644 --- a/codegen/sdk-codegen/aws-models/location.2020-11-19.json +++ b/codegen/sdk-codegen/aws-models/location.2020-11-19.json @@ -771,7 +771,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Uploads position update data for one or more devices to a tracker resource. Amazon Location\n uses the data when reporting the last known device position and position history.

                                                                                                \n \n

                                                                                                Only one position update is stored per sample time. Location data is sampled at a\n fixed rate of one position per 30-second interval and retained for 30 days before\n it's deleted.

                                                                                                \n                                                                                                 ", + "smithy.api#documentation": "

                                                                                                Uploads position update data for one or more devices to a tracker resource. Amazon Location\n uses the data when it reports the last known device position and position history. Amazon Location retains location data for 30 \n days.

                                                                                                \n \n

                                                                                                Position updates are handled based on the PositionFiltering property of the tracker. \n When PositionFiltering is set to TimeBased, updates are evaluated against linked geofence collections, \n and location data is stored at a maximum of one position per 30 second interval. If your update frequency is more often than \n every 30 seconds, only one update per 30 seconds is stored for each unique device ID.\n When PositionFiltering is set to DistanceBased filtering, location data is stored and evaluated against linked geofence \n collections only if the device has moved more than 30 m (98.4 ft).

                                                                                                \n                                                                                                 ", "smithy.api#endpoint": { "hostPrefix": "tracking." }, @@ -941,7 +941,7 @@ "DeparturePosition": { "target": "com.amazonaws.location#Position", "traits": { - "smithy.api#documentation": "

                                                                                                The start position for the route. Defined in WGS 84 format:\n [longitude, latitude].

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  For example, [-123.115, 49.285]\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n \n

                                                                                                If you specify a departure that's not located on a road, Amazon Location moves the\n position to the nearest road.

                                                                                                \n                                                                                                 \n

                                                                                                Valid Values: [-180 to 180,-90 to 90]\n

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The start position for the route. Defined in WGS 84 format:\n [longitude, latitude].

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  For example, [-123.115, 49.285]\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n \n

                                                                                                If you specify a departure that's not located on a road, Amazon Location moves the\n position to the nearest road. If Esri is the provider for your route calculator, \n specifying a route that is longer than 400 km returns a 400 RoutesValidationException error.

                                                                                                \n                                                                                                 \n

                                                                                                Valid Values: [-180 to 180,-90 to 90]\n

                                                                                                ", "smithy.api#required": {} } }, @@ -955,7 +955,7 @@ "WaypointPositions": { "target": "com.amazonaws.location#WaypointPositionList", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies an ordered list of up to 23 intermediate positions to include along a route\n between the departure position and destination position.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  For example, from the DeparturePosition\n [-123.115, 49.285], the route follows the order that the waypoint\n positions are given [[-122.757, 49.0021],[-122.349, 47.620]]\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n \n

                                                                                                If you specify a waypoint position that's not located on a road, Amazon Location moves the position to the nearest road.

                                                                                                \n

                                                                                                Specifying more than 23 waypoints returns a 400 ValidationException\n error.

                                                                                                \n                                                                                                 \n

                                                                                                Valid Values: [-180 to 180,-90 to 90]\n

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Specifies an ordered list of up to 23 intermediate positions to include along a route\n between the departure position and destination position.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  For example, from the DeparturePosition\n [-123.115, 49.285], the route follows the order that the waypoint\n positions are given [[-122.757, 49.0021],[-122.349, 47.620]]\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n \n

                                                                                                If you specify a waypoint position that's not located on a road, Amazon Location moves the position to the nearest road.

                                                                                                \n

                                                                                                Specifying more than 23 waypoints returns a 400 ValidationException\n error.

                                                                                                \n

                                                                                                If Esri is the provider for your route calculator, specifying a \n route that is longer than 400 km returns a 400 RoutesValidationException error.

                                                                                                \n                                                                                                 \n

                                                                                                Valid Values: [-180 to 180,-90 to 90]\n

                                                                                                ", "smithy.api#length": { "max": 23 } @@ -1033,7 +1033,7 @@ "RouteBBox": { "target": "com.amazonaws.location#BoundingBox", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies a geographical box surrounding a route. Used to zoom into a route when\n displaying it in a map. For example, [min x, min y, max x, max y].

                                                                                                \n

                                                                                                The first 2 bbox parameters describe the lower southwest corner:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  The first bbox position is the X coordinate or longitude of the\n lower southwest corner.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  The second bbox position is the Y coordinate or latitude of the\n lower southwest corner.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                The next 2 bbox parameters describe the upper northeast corner:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  The third bbox position is the X coordinate, or longitude of the\n upper northeast corner.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  The fourth bbox position is the Y coordinate, or longitude of the\n upper northeast corner.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", + "smithy.api#documentation": "

                                                                                                Specifies a geographical box surrounding a route. Used to zoom into a route when\n displaying it in a map. For example, [min x, min y, max x, max y].

                                                                                                \n

                                                                                                The first 2 bbox parameters describe the lower southwest corner:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  The first bbox position is the X coordinate or longitude of the\n lower southwest corner.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  The second bbox position is the Y coordinate or latitude of the\n lower southwest corner.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                The next 2 bbox parameters describe the upper northeast corner:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  The third bbox position is the X coordinate, or longitude of the\n upper northeast corner.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  The fourth bbox position is the Y coordinate, or latitude of the\n upper northeast corner.

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", "smithy.api#required": {} } }, @@ -1047,7 +1047,7 @@ "Distance": { "target": "smithy.api#Double", "traits": { - "smithy.api#documentation": "

                                                                                                The total distance covered by the route. The sum of the distance travelled between\n every stop on the route.

                                                                                                \n \n

                                                                                                The route distance can't be greater than 250 km. If the route exceeds\n 250 km, the response returns a 400 RoutesValidationException\n error.

                                                                                                \n                                                                                                 ", + "smithy.api#documentation": "

                                                                                                The total distance covered by the route. The sum of the distance travelled between\n every stop on the route.

                                                                                                \n \n

                                                                                                If Esri is the data source for the route calculator, the route distance can’t \n be greater than 400 km. If the route exceeds 400 km, the response is a \n 400 RoutesValidationException error.

                                                                                                \n                                                                                                 ", "smithy.api#range": { "min": 0 }, @@ -1308,7 +1308,7 @@ "PricingPlan": { "target": "com.amazonaws.location#PricingPlan", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies the pricing plan for your map resource.

                                                                                                \n

                                                                                                For additional details and restrictions on each pricing plan option, see the Amazon Location Service pricing\n page.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Specifies the pricing plan for your map resource.

                                                                                                \n

                                                                                                For additional details and restrictions on each pricing plan option, see Amazon Location Service pricing.

                                                                                                ", "smithy.api#required": {} } }, @@ -1403,14 +1403,14 @@ "DataSource": { "target": "smithy.api#String", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies the data provider of geospatial data.

                                                                                                \n \n

                                                                                                This field is case-sensitive. Enter the valid values as shown. For example, entering\n HERE returns an error.

                                                                                                \n                                                                                                 \n

                                                                                                Valid values include:

                                                                                                \n \n

                                                                                                For additional information , see Data providers\n on the Amazon Location Service Developer Guide.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Specifies the data provider of geospatial data.

                                                                                                \n \n

                                                                                                This field is case-sensitive. Enter the valid values as shown. For example, entering\n HERE returns an error.

                                                                                                \n                                                                                                 \n

                                                                                                Valid values include:

                                                                                                \n \n

                                                                                                For additional information , see Data providers\n on the Amazon Location Service Developer Guide.

                                                                                                ", "smithy.api#required": {} } }, "PricingPlan": { "target": "com.amazonaws.location#PricingPlan", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies the pricing plan for your place index resource.

                                                                                                \n

                                                                                                For additional details and restrictions on each pricing plan option, see the Amazon Location Service pricing\n page.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Specifies the pricing plan for your place index resource.

                                                                                                \n

                                                                                                For additional details and restrictions on each pricing plan option, see Amazon Location Service pricing.

                                                                                                ", "smithy.api#required": {} } }, @@ -1511,7 +1511,7 @@ "DataSource": { "target": "smithy.api#String", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies the data provider of traffic and road network data.

                                                                                                \n \n

                                                                                                This field is case-sensitive. Enter the valid values as shown. For example,\n entering HERE returns an error.

                                                                                                \n                                                                                                 \n

                                                                                                Valid values include:

                                                                                                \n \n

                                                                                                For additional information , see Data\n providers on the Amazon Location Service Developer Guide.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Specifies the data provider of traffic and road network data.

                                                                                                \n \n

                                                                                                This field is case-sensitive. Enter the valid values as shown. For example,\n entering HERE returns an error. Route calculators that use Esri as a data source \n only calculate routes that are shorter than 400 km.

                                                                                                \n                                                                                                 \n

                                                                                                Valid values include:

                                                                                                \n \n

                                                                                                For additional information , see Data\n providers on the Amazon Location Service Developer Guide.

                                                                                                ", "smithy.api#required": {} } }, @@ -1613,7 +1613,7 @@ "PricingPlan": { "target": "com.amazonaws.location#PricingPlan", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies the pricing plan for the tracker resource.

                                                                                                \n

                                                                                                For additional details and restrictions on each pricing plan option, see the Amazon Location Service pricing\n page.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                Specifies the pricing plan for the tracker resource.

                                                                                                \n

                                                                                                For additional details and restrictions on each pricing plan option, see Amazon Location Service pricing.

                                                                                                ", "smithy.api#required": {} } }, @@ -1626,7 +1626,7 @@ "PricingPlanDataSource": { "target": "smithy.api#String", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies the data provider for the tracker resource.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Required value for the following pricing plans: MobileAssetTracking\n | MobileAssetManagement\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                For more information about Data Providers, and Pricing plans, see the Amazon Location\n Service product page.

                                                                                                \n\t \n\t

                                                                                                Amazon Location Service only uses PricingPlanDataSource to calculate billing for your tracker resource. Your data will not be shared with the data provider, and will remain in your AWS account or Region unless you move it.

                                                                                                \n\t                                                                                                 \n

                                                                                                Valid Values: Esri | Here\n

                                                                                                " + "smithy.api#documentation": "

                                                                                                Specifies the data provider for the tracker resource.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Required value for the following pricing plans: MobileAssetTracking\n | MobileAssetManagement\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                For more information about Data Providers, and Pricing plans, see the Amazon Location\n Service product page.

                                                                                                \n\t \n\t

                                                                                                Amazon Location Service only uses PricingPlanDataSource to calculate billing for your tracker resource. Your data will not be shared with the data provider, and will remain in your AWS account or Region unless you move it.

                                                                                                \n\t                                                                                                 \n

                                                                                                Valid values: Esri | Here\n

                                                                                                " } }, "Description": { @@ -1640,6 +1640,12 @@ "traits": { "smithy.api#documentation": "

                                                                                                Applies one or more tags to the tracker resource. A tag is a key-value pair helps\n manage, identify, search, and filter your resources by labelling them.

                                                                                                \n

                                                                                                Format: \"key\" : \"value\"\n

                                                                                                \n

                                                                                                Restrictions:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Maximum 50 tags per resource

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Each resource tag must be unique with a maximum of one value.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Maximum key length: 128 Unicode characters in UTF-8

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Maximum value length: 256 Unicode characters in UTF-8

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Can use alphanumeric characters (A–Z, a–z, 0–9), and the following characters:\n + - = . _ : / @.

                                                                                                  \n
                                                                                                  • \n
                                                                                                " } + }, + "PositionFiltering": { + "target": "com.amazonaws.location#PositionFiltering", + "traits": { + "smithy.api#documentation": "

                                                                                                Specifies the position filtering for the tracker resource.

                                                                                                \n

                                                                                                Valid values:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n TimeBased - Location updates are evaluated against linked geofence collections, \n but not every location update is stored. If your update frequency is more often than 30 seconds, \n only one update per 30 seconds is stored for each unique device ID.\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n DistanceBased - If the device has moved less than 30 m (98.4 ft), location updates are \n ignored. Location updates within this distance are neither evaluated against linked geofence collections, nor stored. \n This helps control costs by reducing the number of geofence evaluations and device positions to retrieve. \n Distance-based filtering can also reduce the jitter effect when displaying device trajectory on a map.\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                This field is optional. If not specified, the default value is TimeBased.

                                                                                                " + } } } }, @@ -2147,7 +2153,7 @@ "PricingPlan": { "target": "com.amazonaws.location#PricingPlan", "traits": { - "smithy.api#documentation": "

                                                                                                The pricing plan selected for the specified map resource.

                                                                                                \n\n

                                                                                                For additional details and restrictions on each pricing plan option, see the Amazon Location Service pricing\n page.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The pricing plan selected for the specified map resource.

                                                                                                \n\n

                                                                                                For additional details and restrictions on each pricing plan option, see Amazon Location Service pricing.

                                                                                                ", "smithy.api#required": {} } }, @@ -2266,7 +2272,7 @@ "PricingPlan": { "target": "com.amazonaws.location#PricingPlan", "traits": { - "smithy.api#documentation": "

                                                                                                The pricing plan selected for the specified place index resource.

                                                                                                \n

                                                                                                For additional details and restrictions on each pricing plan option, see the Amazon Location Service pricing\n page.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The pricing plan selected for the specified place index resource.

                                                                                                \n

                                                                                                For additional details and restrictions on each pricing plan option, see Amazon Location Service pricing.

                                                                                                ", "smithy.api#required": {} } }, @@ -2294,7 +2300,7 @@ "DataSource": { "target": "smithy.api#String", "traits": { - "smithy.api#documentation": "

                                                                                                The data provider of geospatial data. Indicates one of the available providers:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n Esri\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n Here\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                For additional details on data providers, see the Amazon Location Service data providers\n page.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The data provider of geospatial data. Indicates one of the available providers:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n Esri\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n Here\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                For additional details on data providers, see Amazon Location Service data providers.

                                                                                                ", "smithy.api#required": {} } }, @@ -2504,7 +2510,7 @@ "PricingPlan": { "target": "com.amazonaws.location#PricingPlan", "traits": { - "smithy.api#documentation": "

                                                                                                The pricing plan selected for the specified tracker resource.

                                                                                                \n

                                                                                                For additional details and restrictions on each pricing plan option, see the Amazon Location Service pricing\n page.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The pricing plan selected for the specified tracker resource.

                                                                                                \n

                                                                                                For additional details and restrictions on each pricing plan option, see Amazon Location Service pricing.

                                                                                                ", "smithy.api#required": {} } }, @@ -2539,6 +2545,12 @@ "traits": { "smithy.api#documentation": "

                                                                                                A key identifier for an AWS KMS customer managed key assigned to the Amazon Location resource.

                                                                                                " } + }, + "PositionFiltering": { + "target": "com.amazonaws.location#PositionFiltering", + "traits": { + "smithy.api#documentation": "

                                                                                                The position filtering method of the tracker resource.

                                                                                                " + } } } }, @@ -3142,7 +3154,7 @@ "FontStack": { "target": "smithy.api#String", "traits": { - "smithy.api#documentation": "

                                                                                                A comma-separated list of fonts to load glyphs from in order of preference. For\n example, Noto Sans Regular, Arial Unicode.

                                                                                                \n

                                                                                                Valid fonts for Esri styles:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  VectorEsriDarkGrayCanvas – Ubuntu Medium Italic | Ubuntu\n Medium | Ubuntu Italic | Ubuntu Regular |\n Ubuntu Bold\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  VectorEsriLightGrayCanvas – Ubuntu Italic | Ubuntu\n Regular | Ubuntu Light | Ubuntu Bold\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  VectorEsriTopographic – Noto Sans Italic | Noto Sans\n Regular | Noto Sans Bold | Noto Serif\n Regular | Roboto Condensed Light Italic\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  VectorEsriStreets – Arial Regular | Arial Italic |\n Arial Bold\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  VectorEsriNavigation – Arial Regular | Arial Italic\n | Arial Bold\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                Valid fonts for HERE Technologies styles:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n VectorHereBerlinFira GO Regular | Fira GO\n Bold\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", + "smithy.api#documentation": "

                                                                                                A comma-separated list of fonts to load glyphs from in order of preference. For\n example, Noto Sans Regular, Arial Unicode.

                                                                                                \n

                                                                                                Valid fonts stacks for Esri styles:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  VectorEsriDarkGrayCanvas – Ubuntu Medium Italic | Ubuntu\n Medium | Ubuntu Italic | Ubuntu Regular |\n Ubuntu Bold\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  VectorEsriLightGrayCanvas – Ubuntu Italic | Ubuntu\n Regular | Ubuntu Light | Ubuntu Bold\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  VectorEsriTopographic – Noto Sans Italic | Noto Sans\n Regular | Noto Sans Bold | Noto Serif\n Regular | Roboto Condensed Light Italic\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  VectorEsriStreets – Arial Regular | Arial Italic |\n Arial Bold\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  VectorEsriNavigation – Arial Regular | Arial Italic\n | Arial Bold\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                Valid font stacks for HERE Technologies styles:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  VectorHereBerlin – Fira GO Regular | Fira GO\n Bold\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                ", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -4097,7 +4109,7 @@ "PricingPlan": { "target": "com.amazonaws.location#PricingPlan", "traits": { - "smithy.api#documentation": "

                                                                                                The pricing plan for the specified map resource.

                                                                                                \n

                                                                                                For additional details and restrictions on each pricing plan option, see the Amazon Location Service pricing\n page.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The pricing plan for the specified map resource.

                                                                                                \n

                                                                                                For additional details and restrictions on each pricing plan option, see Amazon Location Service pricing.

                                                                                                ", "smithy.api#required": {} } }, @@ -4226,14 +4238,14 @@ "DataSource": { "target": "smithy.api#String", "traits": { - "smithy.api#documentation": "

                                                                                                The data provider of geospatial data. Indicates one of the available providers:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n Esri\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n Here\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                For additional details on data providers, see the Amazon Location Service data providers page.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The data provider of geospatial data. Indicates one of the available providers:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n Esri\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n Here\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                For additional details on data providers, see Amazon Location Service data providers.

                                                                                                ", "smithy.api#required": {} } }, "PricingPlan": { "target": "com.amazonaws.location#PricingPlan", "traits": { - "smithy.api#documentation": "

                                                                                                The pricing plan for the specified place index resource.

                                                                                                \n

                                                                                                For additional details and restrictions on each pricing plan option, see the Amazon Location Service pricing\n page.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The pricing plan for the specified place index resource.

                                                                                                \n

                                                                                                For additional details and restrictions on each pricing plan option, see Amazon Location Service pricing.

                                                                                                ", "smithy.api#required": {} } }, @@ -4651,7 +4663,7 @@ "PricingPlan": { "target": "com.amazonaws.location#PricingPlan", "traits": { - "smithy.api#documentation": "

                                                                                                The pricing plan for the specified tracker resource.

                                                                                                \n

                                                                                                For additional details and restrictions on each pricing plan option, see the Amazon Location Service pricing\n page.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The pricing plan for the specified tracker resource.

                                                                                                \n

                                                                                                For additional details and restrictions on each pricing plan option, see Amazon Location Service pricing.

                                                                                                ", "smithy.api#required": {} } }, @@ -4731,7 +4743,7 @@ "Style": { "target": "com.amazonaws.location#MapStyle", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies the map style selected from an available data provider. For additional\n information on each map style and to preview each map style, see Esri map\n styles and HERE map\n styles.

                                                                                                \n

                                                                                                Valid Esri styles:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n VectorEsriDarkGrayCanvas – The Esri Dark Gray Canvas map style. A\n vector basemap with a dark gray, neutral background with minimal colors, labels,\n and features that's designed to draw attention to your thematic content.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n RasterEsriImagery – The Esri Imagery map style. A raster basemap\n that provides one meter or better satellite and aerial imagery in many parts of\n the world and lower resolution satellite imagery worldwide.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n VectorEsriLightGrayCanvas – The Esri Light Gray Canvas map style,\n which provides a detailed vector basemap with a light gray, neutral background\n style with minimal colors, labels, and features that's designed to draw\n attention to your thematic content.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n VectorEsriTopographic – The Esri Light map style, which provides\n a detailed vector basemap with a classic Esri map style.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n VectorEsriStreets – The Esri World Streets map style, which\n provides a detailed vector basemap for the world symbolized with a classic Esri\n street map style. The vector tile layer is similar in content and style to the\n World Street Map raster map.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n VectorEsriNavigation – The Esri World Navigation map style, which\n provides a detailed basemap for the world symbolized with a custom navigation\n map style that's designed for use during the day in mobile devices.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                Valid HERE\n Technologies styles:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n VectorHereBerlin – The HERE Berlin map style is a high contrast\n detailed base map of the world that blends 3D and 2D rendering.

                                                                                                  \n \n

                                                                                                  When using HERE as your data provider, and selecting the Style\n VectorHereBerlin, you may not use HERE Technologies maps\n for Asset Management. See the AWS Service Terms\n for Amazon Location Service.

                                                                                                  \n                                                                                                   \n
                                                                                                  • \n
                                                                                                ", + "smithy.api#documentation": "

                                                                                                Specifies the map style selected from an available data provider.

                                                                                                \n

                                                                                                Valid Esri map styles:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n VectorEsriDarkGrayCanvas – The Esri Dark Gray Canvas map style. A\n vector basemap with a dark gray, neutral background with minimal colors, labels,\n and features that's designed to draw attention to your thematic content.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n RasterEsriImagery – The Esri Imagery map style. A raster basemap\n that provides one meter or better satellite and aerial imagery in many parts of\n the world and lower resolution satellite imagery worldwide.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n VectorEsriLightGrayCanvas – The Esri Light Gray Canvas map style,\n which provides a detailed vector basemap with a light gray, neutral background\n style with minimal colors, labels, and features that's designed to draw\n attention to your thematic content.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n VectorEsriTopographic – The Esri Light map style, which provides\n a detailed vector basemap with a classic Esri map style.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n VectorEsriStreets – The Esri World Streets map style, which\n provides a detailed vector basemap for the world symbolized with a classic Esri\n street map style. The vector tile layer is similar in content and style to the\n World Street Map raster map.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n VectorEsriNavigation – The Esri World Navigation map style, which\n provides a detailed basemap for the world symbolized with a custom navigation\n map style that's designed for use during the day in mobile devices.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                Valid HERE\n Technologies map styles:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n VectorHereBerlin – The HERE Berlin map style is a high contrast\n detailed base map of the world that blends 3D and 2D rendering.

                                                                                                  \n \n

                                                                                                  When using HERE as your data provider, and selecting the Style\n VectorHereBerlin, you may not use HERE Technologies maps\n for Asset Management. See the AWS Service Terms\n for Amazon Location Service.

                                                                                                  \n                                                                                                   \n
                                                                                                  • \n
                                                                                                ", "smithy.api#required": {} } } @@ -4943,6 +4955,21 @@ "smithy.api#sensitive": {} } }, + "com.amazonaws.location#PositionFiltering": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "TimeBased", + "documentation": "Filtering device position updates based on time" + }, + { + "value": "DistanceBased", + "documentation": "Filtering device position updates based on distance" + } + ] + } + }, "com.amazonaws.location#PricingPlan": { "type": "string", "traits": { @@ -5273,7 +5300,7 @@ "DataSource": { "target": "smithy.api#String", "traits": { - "smithy.api#documentation": "

                                                                                                The data provider of geospatial data. Indicates one of the available providers:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Esri

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  HERE

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                For additional details on data providers, see the Amazon Location Service data providers page.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The data provider of geospatial data. Indicates one of the available providers:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Esri

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  HERE

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                For additional details on data providers, see Amazon Location Service data providers.

                                                                                                ", "smithy.api#required": {} } } @@ -5432,7 +5459,7 @@ "DataSource": { "target": "smithy.api#String", "traits": { - "smithy.api#documentation": "

                                                                                                The data provider of geospatial data. Indicates one of the available providers:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Esri

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  HERE

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                For additional details on data providers, see the Amazon Location Service data providers page.

                                                                                                ", + "smithy.api#documentation": "

                                                                                                The data provider of geospatial data. Indicates one of the available providers:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Esri

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  HERE

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                For additional details on data providers, see Amazon Location Service data providers.

                                                                                                ", "smithy.api#required": {} } } @@ -6297,6 +6324,12 @@ "traits": { "smithy.api#documentation": "

                                                                                                Updates the description for the tracker resource.

                                                                                                " } + }, + "PositionFiltering": { + "target": "com.amazonaws.location#PositionFiltering", + "traits": { + "smithy.api#documentation": "

                                                                                                Updates the position filtering for the tracker resource.

                                                                                                \n

                                                                                                Valid values:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n TimeBased - Location updates are evaluated against linked geofence collections, \n but not every location update is stored. If your update frequency is more often than 30 seconds, \n only one update per 30 seconds is stored for each unique device ID.\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n DistanceBased - If the device has moved less than 30 m (98.4 ft), location updates are \n ignored. Location updates within this distance are neither evaluated against linked geofence collections, nor stored. \n This helps control costs by reducing the number of geofence evaluations and device positions to retrieve. \n Distance-based filtering can also reduce the jitter effect when displaying device trajectory on a map.\n

                                                                                                  \n
                                                                                                  • \n
                                                                                                " + } } } }, diff --git a/codegen/sdk-codegen/aws-models/sagemaker.2017-07-24.json b/codegen/sdk-codegen/aws-models/sagemaker.2017-07-24.json index 345aab661ec1..95f0d01b701f 100644 --- a/codegen/sdk-codegen/aws-models/sagemaker.2017-07-24.json +++ b/codegen/sdk-codegen/aws-models/sagemaker.2017-07-24.json @@ -402,7 +402,6 @@ "TrainingInputMode": { "target": "com.amazonaws.sagemaker#TrainingInputMode", "traits": { - "smithy.api#documentation": "

                                                                                                The input mode that the algorithm supports. For the input modes that Amazon SageMaker\n algorithms support, see Algorithms. If an algorithm supports the File input mode, Amazon SageMaker\n downloads the training data from S3 to the provisioned ML storage Volume, and mounts the\n directory to docker volume for training container. If an algorithm supports the\n Pipe input mode, Amazon SageMaker streams data directly from S3 to the container.

                                                                                                \n

                                                                                                In File mode, make sure you provision ML storage volume with sufficient capacity\n to accommodate the data download from S3. In addition to the training data, the ML\n storage volume also stores the output model. The algorithm container use ML storage\n volume to also store intermediate information, if any.

                                                                                                \n

                                                                                                For distributed algorithms using File mode, training data is distributed\n uniformly, and your training duration is predictable if the input data objects size is\n approximately same. Amazon SageMaker does not split the files any further for model training. If the\n object sizes are skewed, training won't be optimal as the data distribution is also\n skewed where one host in a training cluster is overloaded, thus becoming bottleneck in\n training.

                                                                                                ", "smithy.api#required": {} } }, @@ -1937,13 +1936,13 @@ "MaxRuntimePerTrainingJobInSeconds": { "target": "com.amazonaws.sagemaker#MaxRuntimePerTrainingJobInSeconds", "traits": { - "smithy.api#documentation": "

                                                                                                The maximum time, in seconds, a training job is allowed to run as part of an AutoML\n job.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The maximum time, in seconds, that each training job is allowed to run as part of a\n hyperparameter tuning job. For more information, see the used by the action.

                                                                                                " } }, "MaxAutoMLJobRuntimeInSeconds": { "target": "com.amazonaws.sagemaker#MaxAutoMLJobRuntimeInSeconds", "traits": { - "smithy.api#documentation": "

                                                                                                The maximum runtime, in seconds, an AutoML job has to complete.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The maximum runtime, in seconds, an AutoML job has to complete.

                                                                                                \n

                                                                                                If an AutoML job exceeds the maximum runtime, the job is stopped automatically and its\n processing is ended gracefully. The AutoML job identifies the best model whose training was\n completed and marks it as the best-performing model. Any unfinished steps of the job, such\n as automatic one-click Autopilot model deployment, will not be completed.

                                                                                                " } } }, @@ -4729,7 +4728,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Creates a Domain used by Amazon SageMaker Studio. A domain consists of an associated\n Amazon Elastic File System (EFS) volume, a list of authorized users, and a variety of security, application,\n policy, and Amazon Virtual Private Cloud (VPC) configurations. An Amazon Web Services account is limited to one domain per region.\n Users within a domain can share notebook files and other artifacts with each other.

                                                                                                \n\n

                                                                                                \n EFS storage\n

                                                                                                \n

                                                                                                When a domain is created, an EFS volume is created for use by all of the users within the\n domain. Each user receives a private home directory within the EFS volume for notebooks,\n Git repositories, and data files.

                                                                                                \n

                                                                                                SageMaker uses the Amazon Web Services Key Management Service (Amazon Web Services KMS) to encrypt the EFS volume attached to the domain with\n an Amazon Web Services managed key by default. For more control, you can specify a\n customer managed key. For more information, see\n Protect Data at\n Rest Using Encryption.

                                                                                                \n\n

                                                                                                \n VPC configuration\n

                                                                                                \n

                                                                                                All SageMaker Studio traffic between the domain and the EFS volume is through the specified\n VPC and subnets. For other Studio traffic, you can specify the AppNetworkAccessType\n parameter. AppNetworkAccessType corresponds to the network access type that you\n choose when you onboard to Studio. The following options are available:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n PublicInternetOnly - Non-EFS traffic goes through a VPC managed by\n Amazon SageMaker, which allows internet access. This is the default value.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n VpcOnly - All Studio traffic is through the specified VPC and subnets.\n Internet access is disabled by default. To allow internet access, you must specify a\n NAT gateway.

                                                                                                  \n

                                                                                                  When internet access is disabled, you won't be able to run a Studio notebook or to\n train or host models unless your VPC has an interface endpoint to the SageMaker API and runtime\n or a NAT gateway and your security groups allow outbound connections.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n \n

                                                                                                NFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules\n in order to launch a SageMaker Studio app successfully.

                                                                                                \n                                                                                                 \n

                                                                                                For more information, see\n Connect\n SageMaker Studio Notebooks to Resources in a VPC.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Creates a Domain used by Amazon SageMaker Studio. A domain consists of an associated\n Amazon Elastic File System (EFS) volume, a list of authorized users, and a variety of security, application,\n policy, and Amazon Virtual Private Cloud (VPC) configurations. An Amazon Web Services account is limited to one domain per region.\n Users within a domain can share notebook files and other artifacts with each other.

                                                                                                \n\n

                                                                                                \n EFS storage\n

                                                                                                \n

                                                                                                When a domain is created, an EFS volume is created for use by all of the users within the\n domain. Each user receives a private home directory within the EFS volume for notebooks,\n Git repositories, and data files.

                                                                                                \n

                                                                                                SageMaker uses the Amazon Web Services Key Management Service (Amazon Web Services KMS) to encrypt the EFS volume attached to the domain with\n an Amazon Web Services managed key by default. For more control, you can specify a\n customer managed key. For more information, see\n Protect Data at\n Rest Using Encryption.

                                                                                                \n\n

                                                                                                \n VPC configuration\n

                                                                                                \n

                                                                                                All SageMaker Studio traffic between the domain and the EFS volume is through the specified\n VPC and subnets. For other Studio traffic, you can specify the AppNetworkAccessType\n parameter. AppNetworkAccessType corresponds to the network access type that you\n choose when you onboard to Studio. The following options are available:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  \n PublicInternetOnly - Non-EFS traffic goes through a VPC managed by\n Amazon SageMaker, which allows internet access. This is the default value.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  \n VpcOnly - All Studio traffic is through the specified VPC and subnets.\n Internet access is disabled by default. To allow internet access, you must specify a\n NAT gateway.

                                                                                                  \n

                                                                                                  When internet access is disabled, you won't be able to run a Studio notebook or to\n train or host models unless your VPC has an interface endpoint to the SageMaker API and runtime\n or a NAT gateway and your security groups allow outbound connections.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n \n

                                                                                                NFS traffic over TCP on port 2049 needs to be allowed in both inbound and outbound rules\n in order to launch a SageMaker Studio app successfully.

                                                                                                \n                                                                                                 \n

                                                                                                For more information, see\n Connect\n SageMaker Studio Notebooks to Resources in a VPC.

                                                                                                " } }, "com.amazonaws.sagemaker#CreateDomainRequest": { @@ -4903,7 +4902,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Creates an endpoint using the endpoint configuration specified in the request. Amazon SageMaker\n uses the endpoint to provision resources and deploy models. You create the endpoint\n configuration with the CreateEndpointConfig API.

                                                                                                \n

                                                                                                Use this API to deploy models using Amazon SageMaker hosting services.

                                                                                                \n

                                                                                                For an example that calls this method when deploying a model to Amazon SageMaker hosting services,\n see the Create Endpoint example notebook.\n

                                                                                                \n \n

                                                                                                You must not delete an EndpointConfig that is in use by an endpoint\n that is live or while the UpdateEndpoint or CreateEndpoint\n operations are being performed on the endpoint. To update an endpoint, you must\n create a new EndpointConfig.

                                                                                                \n                                                                                                 \n

                                                                                                The endpoint name must be unique within an Amazon Web Services Region in your Amazon Web Services account.

                                                                                                \n

                                                                                                When it receives the request, Amazon SageMaker creates the endpoint, launches the resources (ML\n compute instances), and deploys the model(s) on them.

                                                                                                \n \n \n

                                                                                                When you call CreateEndpoint, a load call is made to DynamoDB to\n verify that your endpoint configuration exists. When you read data from a DynamoDB\n table supporting \n Eventually Consistent Reads\n , the response might not\n reflect the results of a recently completed write operation. The response might\n include some stale data. If the dependent entities are not yet in DynamoDB, this\n causes a validation error. If you repeat your read request after a short time, the\n response should return the latest data. So retry logic is recommended to handle\n these possible issues. We also recommend that customers call DescribeEndpointConfig before calling CreateEndpoint to minimize the potential impact of a DynamoDB eventually consistent read.

                                                                                                \n                                                                                                 \n

                                                                                                When Amazon SageMaker receives the request, it sets the endpoint status to\n Creating. After it creates the endpoint, it sets the status to\n InService. Amazon SageMaker can then process incoming requests for inferences. To\n check the status of an endpoint, use the DescribeEndpoint\n API.

                                                                                                \n

                                                                                                If any of the models hosted at this endpoint get model data from an Amazon S3 location,\n Amazon SageMaker uses Amazon Web Services Security Token Service to download model artifacts from the S3 path you\n provided. Amazon Web Services STS is activated in your IAM user account by default. If you previously\n deactivated Amazon Web Services STS for a region, you need to reactivate Amazon Web Services STS for that region. For\n more information, see Activating and\n Deactivating Amazon Web Services STS in an Amazon Web Services Region in the Amazon Web Services Identity and Access Management User\n Guide.

                                                                                                \n \n

                                                                                                To add the IAM role policies for using this API operation, go to the IAM console, and choose\n Roles in the left navigation pane. Search the IAM role that you want to grant\n access to use the CreateEndpoint and CreateEndpointConfig API operations, add the following policies to\n the role.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Option 1: For a full Amazon SageMaker access, search and attach the\n AmazonSageMakerFullAccess policy.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Option 2: For granting a limited access to an IAM role, paste the\n following Action elements manually into the JSON file of the IAM role:

                                                                                                  \n

                                                                                                  \n \"Action\": [\"sagemaker:CreateEndpoint\",\n \"sagemaker:CreateEndpointConfig\"]\n

                                                                                                  \n

                                                                                                  \n \"Resource\": [\n

                                                                                                  \n

                                                                                                  \n \"arn:aws:sagemaker:region:account-id:endpoint/endpointName\"\n

                                                                                                  \n

                                                                                                  \n \"arn:aws:sagemaker:region:account-id:endpoint-config/endpointConfigName\"\n

                                                                                                  \n

                                                                                                  \n ]\n

                                                                                                  \n

                                                                                                  For more information, see Amazon SageMaker API\n Permissions: Actions, Permissions, and Resources\n Reference.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n\n                                                                                                 " + "smithy.api#documentation": "

                                                                                                Creates an endpoint using the endpoint configuration specified in the request. Amazon SageMaker\n uses the endpoint to provision resources and deploy models. You create the endpoint\n configuration with the CreateEndpointConfig API.

                                                                                                \n

                                                                                                Use this API to deploy models using Amazon SageMaker hosting services.

                                                                                                \n

                                                                                                For an example that calls this method when deploying a model to Amazon SageMaker hosting services,\n see the Create Endpoint example notebook.\n

                                                                                                \n \n

                                                                                                You must not delete an EndpointConfig that is in use by an endpoint\n that is live or while the UpdateEndpoint or CreateEndpoint\n operations are being performed on the endpoint. To update an endpoint, you must\n create a new EndpointConfig.

                                                                                                \n                                                                                                 \n

                                                                                                The endpoint name must be unique within an Amazon Web Services Region in your Amazon Web Services account.

                                                                                                \n

                                                                                                When it receives the request, Amazon SageMaker creates the endpoint, launches the resources (ML\n compute instances), and deploys the model(s) on them.

                                                                                                \n \n \n

                                                                                                When you call CreateEndpoint, a load call is made to DynamoDB to\n verify that your endpoint configuration exists. When you read data from a DynamoDB\n table supporting \n Eventually Consistent Reads\n , the response might not\n reflect the results of a recently completed write operation. The response might\n include some stale data. If the dependent entities are not yet in DynamoDB, this\n causes a validation error. If you repeat your read request after a short time, the\n response should return the latest data. So retry logic is recommended to handle\n these possible issues. We also recommend that customers call DescribeEndpointConfig before calling CreateEndpoint to minimize the potential impact of a DynamoDB eventually consistent read.

                                                                                                \n                                                                                                 \n

                                                                                                When Amazon SageMaker receives the request, it sets the endpoint status to\n Creating. After it creates the endpoint, it sets the status to\n InService. Amazon SageMaker can then process incoming requests for inferences. To\n check the status of an endpoint, use the DescribeEndpoint\n API.

                                                                                                \n

                                                                                                If any of the models hosted at this endpoint get model data from an Amazon S3 location,\n Amazon SageMaker uses Amazon Web Services Security Token Service to download model artifacts from the S3 path you\n provided. Amazon Web Services STS is activated in your IAM user account by default. If you previously\n deactivated Amazon Web Services STS for a region, you need to reactivate Amazon Web Services STS for that region. For\n more information, see Activating and\n Deactivating Amazon Web Services STS in an Amazon Web Services Region in the Amazon Web Services Identity and Access Management User\n Guide.

                                                                                                \n \n

                                                                                                To add the IAM role policies for using this API operation, go to the IAM console, and choose\n Roles in the left navigation pane. Search the IAM role that you want to grant\n access to use the CreateEndpoint and CreateEndpointConfig API operations, add the following policies to\n the role.

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  Option 1: For a full SageMaker access, search and attach the\n AmazonSageMakerFullAccess policy.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  Option 2: For granting a limited access to an IAM role, paste the\n following Action elements manually into the JSON file of the IAM role:

                                                                                                  \n

                                                                                                  \n \"Action\": [\"sagemaker:CreateEndpoint\",\n \"sagemaker:CreateEndpointConfig\"]\n

                                                                                                  \n

                                                                                                  \n \"Resource\": [\n

                                                                                                  \n

                                                                                                  \n \"arn:aws:sagemaker:region:account-id:endpoint/endpointName\"\n

                                                                                                  \n

                                                                                                  \n \"arn:aws:sagemaker:region:account-id:endpoint-config/endpointConfigName\"\n

                                                                                                  \n

                                                                                                  \n ]\n

                                                                                                  \n

                                                                                                  For more information, see SageMaker API\n Permissions: Actions, Permissions, and Resources\n Reference.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n\n                                                                                                 " } }, "com.amazonaws.sagemaker#CreateEndpointConfig": { @@ -5130,7 +5129,7 @@ "OfflineStoreConfig": { "target": "com.amazonaws.sagemaker#OfflineStoreConfig", "traits": { - "smithy.api#documentation": "

                                                                                                Use this to configure an OfflineFeatureStore. This parameter allows you to\n specify:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  The Amazon Simple Storage Service (Amazon S3) location of an\n OfflineStore.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  A configuration for an Amazon Web Services Glue or Amazon Web Services Hive data cataolgue.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  An KMS encryption key to encrypt the Amazon S3 location used for\n OfflineStore.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To learn more about this parameter, see OfflineStoreConfig.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Use this to configure an OfflineFeatureStore. This parameter allows you to\n specify:

                                                                                                \n
                                                                                                  \n
                                                                                                • \n

                                                                                                  The Amazon Simple Storage Service (Amazon S3) location of an\n OfflineStore.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  A configuration for an Amazon Web Services Glue or Amazon Web Services Hive data catalog.

                                                                                                  \n
                                                                                                  • \n
                                                                                                • \n

                                                                                                  An KMS encryption key to encrypt the Amazon S3 location used for\n OfflineStore. If KMS encryption key is not specified, by default we encrypt all data at rest using \n Amazon Web Services KMS key. By defining your bucket-level key for SSE, \n you can reduce Amazon Web Services KMS requests costs by up to 99 percent.

                                                                                                  \n
                                                                                                  • \n
                                                                                                \n

                                                                                                To learn more about this parameter, see OfflineStoreConfig.

                                                                                                " } }, "RoleArn": { @@ -6481,7 +6480,7 @@ } ], "traits": { - "smithy.api#documentation": "

                                                                                                Creates a URL for a specified UserProfile in a Domain. When accessed in a web browser,\n the user will be automatically signed in to Amazon SageMaker Studio, and granted access to all of\n the Apps and files associated with the Domain's Amazon Elastic File System (EFS) volume.\n This operation can only be called when the authentication mode equals IAM.\n

                                                                                                \n

                                                                                                The IAM role or user used to call this API defines the permissions to access the app. Once\n the presigned URL is created, no additional permission is required to access this URL. IAM\n authorization policies for this API are also enforced for every HTTP request and WebSocket\n frame that attempts to connect to the app.

                                                                                                \n

                                                                                                You can restrict access to this API and to the\n URL that it returns to a list of IP addresses, Amazon VPCs or Amazon VPC Endpoints that you specify. For more\n information, see Connect to SageMaker Studio Through an Interface VPC Endpoint\n .

                                                                                                \n \n

                                                                                                The URL that you get from a call to CreatePresignedDomainUrl has a default timeout of 5 minutes. You can configure this value using ExpiresInSeconds. If you try to use the URL after the timeout limit expires, you\n are directed to the Amazon Web Services console sign-in page.

                                                                                                \n                                                                                                 " + "smithy.api#documentation": "

                                                                                                Creates a URL for a specified UserProfile in a Domain. When accessed in a web browser,\n the user will be automatically signed in to Amazon SageMaker Studio, and granted access to all of\n the Apps and files associated with the Domain's Amazon Elastic File System (EFS) volume.\n This operation can only be called when the authentication mode equals IAM.\n

                                                                                                \n

                                                                                                The IAM role or user used to call this API defines the permissions to access the app. Once\n the presigned URL is created, no additional permission is required to access this URL. IAM\n authorization policies for this API are also enforced for every HTTP request and WebSocket\n frame that attempts to connect to the app.

                                                                                                \n

                                                                                                You can restrict access to this API and to the\n URL that it returns to a list of IP addresses, Amazon VPCs or Amazon VPC Endpoints that you specify. For more\n information, see Connect to SageMaker Studio Through an Interface VPC Endpoint\n .

                                                                                                \n \n

                                                                                                The URL that you get from a call to CreatePresignedDomainUrl has a default timeout of 5 minutes. You can configure this value using ExpiresInSeconds. If you try to use the URL after the timeout limit expires, you\n are directed to the Amazon Web Services console sign-in page.

                                                                                                \n                                                                                                 " } }, "com.amazonaws.sagemaker#CreatePresignedDomainUrlRequest": { @@ -7685,7 +7684,7 @@ "JoinSource": { "target": "com.amazonaws.sagemaker#JoinSource", "traits": { - "smithy.api#documentation": "

                                                                                                Specifies the source of the data to join with the transformed data. The valid values\n are None and Input. The default value is None,\n which specifies not to join the input with the transformed data. If you want the batch\n transform job to join the original input data with the transformed data, set\n JoinSource to Input. You can specify\n OutputFilter as an additional filter to select a portion of the joined\n dataset and store it in the output file.

                                                                                                \n

                                                                                                For JSON or JSONLines objects, such as a JSON array, Amazon SageMaker adds the transformed data to\n the input JSON object in an attribute called SageMakerOutput. The joined\n result for JSON must be a key-value pair object. If the input is not a key-value pair\n object, Amazon SageMaker creates a new JSON file. In the new JSON file, and the input data is stored\n under the SageMakerInput key and the results are stored in\n SageMakerOutput.

                                                                                                \n

                                                                                                For CSV data, Amazon SageMaker takes each row as a JSON array and joins the transformed data with\n the input by appending each transformed row to the end of the input. The joined data has\n the original input data followed by the transformed data and the output is a CSV\n file.

                                                                                                \n

                                                                                                For information on how joining in applied, see Workflow for Associating Inferences with Input Records.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Specifies the source of the data to join with the transformed data. The valid values\n are None and Input. The default value is None,\n which specifies not to join the input with the transformed data. If you want the batch\n transform job to join the original input data with the transformed data, set\n JoinSource to Input. You can specify\n OutputFilter as an additional filter to select a portion of the joined\n dataset and store it in the output file.

                                                                                                \n

                                                                                                For JSON or JSONLines objects, such as a JSON array, SageMaker adds the transformed data to\n the input JSON object in an attribute called SageMakerOutput. The joined\n result for JSON must be a key-value pair object. If the input is not a key-value pair\n object, SageMaker creates a new JSON file. In the new JSON file, and the input data is stored\n under the SageMakerInput key and the results are stored in\n SageMakerOutput.

                                                                                                \n

                                                                                                For CSV data, SageMaker takes each row as a JSON array and joins the transformed data with\n the input by appending each transformed row to the end of the input. The joined data has\n the original input data followed by the transformed data and the output is a CSV\n file.

                                                                                                \n

                                                                                                For information on how joining in applied, see Workflow for Associating Inferences with Input Records.

                                                                                                " } } }, @@ -9642,7 +9641,7 @@ "LastUserActivityTimestamp": { "target": "com.amazonaws.sagemaker#Timestamp", "traits": { - "smithy.api#documentation": "

                                                                                                The timestamp of the last user's activity.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The timestamp of the last user's activity. LastUserActivityTimestamp is also updated when SageMaker performs health checks without user activity. As a result, this value is set to the same value as LastHealthCheckTimestamp.

                                                                                                " } }, "CreationTime": { @@ -13898,7 +13897,7 @@ "BillableTimeInSeconds": { "target": "com.amazonaws.sagemaker#BillableTimeInSeconds", "traits": { - "smithy.api#documentation": "

                                                                                                The billable time in seconds. Billable time refers to the absolute wall-clock\n time.

                                                                                                \n

                                                                                                Multiply BillableTimeInSeconds by the number of instances\n (InstanceCount) in your training cluster to get the total compute time\n Amazon SageMaker will bill you if you run distributed training. The formula is as follows:\n BillableTimeInSeconds * InstanceCount .

                                                                                                \n

                                                                                                You can calculate the savings from using managed spot training using the formula\n (1 - BillableTimeInSeconds / TrainingTimeInSeconds) * 100. For example,\n if BillableTimeInSeconds is 100 and TrainingTimeInSeconds is\n 500, the savings is 80%.

                                                                                                " + "smithy.api#documentation": "

                                                                                                The billable time in seconds. Billable time refers to the absolute wall-clock\n time.

                                                                                                \n

                                                                                                Multiply BillableTimeInSeconds by the number of instances\n (InstanceCount) in your training cluster to get the total compute time\n SageMaker will bill you if you run distributed training. The formula is as follows:\n BillableTimeInSeconds * InstanceCount .

                                                                                                \n

                                                                                                You can calculate the savings from using managed spot training using the formula\n (1 - BillableTimeInSeconds / TrainingTimeInSeconds) * 100. For example,\n if BillableTimeInSeconds is 100 and TrainingTimeInSeconds is\n 500, the savings is 80%.

                                                                                                " } }, "DebugHookConfig": { @@ -15682,7 +15681,7 @@ "S3InputMode": { "target": "com.amazonaws.sagemaker#ProcessingS3InputMode", "traits": { - "smithy.api#documentation": "

                                                                                                Whether the Pipe or File is used as the input mode for\n transfering data for the monitoring job. Pipe mode is recommended for large\n datasets. File mode is useful for small files that fit in memory. Defaults to\n File.

                                                                                                " + "smithy.api#documentation": "

                                                                                                Whether the Pipe or File is used as the input mode for\n transferring data for the monitoring job. Pipe mode is recommended for large\n datasets. File mode is useful for small files that fit in memory. Defaults to\n File.

                                                                                                " } }, "S3DataDistributionType": { @@ -17500,7 +17499,6 @@ "TrainingInputMode": { "target": "com.amazonaws.sagemaker#TrainingInputMode", "traits": { - "smithy.api#documentation": "

                                                                                                The input mode that the algorithm supports:\n File\n or Pipe. In File input mode, Amazon SageMaker downloads the training data from\n Amazon S3 to the\n storage\n volume that is attached to the training instance and mounts the directory to the Docker\n volume for the training container. In Pipe input mode, Amazon SageMaker streams\n data directly from Amazon S3 to the container.

                                                                                                \n

                                                                                                If you specify File mode, make sure that\n you\n provision the storage volume that is attached to the training instance with enough\n capacity to accommodate the training data downloaded from Amazon S3, the model artifacts, and\n intermediate\n information.

                                                                                                \n

                                                                                                \n

                                                                                                For more information about input modes, see Algorithms.

                                                                                                ", "smithy.api#required": {} } }, @@ -33848,7 +33846,7 @@ } }, "traits": { - "smithy.api#documentation": "

                                                                                                Specifies a limit to how long a model training job, model compilation job, or\n hyperparameter tuning job can run. It also specifies how long a managed Spot training\n job has to complete. When the job reaches the time limit, Amazon SageMaker ends the training or\n compilation job. Use this API to cap model training costs.

                                                                                                \n

                                                                                                To stop a training job, Amazon SageMaker sends the algorithm the SIGTERM signal, which delays\n job termination for 120 seconds. Algorithms can use this 120-second window to save the\n model artifacts, so the results of training are not lost.

                                                                                                \n

                                                                                                The training algorithms provided by Amazon SageMaker automatically save the intermediate results\n of a model training job when possible. This attempt to save artifacts is only a best\n effort case as model might not be in a state from which it can be saved. For example, if\n training has just started, the model might not be ready to save. When saved, this\n intermediate data is a valid model artifact. You can use it to create a model with\n CreateModel.

                                                                                                \n \n

                                                                                                The Neural Topic Model (NTM) currently does not support saving intermediate model\n artifacts. When training NTMs, make sure that the maximum runtime is sufficient for\n the training job to complete.

                                                                                                \n                                                                                                 " + "smithy.api#documentation": "

                                                                                                Specifies a limit to how long a model training job or model compilation job \n can run. It also specifies how long a managed spot training\n job has to complete. When the job reaches the time limit, Amazon SageMaker ends the training or\n compilation job. Use this API to cap model training costs.

                                                                                                \n

                                                                                                To stop a training job, Amazon SageMaker sends the algorithm the SIGTERM signal, which delays\n job termination for 120 seconds. Algorithms can use this 120-second window to save the\n model artifacts, so the results of training are not lost.

                                                                                                \n

                                                                                                The training algorithms provided by Amazon SageMaker automatically save the intermediate results\n of a model training job when possible. This attempt to save artifacts is only a best\n effort case as model might not be in a state from which it can be saved. For example, if\n training has just started, the model might not be ready to save. When saved, this\n intermediate data is a valid model artifact. You can use it to create a model with\n CreateModel.

                                                                                                \n \n

                                                                                                The Neural Topic Model (NTM) currently does not support saving intermediate model\n artifacts. When training NTMs, make sure that the maximum runtime is sufficient for\n the training job to complete.

                                                                                                \n                                                                                                 " } }, "com.amazonaws.sagemaker#String": { @@ -34141,7 +34139,7 @@ } }, "traits": { - "smithy.api#documentation": "

                                                                                                A tag object that consists of a key and an optional value, used to manage metadata\n for Amazon SageMaker Amazon Web Services resources.

                                                                                                \n

                                                                                                You can add tags to notebook instances, training jobs, hyperparameter tuning jobs,\n batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and\n endpoints. For more information on adding tags to Amazon SageMaker resources, see AddTags.

                                                                                                \n

                                                                                                For more information on adding metadata to your Amazon Web Services resources with tagging, see\n Tagging Amazon Web Services\n resources. For advice on best practices for managing Amazon Web Services resources with\n tagging, see Tagging\n Best Practices: Implement an Effective Amazon Web Services Resource Tagging Strategy.

                                                                                                " + "smithy.api#documentation": "

                                                                                                A tag object that consists of a key and an optional value, used to manage metadata\n for SageMaker Amazon Web Services resources.

                                                                                                \n

                                                                                                You can add tags to notebook instances, training jobs, hyperparameter tuning jobs,\n batch transform jobs, models, labeling jobs, work teams, endpoint configurations, and\n endpoints. For more information on adding tags to SageMaker resources, see AddTags.

                                                                                                \n

                                                                                                For more information on adding metadata to your Amazon Web Services resources with tagging, see\n Tagging Amazon Web Services\n resources. For advice on best practices for managing Amazon Web Services resources with\n tagging, see Tagging\n Best Practices: Implement an Effective Amazon Web Services Resource Tagging Strategy.

                                                                                                " } }, "com.amazonaws.sagemaker#TagKey": { @@ -34677,6 +34675,7 @@ "com.amazonaws.sagemaker#TrainingInputMode": { "type": "string", "traits": { + "smithy.api#documentation": "

                                                                                                The training input mode that the algorithm supports. For more information about input modes, see\n Algorithms.

                                                                                                \n\n

                                                                                                \n Pipe mode\n

                                                                                                \n

                                                                                                If an algorithm supports Pipe mode, Amazon SageMaker streams data directly\n from Amazon S3 to the container.

                                                                                                \n\n

                                                                                                \n File mode\n

                                                                                                \n

                                                                                                If an algorithm supports File mode, SageMaker\n downloads the training data from S3 to the provisioned ML storage volume, and mounts the\n directory to the Docker volume for the training container.

                                                                                                \n

                                                                                                You must provision the ML storage volume with sufficient capacity\n to accommodate the data downloaded from S3. In addition to the training data, the ML\n storage volume also stores the output model. The algorithm container uses the ML storage\n volume to also store intermediate information, if any.

                                                                                                \n

                                                                                                For distributed algorithms, training data is distributed uniformly.\n Your training duration is predictable if the input data objects sizes are\n approximately the same. SageMaker does not split the files any further for model training.\n If the object sizes are skewed, training won't be optimal as the data distribution is also\n skewed when one host in a training cluster is overloaded, thus becoming a bottleneck in\n training.

                                                                                                \n\n

                                                                                                \n FastFile mode\n

                                                                                                \n

                                                                                                If an algorithm supports FastFile mode, SageMaker streams data directly\n from S3 to the container with no code changes, and provides file system access to\n the data. Users can author their training script to interact with these files as if\n they were stored on disk.

                                                                                                \n

                                                                                                \n FastFile mode works best when the data is read sequentially.\n Augmented manifest files aren't supported.\n The startup time is lower when there are fewer files in the S3 bucket provided.

                                                                                                ", "smithy.api#enum": [ { "value": "Pipe", @@ -34685,6 +34684,10 @@ { "value": "File", "name": "FILE" + }, + { + "value": "FastFile", + "name": "FASTFILE" } ] } @@ -35100,7 +35103,6 @@ "TrainingInputMode": { "target": "com.amazonaws.sagemaker#TrainingInputMode", "traits": { - "smithy.api#documentation": "

                                                                                                The input mode used by the algorithm for the training job. For the input modes that\n Amazon SageMaker algorithms support, see Algorithms.

                                                                                                \n

                                                                                                If an algorithm supports the File input mode, Amazon SageMaker downloads the training\n data from S3 to the provisioned ML storage Volume, and mounts the directory to docker\n volume for training container. If an algorithm supports the Pipe input\n mode, Amazon SageMaker streams data directly from S3 to the container.

                                                                                                ", "smithy.api#required": {} } }, diff --git a/codegen/sdk-codegen/aws-models/workmail.2017-10-01.json b/codegen/sdk-codegen/aws-models/workmail.2017-10-01.json index 342463944b4e..adb26b8acd9f 100644 --- a/codegen/sdk-codegen/aws-models/workmail.2017-10-01.json +++ b/codegen/sdk-codegen/aws-models/workmail.2017-10-01.json @@ -357,6 +357,12 @@ "com.amazonaws.workmail#Boolean": { "type": "boolean" }, + "com.amazonaws.workmail#BooleanObject": { + "type": "boolean", + "traits": { + "smithy.api#box": {} + } + }, "com.amazonaws.workmail#CancelMailboxExportJob": { "type": "operation", "input": { @@ -1632,6 +1638,50 @@ } } }, + "com.amazonaws.workmail#DescribeInboundDmarcSettings": { + "type": "operation", + "input": { + "target": "com.amazonaws.workmail#DescribeInboundDmarcSettingsRequest" + }, + "output": { + "target": "com.amazonaws.workmail#DescribeInboundDmarcSettingsResponse" + }, + "errors": [ + { + "target": "com.amazonaws.workmail#OrganizationNotFoundException" + }, + { + "target": "com.amazonaws.workmail#OrganizationStateException" + } + ], + "traits": { + "smithy.api#documentation": "

                                                                                                Lists the settings in a DMARC policy for a specified organization.

                                                                                                ", + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.workmail#DescribeInboundDmarcSettingsRequest": { + "type": "structure", + "members": { + "OrganizationId": { + "target": "com.amazonaws.workmail#OrganizationId", + "traits": { + "smithy.api#documentation": "

                                                                                                Lists the ID of the given organization.

                                                                                                ", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.workmail#DescribeInboundDmarcSettingsResponse": { + "type": "structure", + "members": { + "Enforced": { + "target": "com.amazonaws.workmail#Boolean", + "traits": { + "smithy.api#documentation": "

                                                                                                Lists the enforcement setting of the applied policy.

                                                                                                " + } + } + } + }, "com.amazonaws.workmail#DescribeMailboxExportJob": { "type": "operation", "input": { @@ -4707,6 +4757,50 @@ "type": "structure", "members": {} }, + "com.amazonaws.workmail#PutInboundDmarcSettings": { + "type": "operation", + "input": { + "target": "com.amazonaws.workmail#PutInboundDmarcSettingsRequest" + }, + "output": { + "target": "com.amazonaws.workmail#PutInboundDmarcSettingsResponse" + }, + "errors": [ + { + "target": "com.amazonaws.workmail#OrganizationNotFoundException" + }, + { + "target": "com.amazonaws.workmail#OrganizationStateException" + } + ], + "traits": { + "smithy.api#documentation": "

                                                                                                Enables or disables a DMARC policy for a given organization.

                                                                                                ", + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.workmail#PutInboundDmarcSettingsRequest": { + "type": "structure", + "members": { + "OrganizationId": { + "target": "com.amazonaws.workmail#OrganizationId", + "traits": { + "smithy.api#documentation": "

                                                                                                The ID of the organization that you are applying the DMARC policy to.

                                                                                                ", + "smithy.api#required": {} + } + }, + "Enforced": { + "target": "com.amazonaws.workmail#BooleanObject", + "traits": { + "smithy.api#documentation": "

                                                                                                Enforces or suspends a policy after it's applied.

                                                                                                ", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.workmail#PutInboundDmarcSettingsResponse": { + "type": "structure", + "members": {} + }, "com.amazonaws.workmail#PutMailboxPermissions": { "type": "operation", "input": { @@ -6058,6 +6152,9 @@ { "target": "com.amazonaws.workmail#DescribeGroup" }, + { + "target": "com.amazonaws.workmail#DescribeInboundDmarcSettings" + }, { "target": "com.amazonaws.workmail#DescribeMailboxExportJob" }, @@ -6133,6 +6230,9 @@ { "target": "com.amazonaws.workmail#PutAccessControlRule" }, + { + "target": "com.amazonaws.workmail#PutInboundDmarcSettings" + }, { "target": "com.amazonaws.workmail#PutMailboxPermissions" }, diff --git a/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/endpoints.json b/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/endpoints.json index d902b59f2b17..f0ac9505dc2d 100644 --- a/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/endpoints.json +++ b/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/endpoints.json @@ -1983,6 +1983,29 @@ "us-west-2": {} } }, + "databrew": { + "endpoints": { + "af-south-1": {}, + "ap-east-1": {}, + "ap-northeast-1": {}, + "ap-northeast-2": {}, + "ap-south-1": {}, + "ap-southeast-1": {}, + "ap-southeast-2": {}, + "ca-central-1": {}, + "eu-central-1": {}, + "eu-north-1": {}, + "eu-south-1": {}, + "eu-west-1": {}, + "eu-west-2": {}, + "eu-west-3": {}, + "sa-east-1": {}, + "us-east-1": {}, + "us-east-2": {}, + "us-west-1": {}, + "us-west-2": {} + } + }, "dataexchange": { "endpoints": { "ap-northeast-1": {}, @@ -3574,6 +3597,70 @@ "us-west-2": {} } }, + "grafana": { + "endpoints": { + "ap-northeast-1": { + "credentialScope": { + "region": "ap-northeast-1" + }, + "hostname": "grafana.ap-northeast-1.amazonaws.com" + }, + "ap-northeast-2": { + "credentialScope": { + "region": "ap-northeast-2" + }, + "hostname": "grafana.ap-northeast-2.amazonaws.com" + }, + "ap-southeast-1": { + "credentialScope": { + "region": "ap-southeast-1" + }, + "hostname": "grafana.ap-southeast-1.amazonaws.com" + }, + "ap-southeast-2": { + "credentialScope": { + "region": "ap-southeast-2" + }, + "hostname": "grafana.ap-southeast-2.amazonaws.com" + }, + "eu-central-1": { + "credentialScope": { + "region": "eu-central-1" + }, + "hostname": "grafana.eu-central-1.amazonaws.com" + }, + "eu-west-1": { + "credentialScope": { + "region": "eu-west-1" + }, + "hostname": "grafana.eu-west-1.amazonaws.com" + }, + "eu-west-2": { + "credentialScope": { + "region": "eu-west-2" + }, + "hostname": "grafana.eu-west-2.amazonaws.com" + }, + "us-east-1": { + "credentialScope": { + "region": "us-east-1" + }, + "hostname": "grafana.us-east-1.amazonaws.com" + }, + "us-east-2": { + "credentialScope": { + "region": "us-east-2" + }, + "hostname": "grafana.us-east-2.amazonaws.com" + }, + "us-west-2": { + "credentialScope": { + "region": "us-west-2" + }, + "hostname": "grafana.us-west-2.amazonaws.com" + } + } + }, "greengrass": { "defaults": { "protocols": ["https"] @@ -3876,6 +3963,7 @@ "endpoints": { "ap-northeast-1": {}, "ap-northeast-2": {}, + "ap-south-1": {}, "ap-southeast-1": {}, "ap-southeast-2": {}, "eu-central-1": {}, @@ -3900,6 +3988,12 @@ }, "hostname": "data.iotevents.ap-northeast-2.amazonaws.com" }, + "ap-south-1": { + "credentialScope": { + "region": "ap-south-1" + }, + "hostname": "data.iotevents.ap-south-1.amazonaws.com" + }, "ap-southeast-1": { "credentialScope": { "region": "ap-southeast-1" @@ -4101,6 +4195,35 @@ "us-west-2": {} } }, + "kendra": { + "endpoints": { + "ap-southeast-1": {}, + "ap-southeast-2": {}, + "ca-central-1": {}, + "eu-west-1": {}, + "fips-us-east-1": { + "credentialScope": { + "region": "us-east-1" + }, + "hostname": "kendra-fips.us-east-1.amazonaws.com" + }, + "fips-us-east-2": { + "credentialScope": { + "region": "us-east-2" + }, + "hostname": "kendra-fips.us-east-2.amazonaws.com" + }, + "fips-us-west-2": { + "credentialScope": { + "region": "us-west-2" + }, + "hostname": "kendra-fips.us-west-2.amazonaws.com" + }, + "us-east-1": {}, + "us-east-2": {}, + "us-west-2": {} + } + }, "kinesis": { "endpoints": { "af-south-1": {}, @@ -5139,6 +5262,12 @@ }, "hostname": "oidc.eu-west-3.amazonaws.com" }, + "sa-east-1": { + "credentialScope": { + "region": "sa-east-1" + }, + "hostname": "oidc.sa-east-1.amazonaws.com" + }, "us-east-1": { "credentialScope": { "region": "us-east-1" @@ -8122,6 +8251,12 @@ "cn-northwest-1": {} } }, + "databrew": { + "endpoints": { + "cn-north-1": {}, + "cn-northwest-1": {} + } + }, "dax": { "endpoints": { "cn-north-1": {}, @@ -9283,6 +9418,11 @@ "us-gov-west-1": {} } }, + "databrew": { + "endpoints": { + "us-gov-west-1": {} + } + }, "datasync": { "endpoints": { "fips-us-gov-east-1": {